Prosím o kopntrolu logu Vyřešeno

[Petr Kali]

A ještě přidávám čerstvý HjT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:22:41, on 22.10.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16819)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\SOFT\SOFT2\Diagnostické programy\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AudioHub Www Access Connector (AudioHubWwwAccessConnector) - MEDIAN s.r.o. - C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnector.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.EXE
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 8758 bytes

[Reklama]

[jerabina]

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

[Petr Kali]

# DelFix v1.013 - Logfile created 22/10/2016 at 23:19:26
# Updated 17/04/2016 by Xplode
# Username : doma - DOMA-PC
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2016-10-22-110404.log
Deleted : C:\Users\doma\Desktop\AdwCleaner.exe
Deleted : C:\Users\doma\Desktop\ComboFix.exe
Deleted : C:\Users\doma\Desktop\JRT.exe
Deleted : C:\Users\doma\Desktop\JRT.txt
Deleted : C:\Users\doma\Desktop\hijackthis.log
Deleted : C:\Users\doma\Desktop\RogueKiller.exe
Deleted : C:\Users\doma\Desktop\zoek.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Cleaning system restore ...

Deleted : RP #5542 [Odebrání jazykové sady | 10/05/2016 02:11:54]
Deleted : RP #5543 [Odebrání jazykové sady | 10/06/2016 01:47:49]
Deleted : RP #5544 [Odebrání jazykové sady | 10/07/2016 01:39:39]
Deleted : RP #5545 [Odebrání jazykové sady | 10/08/2016 02:33:42]
Deleted : RP #5546 [Odebrání jazykové sady | 10/09/2016 05:01:49]
Deleted : RP #5547 [Odebrání jazykové sady | 10/10/2016 03:22:30]
Deleted : RP #5548 [Odebrání jazykové sady | 10/11/2016 01:41:20]
Deleted : RP #5549 [Odebrání jazykové sady | 10/12/2016 02:11:24]
Deleted : RP #5550 [Odebrání jazykové sady | 10/13/2016 01:40:23]
Deleted : RP #5551 [Odebrání jazykové sady | 10/14/2016 01:52:51]
Deleted : RP #5552 [Odebrání jazykové sady | 10/15/2016 06:36:59]
Deleted : RP #5553 [Odebrání jazykové sady | 10/16/2016 04:40:50]
Deleted : RP #5554 [Odebrání jazykové sady | 10/16/2016 13:36:04]
Deleted : RP #5556 [Driver Booster : Realtek High Definition Audio | 10/16/2016 15:18:06]
Deleted : RP #5557 [Instalace balíčku ovladače zařízení: Realtek Semiconductor Corp. Řadiče zvuku, videa a her | 10/16/2016 15:25:19]
Deleted : RP #5558 [Odebrání jazykové sady | 10/16/2016 15:49:45]
Deleted : RP #5559 [ASU_MSI_TRAN | 10/17/2016 19:51:11]
Deleted : RP #5560 [Odebrání jazykové sady | 10/18/2016 03:57:00]
Deleted : RP #5561 [Odebrání jazykové sady | 10/18/2016 10:08:50]
Deleted : RP #5562 [Installed Sophos Virus Removal Tool. | 10/18/2016 11:41:06]
Deleted : RP #5563 [Odebrání jazykové sady | 10/18/2016 16:50:38]
Deleted : RP #5564 [Odebrání jazykové sady | 10/19/2016 01:37:03]
Deleted : RP #5565 [Odebrání jazykové sady | 10/19/2016 11:29:11]
Deleted : RP #5566 [Odebrání jazykové sady | 10/20/2016 02:07:02]
Deleted : RP #5568 [Revo Uninstaller's restore point - IObit Uninstaller | 10/20/2016 05:48:27]
Deleted : RP #5570 [Revo Uninstaller's restore point - Smart Defrag 5 | 10/20/2016 05:55:45]
Deleted : RP #5572 [Revo Uninstaller's restore point - Advanced SystemCare 9 | 10/20/2016 06:02:03]
Deleted : RP #5574 [Revo Uninstaller's restore point - IObit Uninstaller | 10/20/2016 06:07:27]
Deleted : RP #5575 [Odebrání jazykové sady | 10/21/2016 02:08:18]
Deleted : RP #5576 [Odebrání jazykové sady | 10/21/2016 10:18:26]
Deleted : RP #5577 [ASU_MSI_TRAN | 10/21/2016 16:32:22]
Deleted : RP #5578 [Odebrání jazykové sady | 10/22/2016 01:58:35]
Deleted : RP #5579 [JRT Pre-Junkware Removal | 10/22/2016 06:41:25]
Deleted : RP #5580 [zoek.exe restore point | 10/22/2016 10:28:31]
Deleted : RP #5581 [Odebrání jazykové sady | 10/22/2016 14:32:11]
Deleted : RP #5582 [Odebrání jazykové sady | 10/22/2016 15:25:12]

New restore point created !

########## - EOF - ##########

Firefox se na videu seká, celkově se taky zadrhává(neodpovídá), na stránách Čt v achivu jde jenom zvuk a přehrávač je černý.Prostě nejdou pořádně žádná videa.

[jaro3]

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Petr Kali]

Po projetí Zemana AntiMalware Free- nic nenašel
Tady je log s combofix:
ComboFix 16-10-23.01 - doma 24.10.2016 19:18:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1414 [GMT 2:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-09-24 do 2016-10-24 )))))))))))))))))))))))))))))))
.
.
2016-10-24 17:31 . 2016-10-24 17:31 -------- d-----w- c:\users\doma\AppData\Local\temp
2016-10-24 17:31 . 2016-10-24 17:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-10-24 17:31 . 2016-10-24 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-10-23 17:58 . 2016-10-23 17:58 -------- d-----w- c:\users\doma\AppData\Local\Mozilla
2016-10-23 17:58 . 2016-10-23 17:58 -------- d-----w- c:\program files\Mozilla Maintenance Service
2016-10-23 17:51 . 2016-10-23 17:50 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-10-23 17:47 . 2016-10-23 17:47 -------- d-----w- c:\users\doma\AppData\Roaming\AVAST Software
2016-10-23 14:09 . 2016-10-23 14:09 -------- d-----w- C:\da092e08fd7e1e9490a924
2016-10-23 14:08 . 2016-10-23 14:08 66688 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2016-10-23 14:08 . 2016-10-23 14:08 184592 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2016-10-23 14:08 . 2016-10-23 14:09 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-10-23 14:08 . 2016-10-23 14:09 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-10-23 14:08 . 2016-10-23 14:08 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-10-23 14:08 . 2016-10-23 14:08 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-10-23 14:08 . 2016-10-23 14:08 64272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2016-10-23 14:08 . 2016-10-23 14:08 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-10-23 14:08 . 2016-10-23 14:09 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-10-23 14:08 . 2016-10-23 14:07 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-10-23 14:07 . 2016-10-23 14:07 53208 ----a-w- c:\windows\avastSS.scr
2016-10-23 14:04 . 2016-10-23 17:50 -------- d-----w- c:\program files\AVAST Software
2016-10-22 19:37 . 2016-10-22 19:37 -------- d-----w- c:\users\doma\dwhelper
2016-10-22 15:10 . 2016-10-22 15:10 -------- d-----w- c:\users\doma\AppData\Roaming\ProductData
2016-10-22 15:06 . 2016-10-22 14:29 24064 ----a-w- c:\windows\zoek-delete.exe
2016-10-22 14:15 . 2016-10-22 14:15 -------- d-----w- c:\programdata\Validity
2016-10-20 05:38 . 2016-10-20 05:38 -------- d-----w- c:\program files\VS Revo Group
2016-10-18 18:48 . 2016-10-18 18:48 -------- d--h--w- c:\windows\PIF
2016-10-18 11:43 . 2016-10-18 11:43 -------- d-----w- c:\programdata\Sophos
2016-10-18 11:42 . 2016-10-18 11:42 -------- d-----w- c:\program files\Sophos
2016-10-18 10:11 . 2016-10-18 10:11 181496 ----a-w- c:\windows\system32\drivers\zam32.sys
2016-10-18 10:11 . 2016-10-18 10:11 181496 ----a-w- c:\windows\system32\drivers\zamguard32.sys
2016-10-18 10:10 . 2016-10-18 10:11 -------- d-----w- c:\program files\Zemana AntiMalware
2016-10-18 10:10 . 2016-10-18 10:10 -------- d-----w- c:\users\doma\AppData\Local\Zemana
2016-10-17 20:02 . 2016-10-17 20:02 -------- d-----w- c:\program files\Common Files\Skype
2016-10-16 15:52 . 2016-10-21 09:10 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-10-16 15:52 . 2016-03-10 12:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-10-16 15:52 . 2016-03-10 12:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-10-16 15:52 . 2016-03-10 12:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-10-16 15:52 . 2016-10-16 15:52 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-10-16 15:52 . 2016-10-16 15:52 -------- d-----w- c:\programdata\Malwarebytes
2016-09-27 11:38 . 2016-09-27 11:48 -------- d-----w- c:\users\doma\AppData\Roaming\Scribus
2016-09-27 11:35 . 2016-09-27 11:37 -------- d-----w- c:\program files\Scribus 1.4.5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-22 19:53 . 2015-01-21 20:25 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-10-22 09:12 . 2015-03-02 14:08 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-10-16 15:23 . 2013-12-13 10:10 22168 ----a-w- c:\windows\system32\RtkCoLDR.dll
2016-10-14 06:02 . 2012-09-14 09:33 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-10-14 06:02 . 2012-07-22 13:31 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-09-07 16:53 . 2016-09-14 09:54 367616 ----a-w- c:\windows\system32\html.iec
2016-09-07 16:51 . 2016-09-14 09:54 1831424 ----a-w- c:\windows\system32\jscript9.dll
2016-09-07 16:51 . 2016-09-14 09:54 1436160 ----a-w- c:\windows\system32\inetcpl.cpl
2016-09-07 16:51 . 2016-09-14 09:54 1089024 ----a-w- c:\windows\system32\wininet.dll
2016-09-07 16:51 . 2016-09-14 09:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2016-09-07 16:50 . 2016-09-14 09:54 420352 ----a-w- c:\windows\system32\vbscript.dll
2016-09-07 16:50 . 2016-09-14 09:54 11776 ----a-w- c:\windows\system32\mshta.exe
2016-09-07 16:50 . 2016-09-14 09:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2016-08-30 20:13 . 2016-08-30 20:13 10718264 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-08-30 20:13 . 2016-08-30 20:13 16128768 ----a-w- c:\windows\system32\nvwgf2um.dll
2016-08-30 20:13 . 2016-08-30 20:13 24207296 ----a-w- c:\windows\system32\nvoglv32.dll
2016-08-30 20:13 . 2016-08-30 20:13 3994560 ----a-w- c:\windows\system32\nvcuvid.dll
2016-08-30 20:13 . 2009-10-03 04:02 14497760 ----a-w- c:\windows\system32\nvd3dum.dll
2016-08-30 20:13 . 2016-08-30 20:13 11209192 ----a-w- c:\windows\system32\nvcuda.dll
2016-08-30 20:13 . 2009-10-03 04:02 2825016 ----a-w- c:\windows\system32\nvapi.dll
2016-08-30 20:08 . 2016-08-30 20:08 127096 ----a-w- c:\windows\system32\RTNUninst32.dll
2016-08-30 20:08 . 2016-08-30 20:08 103064 ----a-w- c:\windows\system32\RtNicProp32.dll
2016-08-30 20:08 . 2016-08-30 20:08 603928 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2016-08-30 19:57 . 2016-08-30 19:57 912248 ----a-w- c:\windows\system32\nvdispgenco3234195.dll
2016-08-30 19:57 . 2016-08-30 19:57 1060400 ----a-w- c:\windows\system32\nvdispco3234195.dll
2016-08-30 19:57 . 2016-08-30 19:57 11272240 ----a-w- c:\windows\system32\nvopencl.dll
2016-08-30 19:57 . 2016-08-30 19:57 15302712 ----a-w- c:\windows\system32\nvcompiler.dll
2016-08-30 18:55 . 2013-09-20 14:47 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2016-08-01 18:06 . 2016-08-01 18:06 875712 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-08-01 18:06 . 2016-08-01 18:06 536768 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2016-08-01 18:06 . 2016-08-01 18:06 28352 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-08-01 18:06 . 2016-08-01 18:06 18088 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-08-01 18:06 . 2016-08-01 18:06 18088 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-08-01 18:06 . 2016-08-01 18:06 18088 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-10-23 14:07 832488 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 1466368]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2016-10-16 14737664]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-10-23 9083840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Url Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Url Monitor.lnk
backup=c:\windows\pss\Url Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2016-08-26 19:23 6868696 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2016-06-21 10:44 1010144 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
2008-12-10 17:56 842816 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series TrayAgent]
2014-03-04 15:41 2917168 ----a-w- c:\program files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WwwAccessConnectorUrlMonitor]
2015-09-29 12:11 259584 ----a-w- c:\program files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3810265174-1972376959-2373567011-1000]
"EnableNotificationsRef"=dword:00000003
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2000-01-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 06:02]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\x7t2a4jm.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-10-24 19:31
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(792)
c:\windows\system32\DPPWDFLT.dll
.
Celkový čas: 2016-10-24 19:36:32
ComboFix-quarantined-files.txt 2016-10-24 17:36
.
Před spuštěním: Volných bajtů: 77 467 287 552
Po spuštění: Volných bajtů: 77 428 850 688
.
- - End Of File - - F6BC96D8AECC6765A093C29100D80CFF
5C86ADEC17B739C437E145E3B3FC2E6D

[jerabina]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zeptám se tě, projevují se dané problémy i na jiných prohlížečích(Chrome, Internet Explorer...)?

[Petr Kali]

Asi jsem blbej, ale nemůžu najít na start "spustit".

[jaro3]

to je to okénko vlevo dole.

[Petr Kali]

jaro3 děkuji.
Jinak problém se nevyřešíl. Na MF se videa trhají(jde zvuk ale obraz stojí) a vůbec celý prohlížeč se zasekává, jak při přepínání oken tak pří načítání obsahu. Proste jako zpomalený film. Na IE mi nejde načíst Seznam, google(ostatní záložky jdou), videa na archivu ČT jdou, ale na MF jde jen zvuk a video je černé. Chtěl jsem si nainstalovat prohlížeč Seznam, ale pri instalaci mi vyskočí hláška(při načítaní licenční sml.)"nejste připojeni k internetu", tak nevim kde může být problém.Jenom poznámka, noťas je čístý(po projetí MAM) .

[Orcus]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu, pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Petr Kali]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-10-2016
Ran by doma (28-10-2016 08:49:00)
Running from C:\Users\doma\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-05-22 01:07:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3810265174-1972376959-2373567011-500 - Administrator - Disabled)
doma (S-1-5-21-3810265174-1972376959-2373567011-1000 - Administrator - Enabled) => C:\Users\doma
Guest (S-1-5-21-3810265174-1972376959-2373567011-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 2.1.0 - Hewlett-Packard) Hidden
602XML Filler rozšíření pro Mozilla Firefox (HKLM\...\{5D2CF7AE-1EAA-4447-AF85-04CCEC8CD486}) (Version: 1.18 - Software602 a.s.)
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AIO_Scan (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Amazon 1Button App (Version: 1.0.4 - Amazon) Hidden <==== ATTENTION
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AudioHUBWwwAccessConnector 1.0.0.2034 (HKLM\...\AudioHUBWwwAccessConnector) (Version: 1.0.0.2034 - MEDIAN s.r.o.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Balíček ovladače systému Windows - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
C5200 (Version: 100.0.206.000 - Název společnosti:) Hidden
C5200_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CoreAAC Audio Decoder (remove only) (HKLM\...\CoreAAC Audio Decoder) (Version: - )
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2326 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.0 (HKLM\...\{9DCD625E-B0C1-47EA-B905-6108279623F8}) (Version: 4.00.3733 - DigitalPersona, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.68 - DivX, LLC)
DJUCED 18° (HKLM\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.91 - Guillemot)
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
easyFly 4 Starter Edition (HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\{09696666-CB70-4056-A504-D916D92933E2}) (Version: 4.0.1.3 - IPACS)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 100.0.187.000 - Hewlett-Packard) Hidden
ffdshow [rev 3299] [2010-03-03] (HKLM\...\ffdshow_is1) (Version: 1.0.0.3299 - )
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Hercules DJ Products Series drivers (HKLM\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 1.HDJS.2014 - Hercules)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.1.2328 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0 - CyberLink Corp.)
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.1.2425 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A7AC8E69-01FF-494E-9A2C-423B82CEA604}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.1.1219 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.1.1124 - Hewlett-Packard)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (HKLM\...\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}) (Version: 10.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Product Detection (HKLM\...\{AF5D2519-C6B4-4AFD-9A8D-FBF74DD4F0A0}) (Version: 11.15.0004 - HP)
HP Quick Launch Buttons 6.40 L1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 L1 - Hewlett-Packard)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Total Care Setup (HKLM\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM\...\{47F36D92-E58E-456D-B73C-3382737E4C42}) (Version: 4.000.013.003 - Hewlett-Packard)
HP User Guides 0126 (HKLM\...\{36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}) (Version: 1.04.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.1.0 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HWiNFO32 Version 4.24 (HKLM\...\HWiNFO32_is1) (Version: 4.24 - Martin Malík - REALiX)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.109 - InterVideo Inc.)
InterVideo WinDVD 8 (Version: 8.0-B6.109 - InterVideo Inc.) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jízdní řád ČD 2009/2010 (HKLM\...\{2FFA4F8E-8D11-4A0C-9C58-4BD03B51DDDA}_is1) (Version: - České dráhy a.s.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.22.05 - JMicron Technology Corp.)
LightScribe System Software 1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Magic Bullet Looks Studio (HKLM\...\Magic Bullet Looks Studio) (Version: - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.05 - Motorola Inc)
Mozilla Firefox 49.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 49.0.2 (x86 cs)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
MyHeritage Family Tree Builder (HKLM\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Ovládací panel NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
PanoStandAlone (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Pinnacle Studio 12 (HKLM\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Team V.R)
Pinnacle Studio 12 Ultimate Plugins (HKLM\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
Playlist Creator 3 (HKLM\...\Playlist Creator 3) (Version: 3.0.3 - oddgravity)
ProtectSmart Hard Drive Protection (HKLM\...\{85155187-3BEF-47B4-A662-346FEABF67A6}) (Version: 3.10 A7 - Hewlett-Packard)
PS_AIO_02_ProductContext (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7801 - Realtek Semiconductor Corp.)
Registry Repair 4.1.0.388 (HKLM\...\Registry Repair) (Version: 4.1.0.388 - Glarysoft Ltd)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
SafeZone Stable 1.48.2066.120 (Version: 1.48.2066.120 - Avast Software) Hidden
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Scribus 1.4.5 (HKLM\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{C96ED8FC-B673-4FE6-8AE5-69B4B83C7193}) (Version: 14.01.1000 - Intel Corporation)
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validity Sensors DDK (HKLM\...\{1DB2B0CF-6481-45C0-B8C9-5035931D59AE}) (Version: 4.3.33.0 - Validity Sensors, Inc.)
Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.109 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
WhoCrashed 4.02 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Essentials Media Codec Pack 1.0 (HKLM\...\Windows Essentials Media Codec Pack) (Version: 1.0 - Media Codec)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.133 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {1605295D-BCF6-43E0-9EB7-A2F958ACC00A} - System32\Tasks\{61BACF87-F576-4CFD-B22B-C09BCDD2584F} => pcalua.exe -a "C:\Program Files\Pinnacle\Studio 12\Pinnacle.pixie.activation.exe" -d "C:\Program Files\Pinnacle\Studio 12"
Task: {176D10F9-F824-4CDD-B26F-38AAED48A846} - System32\Tasks\{3FC1BAE6-4508-4370-9A09-E7B87C6E10EA} => pcalua.exe -a "c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe"
Task: {187B46A7-3FFE-43DE-8013-565413F3069E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {250A78D8-2E32-42FA-9B53-E2FAA2CCAE0A} - System32\Tasks\{A0BF921C-AA35-4533-B540-3E3E07025170} => pcalua.exe -a C:\Users\doma\Desktop\sp58915.exe -d C:\Users\doma\Desktop
Task: {2AC67638-67EB-4653-BB97-1739521588C1} - System32\Tasks\{02F2B51E-547D-4492-86C9-43F37FDDD923} => pcalua.exe -a C:\Users\doma\Desktop\rooarr554.exe -d C:\Users\doma\Desktop
Task: {47776C4C-9014-4422-AC60-0BAFEBFBB576} - \Microsoft\Windows\Multimedia\SMupdate3 -> No File <==== ATTENTION
Task: {4FC1910F-43EF-46FE-A193-7DCC88587A4B} - System32\Tasks\{E22A5868-8630-44C2-B72B-798DBA29D401} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/a ... age=tsMain
Task: {538B71EB-2D5A-48A2-BA7E-91C0B55187B6} - \Microsoft\Windows\Maintenance\SMupdate2 -> No File <==== ATTENTION
Task: {54E9FCA1-B36A-42A7-9A5B-F61492D0B72D} - System32\Tasks\{FEFBD65C-351B-4516-B73F-31A75077FD2B} => pcalua.exe -a "C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\hercInstallHelper.exe" -d "C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers"
Task: {5C04E192-31E5-4B11-885B-3D7430CDF959} - System32\Tasks\{2C3F13E9-91F6-4C66-8D66-4C37D51BDC0E} => pcalua.exe -a C:\Users\doma\Desktop\SUPERAntiSpyware4201046cz\SUPERAntiSpyware_4.20.1046_cz.exe -d C:\Users\doma\Desktop\SUPERAntiSpyware4201046cz
Task: {6094DA0F-D580-4265-ABE9-B416A61486A8} - \Driver Booster SkipUAC (doma) -> No File <==== ATTENTION
Task: {6A1C8A1C-561F-4E7A-AFE8-F0A37C96A73D} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {6AC318E5-8D72-4164-AF15-C130C00FFF55} - System32\Tasks\{43C6702C-68D6-46B1-A0C1-779FE096734F} => pcalua.exe -a C:\Users\doma\Desktop\winamp5623161\winamp5623161.exe -d C:\Users\doma\Desktop\winamp5623161
Task: {6F0B30DB-68FA-46BE-8FF6-0D4E5AF803F3} - System32\Tasks\Microsoft\Windows\RestartManager\{EC11240B-97A4-484b-9DE2-7FAC890FACE0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {7F2E5464-55C1-4CEB-AE66-17A37BD81E08} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-10-23] (AVAST Software)
Task: {832CCCD3-67DF-4746-A5E3-23B2CFA580E6} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {8AF85E7B-80F7-4234-A074-D04A250994CE} - System32\Tasks\{5F1199C8-9798-4A97-ABCF-701495596CEA} => pcalua.exe -a C:\Users\doma\Desktop\SetupIDEA_10NG66_CZ_FULL.exe -d C:\Users\doma\Desktop
Task: {974D9091-DE16-40E8-9008-DA009EB55361} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9C81567B-8F7B-473B-A7A6-D14241E9B623} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {A10D5941-FFD2-44D0-A2DC-56D1925B545D} - System32\Tasks\SafeZone scheduled Autoupdate 1477245129 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-12] (Avast Software)
Task: {A1A82835-01AF-4226-97D8-AF6BCF0D2846} - System32\Tasks\{034B29A5-C375-4BFB-8A6E-AB68946F22EE} => pcalua.exe -a C:\Windows\system32\ISUSPM.cpl -c Program Updates
Task: {A261594D-69A0-470E-923A-3B3282090AF5} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {ABF7F9C0-5259-44F6-ADF2-E5512394CBBF} - System32\Tasks\{9E0D0F3E-0F78-40D7-8812-9A76091AFE1C} => pcalua.exe -a "C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c @0,0x63737064
Task: {BA2EB9F6-A934-43E1-8660-8BC33A3D4081} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-14] (Adobe Systems Incorporated)
Task: {BC609FCC-39C5-4085-9217-9A2CC3BD089B} - System32\Tasks\{3F512DC7-BEA4-4F3A-862B-EB39127C28B9} => pcalua.exe -a "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma
Task: {D00987D8-8302-46D8-9B13-1502127CC351} - System32\Tasks\{916263BB-9961-4EBC-9E62-D62140150B7F} => pcalua.exe -a C:\Users\doma\Desktop\bi_1_2_0_18\BatteryInfoSetup.exe -d C:\Users\doma\Desktop\bi_1_2_0_18
Task: {D53BF144-C674-40D8-AA3D-7A9695200A08} - System32\Tasks\{6995CDF9-BEA2-47EC-A4B9-7FF166524FA2} => pcalua.exe -a E:\SETUP.EXE -d E:\ -c /AUTORUN
Task: {DF9A677E-C7FC-4AC0-9240-BA3C8DEFA1CE} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {E2C4F7B0-A4C8-4818-A23D-8AA2592229C0} - System32\Tasks\{E7E8581B-23BA-4D2D-94E8-A584E0D0EDBA} => pcalua.exe -a C:\Users\doma\Desktop\CdCoverCreator\CdCoverCreator-Setup-2.4.exe -d C:\Users\doma\Desktop\CdCoverCreator
Task: {F30A5D97-A34B-4B01-A351-1357AC226F09} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-06-03] (DivX, LLC)
Task: {F4FDBA53-6ADB-4114-9A74-A52BC5D99DD7} - System32\Tasks\{9825DD8E-28DE-4C5E-8734-9F9ADBEA6CEC} => C:\Program Files\Skype\Phone\Skype.exe [2016-10-17] (Skype Technologies S.A.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-23 16:07 - 2016-10-23 16:07 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-28 08:28 - 2016-10-28 08:28 - 03125136 _____ () C:\Program Files\AVAST Software\Avast\defs\16102702\algo.dll
2016-10-23 16:07 - 2016-10-23 16:07 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-03-21 21:45 - 2008-12-17 17:11 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2009-03-21 21:45 - 2008-12-17 17:11 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2016-10-18 12:11 - 2016-10-18 12:11 - 00129392 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2008-12-25 13:41 - 2008-12-25 13:41 - 00881960 ____N () C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2016-10-23 16:08 - 2016-10-23 16:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-07-01 15:44 - 2009-07-01 15:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\1-se.com -> 1-se.com

There are 11401 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2016-10-22 22:58 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img18.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: HerculesDJControlMP3 => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Url Monitor.lnk => C:\Windows\pss\Url Monitor.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DpAgent => C:\Program Files\DigitalPersona\Bin\dpagent.exe
MSCONFIG\startupreg: Hercules DJ Series TrayAgent => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe /boot
MSCONFIG\startupreg: MsnMsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: WwwAccessConnectorUrlMonitor => C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{5C701854-BACA-4FE9-9284-7C8D08D8AC7F}] => (Allow) C:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{65D643CD-1418-4D85-BCD9-C94710E5D797}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{E97B1098-415C-4AD6-B0B2-A6BD34138A77}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{1FF6C643-15CE-48F0-84A3-A2E0C9AAEDE9}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{E4D2F26A-C1E0-4842-A7D7-DC7754465D74}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{970B3143-E888-44F7-A539-261C742E3831}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{6923D50B-281C-47D4-8481-ACE13D38E1E7}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2D27FB0D-24B6-408D-912B-F7EBA9C7247E}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9C83C7EE-6420-4124-9080-E277797B88E9}] => (Allow) svchost.exe
FirewallRules: [{58DBEEB5-AE07-49A9-AD02-FCA8A37AC3D8}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C81368B4-9D11-4352-BF49-7B1B1B4D036B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{F5FE521B-F3B4-48A7-B842-DDBE6C304959}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{BE5E4B8F-9077-4AE9-974B-9679DE2EE24B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1B924719-5D91-450A-861F-674069FDFAA6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D6EDF44A-7D21-4C79-AB93-C0156F65156A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{6D89D62A-A124-4A4A-B78D-634ED2622158}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{563B2931-B5BF-4B3B-BEB2-49EDB9E9BC9F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D214AC63-0B7E-4B82-AAA5-48EFF9A13A2F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{2FF584FE-235E-42BA-88E6-E20C1303A2CA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{62B7CC08-66F3-42C1-8487-D6A5335B6C03}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{FCFB566D-A6B7-42E2-960B-B5B70C5BB9BC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{2A44436E-EF75-4331-AC1C-3A4D43D3D8B2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{35898686-AB6F-41D0-A44D-2EC5BB64D7F2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{9682A0E9-4430-474A-A96C-BA772881F4E6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{914D3D7A-3A97-4AF5-96A4-D08D821179DE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{054F32F3-BE91-4CC9-B1F6-97A3644F890D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1122F11E-631D-4BA3-BEEA-DD5F0D440825}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{66189AD7-1ED5-40B7-BE4F-BE18725697A2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [TCP Query User{C584DCCD-5446-4EE9-B77B-4C18439B1AB3}C:\program files\intervideo\dvd8\windvd.exe] => (Allow) C:\program files\intervideo\dvd8\windvd.exe
FirewallRules: [UDP Query User{8CB1141C-4888-4BC7-8A63-00E1655F5EAC}C:\program files\intervideo\dvd8\windvd.exe] => (Allow) C:\program files\intervideo\dvd8\windvd.exe
FirewallRules: [TCP Query User{86A19E93-9A31-4E75-8644-9DD9BC3E14A6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7AD9A6AD-EBE4-4C29-AF55-546441A3207D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A995FBC1-D3B2-40EE-8BAC-EFC33881E070}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C7F143A6-9A00-4594-86B3-74DB9E52D236}] => (Allow) LPort=2869
FirewallRules: [{EF0B2697-3B0E-4B58-AE45-EC6F8E91F28A}] => (Allow) LPort=1900
FirewallRules: [{21A4A31E-7F3A-4906-8CB8-1CE7B7B3388B}] => (Allow) LPort=80
FirewallRules: [{43EB37C2-55C0-4138-AE3D-4AE35CD8A478}] => (Allow) LPort=80
FirewallRules: [{10EB54F6-BE4B-4120-BF3C-52567211440D}] => (Allow) LPort=80
FirewallRules: [{A493C2ED-F481-42C5-8C02-8D54F6F0314B}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{F30941BB-E2C5-4AEA-880B-59694E112A37}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{57297DAE-C865-4FEA-8E6E-0E9C7E26AE95}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{19D65CB3-C6EB-4951-98BB-0E2C04DAE43D}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{0DE9C29C-5B8C-43A4-B230-75EE99B42A51}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{EBF6ADD8-3C5C-4F0D-AE84-BA45005F15E2}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [TCP Query User{40B64E07-3C03-4A5C-AD12-9CE63E6DC142}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{C6F273CD-BC36-4E96-934B-1B64B16BBC4A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{DFBB1F3E-5C19-47C0-B449-9CDB58F96EB8}C:\program files\pinnacle\studio 12\programs\studio.exe] => (Allow) C:\program files\pinnacle\studio 12\programs\studio.exe
FirewallRules: [UDP Query User{9DA6D7F2-E028-478B-B9B1-E531E437A8EE}C:\program files\pinnacle\studio 12\programs\studio.exe] => (Allow) C:\program files\pinnacle\studio 12\programs\studio.exe
FirewallRules: [TCP Query User{DDFC591C-BFD1-480A-B129-627EE660B9D8}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{CEF4C6DD-A89C-4E02-AEE6-A47DB3B60A11}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [{82AF32B7-81DE-456F-9DF3-E5B909D71B92}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{3D6AACE6-F10B-4E09-BFBA-06D29EAB5F0E}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{8CCE11F8-9A70-4279-8D83-DCAD4CE653CB}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [UDP Query User{D61DABCE-CCCE-4151-A398-27046ED6FA70}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{0481915D-4ACA-4B9B-9AAC-ED619E550FF2}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [UDP Query User{A5D6FE04-06CD-486C-9410-3D9493315783}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe
FirewallRules: [TCP Query User{E678EDFD-4061-45D5-A013-12E3DD53B0AB}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{0D9DD220-3FA3-4B7F-A9E5-95BD9534E2FA}C:\program files\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{2A9E38D1-D926-4CBA-9B9F-CE2C40E349F5}C:\program files\intervideo\dvd8\windvd.exe] => (Allow) C:\program files\intervideo\dvd8\windvd.exe
FirewallRules: [UDP Query User{5653C34E-F75D-48CA-8829-A3BDC0FA9305}C:\program files\intervideo\dvd8\windvd.exe] => (Allow) C:\program files\intervideo\dvd8\windvd.exe
FirewallRules: [{2ACF2D33-96DF-4395-BA2A-57A9091339D8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4720C13B-19E6-4234-ABDE-296F6E9F5C8C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

23-10-2016 16:03:20 Odebrání jazykové sady
23-10-2016 20:05:02 Odebrání jazykové sady
24-10-2016 07:08:29 Odebrání jazykové sady
25-10-2016 03:48:18 Odebrání jazykové sady
25-10-2016 12:47:31 Odebrání jazykové sady
25-10-2016 22:40:53 Odebrání jazykové sady
26-10-2016 04:11:04 Odebrání jazykové sady
27-10-2016 03:36:48 Odebrání jazykové sady
28-10-2016 08:44:21 Odebrání jazykové sady

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/28/2016 08:35:18 AM) (Source: MsiInstaller) (EventID: 11706) (User: doma-PC)
Description: Produkt: WinDVD - Chyba 1706. Instalační balíček pro produkt WinDVD nebyl nalezen. Spusťte instalaci znovu pomocí platného instalačního balíčku WinDVD.msi.

Error: (10/28/2016 08:33:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> se nezdařila. Došlo k chybě Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (10/28/2016 08:28:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/27/2016 06:16:02 PM) (Source: MsiInstaller) (EventID: 11706) (User: doma-PC)
Description: Produkt: WinDVD - Chyba 1706. Instalační balíček pro produkt WinDVD nebyl nalezen. Spusťte instalaci znovu pomocí platného instalačního balíčku WinDVD.msi.

Error: (10/27/2016 11:35:03 AM) (Source: MsiInstaller) (EventID: 11706) (User: doma-PC)
Description: Produkt: WinDVD - Chyba 1706. Instalační balíček pro produkt WinDVD nebyl nalezen. Spusťte instalaci znovu pomocí platného instalačního balíčku WinDVD.msi.

Error: (10/27/2016 07:42:34 AM) (Source: MsiInstaller) (EventID: 11706) (User: doma-PC)
Description: Produkt: WinDVD - Chyba 1706. Instalační balíček pro produkt WinDVD nebyl nalezen. Spusťte instalaci znovu pomocí platného instalačního balíčku WinDVD.msi.

Error: (10/27/2016 03:38:15 AM) (Source: MsiInstaller) (EventID: 11706) (User: doma-PC)
Description: Produkt: WinDVD - Chyba 1706. Instalační balíček pro produkt WinDVD nebyl nalezen. Spusťte instalaci znovu pomocí platného instalačního balíčku WinDVD.msi.

Error: (10/27/2016 03:26:13 AM) (Source: MsiInstaller) (EventID: 11706) (User: doma-PC)
Description: Produkt: WinDVD - Chyba 1706. Instalační balíček pro produkt WinDVD nebyl nalezen. Spusťte instalaci znovu pomocí platného instalačního balíčku WinDVD.msi.

Error: (10/27/2016 03:24:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> se nezdařila. Došlo k chybě Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (10/27/2016 03:21:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (10/28/2016 08:46:44 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1003) (User: NT AUTHORITY)
Description: Event-ID 1003

Error: (10/28/2016 08:37:05 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort2.

Error: (10/28/2016 08:37:05 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort2.

Error: (10/28/2016 08:37:05 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort2.

Error: (10/28/2016 08:32:14 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
Description: Nový server médií nebyl inicializován, protože u funkce WMCreateDeviceRegistration() došlo k chybě 0x80070057. Součásti správy práv k digitálním médiím (DRM) služby Windows Media ve vašem počítači mohou být poškozené. Zkontrolujte, zda jsou chráněné soubory přehrávány v programu Windows Media Player správně a restartujte službu WMPNetworkSvc.

Error: (10/28/2016 08:32:13 AM) (Source: WMPNetworkSvc) (EventID: 14344) (User: )
Description: Nový server médií nebyl inicializován, protože u funkce WMCreateDeviceRegistration() došlo k chybě 0x80070057. Součásti správy práv k digitálním médiím (DRM) služby Windows Media ve vašem počítači mohou být poškozené. Zkontrolujte, zda jsou chráněné soubory přehrávány v programu Windows Media Player správně a restartujte službu WMPNetworkSvc.

Error: (10/28/2016 08:31:41 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001

Error: (10/28/2016 08:30:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Avast StreamFilter Driver neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (10/28/2016 08:30:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error: (10/28/2016 08:28:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD FUEL Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


CodeIntegrity:
===================================
Date: 2016-10-28 08:48:50.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:50.412
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:50.119
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:49.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:49.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:48.806
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:48.492
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 08:48:48.172
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-25 14:25:55.992
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-10-25 14:25:55.698
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
Percentage of memory in use: 73%
Total physical RAM: 3069.68 MB
Available physical RAM: 800.63 MB
Total Virtual: 7082.61 MB
Available Virtual: 4691.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:289.43 GB) (Free:66.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:8.66 GB) (Free:1.57 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 0F82505D)
Partition 1: (Active) - (Size=289.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Petr Kali]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2016
Ran by doma (administrator) on DOMA-PC (28-10-2016 08:45:54)
Running from C:\Users\doma\Desktop
Loaded Profiles: doma (Available Profiles: doma)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe
() C:\Program Files\SMINST\BLService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\lpremove.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14737664 2016-10-16] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-23] (AVAST Software)
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Lsa: [Notification Packages] scecli DPPWDFLT
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-10-23] (AVAST Software)
GroupPolicy: Restriction ? <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{793C1BCC-6AF2-4765-9C6A-41E0531CD589}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3810265174-1972376959-2373567011-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3810265174-1972376959-2373567011-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation)
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

FireFox:
========
FF DefaultProfile: x7t2a4jm.default
FF ProfilePath: C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\x7t2a4jm.default [2016-10-28]
FF Homepage: Mozilla\Firefox\Profiles\x7t2a4jm.default -> seznam.cz
FF ProfilePath: C:\Users\doma\AppData\Roaming\Avant Profiles\.default\gecko\Mozilla\Avant\Profiles\g7jlydd8.default [2016-10-22]
FF NewTab: Avant Profiles\.default\gecko\Mozilla\Avant\Profiles\g7jlydd8.default -> about:newtab
FF Homepage: Avant Profiles\.default\gecko\Mozilla\Avant\Profiles\g7jlydd8.default -> about:home
FF NetworkProxy: Avant Profiles\.default\gecko\Mozilla\Avant\Profiles\g7jlydd8.default -> type", 0
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2016-06-22] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-12] (Google)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-22] (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3810265174-1972376959-2373567011-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\doma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path\update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [81920 2000-01-01] (Andrea Electronics Corporation)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
S3 AudioHubWwwAccessConnector; C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnector.exe [182272 2015-09-29] (MEDIAN s.r.o.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-23] (AVAST Software)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2008-12-10] (DigitalPersona, Inc.) [File not signed]
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-01-02] (Macrovision Europe Ltd.) [File not signed]
S3 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.EXE [41472 2014-03-04] (Hercules®) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2008-01-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-01-16] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-17] ()
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [270592 2016-10-16] (Realtek Semiconductor)
S3 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [221266 2000-01-01] (IDT, Inc.)
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2692400 2010-10-07] (Validity Sensors, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [13823216 2016-10-04] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-21] (Microsoft Corporation) [File not signed]
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70784 2000-01-01] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [29824 2000-01-01] (Advanced Micro Devices)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-10-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-10-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-10-23] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-10-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-10-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-10-23] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-10-23] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-10-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-23] (AVAST Software)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [252720 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [275760 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.)
R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-08-30] (REALiX(tm))
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH)
S3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [468736 2007-07-30] (DiBcom)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2010-10-07] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1083880 2009-04-11] (Společnost Microsoft)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [106208 2009-03-25] (MCCI Corporation) [File not signed]
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 s3017bus; C:\Windows\System32\DRIVERS\s3017bus.sys [83880 2007-12-10] (MCCI Corporation)
S3 s3017mdfl; C:\Windows\System32\DRIVERS\s3017mdfl.sys [15016 2007-12-10] (MCCI Corporation)
S3 s3017mdm; C:\Windows\System32\DRIVERS\s3017mdm.sys [110632 2007-12-10] (MCCI Corporation)
S3 s3017mgmt; C:\Windows\System32\DRIVERS\s3017mgmt.sys [104616 2007-12-10] (MCCI Corporation)
S3 s3017nd5; C:\Windows\System32\DRIVERS\s3017nd5.sys [25512 2007-12-10] (MCCI Corporation)
S3 s3017obex; C:\Windows\System32\DRIVERS\s3017obex.sys [100648 2007-12-10] (MCCI Corporation)
S3 s3017unic; C:\Windows\System32\DRIVERS\s3017unic.sys [110120 2007-12-10] (MCCI Corporation)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [14168 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [20056 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18872 2015-03-09] (NETGATE Technologies s.r.o.)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [23600 2005-10-09] (EnTech Taiwan) [File not signed]
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2016-10-18] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2016-10-18] (Zemana Ltd.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [87536 2008-11-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
S3 cpuz134; \??\C:\Users\doma\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 udsstub; system32\DRIVERS\udsstub.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-28 08:45 - 2016-10-28 08:48 - 00019572 _____ C:\Users\doma\Desktop\FRST.txt
2016-10-28 08:45 - 2016-10-28 08:45 - 00000000 ____D C:\FRST
2016-10-28 08:42 - 2016-10-28 08:42 - 01757184 _____ (Farbar) C:\Users\doma\Desktop\FRST.exe
2016-10-24 19:08 - 2016-10-24 19:08 - 05658651 _____ (Swearware) C:\Users\doma\Downloads\ComboFix(1).exe
2016-10-24 19:05 - 2016-10-24 19:06 - 05658651 _____ (Swearware) C:\Users\doma\Downloads\ComboFix.exe
2016-10-23 19:58 - 2016-10-23 19:58 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-23 19:58 - 2016-10-23 19:58 - 00000000 ____D C:\Users\doma\AppData\Local\Mozilla
2016-10-23 19:58 - 2016-10-23 19:58 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-23 19:57 - 2016-10-23 19:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-10-23 19:52 - 2016-10-23 19:52 - 00000856 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-10-23 19:52 - 2016-10-23 19:52 - 00000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-10-23 19:51 - 2016-10-23 19:50 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-23 19:47 - 2016-10-23 19:47 - 00000000 ____D C:\Users\doma\AppData\Roaming\AVAST Software
2016-10-23 16:09 - 2016-10-23 16:09 - 00000000 ____D C:\da092e08fd7e1e9490a924
2016-10-23 16:08 - 2016-10-23 16:09 - 00735488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-23 16:08 - 2016-10-23 16:09 - 00433768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-23 16:08 - 2016-10-23 16:09 - 00224752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-23 16:08 - 2016-10-23 16:08 - 00184592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-10-23 16:08 - 2016-10-23 16:08 - 00092256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-23 16:08 - 2016-10-23 16:08 - 00066688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-10-23 16:08 - 2016-10-23 16:08 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-10-23 16:08 - 2016-10-23 16:08 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-23 16:08 - 2016-10-23 16:08 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-23 16:08 - 2016-10-23 16:07 - 00319760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-23 16:07 - 2016-10-23 16:07 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-10-23 16:04 - 2016-10-23 19:50 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-22 21:37 - 2016-10-22 21:37 - 00000000 ____D C:\Users\doma\dwhelper
2016-10-22 17:10 - 2016-10-22 17:10 - 00000000 ____D C:\Users\doma\AppData\Roaming\ProductData
2016-10-22 17:06 - 2016-10-22 16:29 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-10-22 16:17 - 2016-10-23 15:08 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-10-22 16:15 - 2016-10-22 16:15 - 00000000 ____D C:\ProgramData\Validity
2016-10-20 21:18 - 2016-10-20 21:18 - 00070521 _____ C:\MAM2.txt
2016-10-20 07:38 - 2016-10-20 07:38 - 00000982 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-10-20 07:38 - 2016-10-20 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-20 07:38 - 2016-10-20 07:38 - 00000000 ____D C:\Program Files\VS Revo Group
2016-10-18 20:48 - 2016-10-18 20:48 - 00000000 ___HD C:\Windows\PIF
2016-10-18 13:43 - 2016-10-18 13:43 - 00000000 ____D C:\ProgramData\Sophos
2016-10-18 13:42 - 2016-10-23 10:52 - 00002537 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2016-10-18 13:42 - 2016-10-18 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-10-18 13:42 - 2016-10-18 13:42 - 00000000 ____D C:\Program Files\Sophos
2016-10-18 13:25 - 2016-10-18 13:37 - 155065504 _____ (Sophos Limited) C:\Users\doma\Desktop\Sophos Virus Removal Tool.exe
2016-10-18 12:11 - 2016-10-28 08:47 - 00030006 _____ C:\Windows\ZAM.krnl.trace
2016-10-18 12:11 - 2016-10-28 08:47 - 00018295 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-10-18 12:11 - 2016-10-18 12:11 - 00181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard32.sys
2016-10-18 12:11 - 2016-10-18 12:11 - 00181496 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam32.sys
2016-10-18 12:11 - 2016-10-18 12:11 - 00001687 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-10-18 12:11 - 2016-10-18 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-10-18 12:10 - 2016-10-18 12:11 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2016-10-18 12:10 - 2016-10-18 12:10 - 00000000 ____D C:\Users\doma\AppData\Local\Zemana
2016-10-17 22:02 - 2016-10-17 22:02 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-10-16 17:52 - 2016-10-25 14:11 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-16 17:52 - 2016-10-16 17:52 - 00000859 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-16 17:52 - 2016-10-16 17:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-16 17:52 - 2016-10-16 17:52 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-10-16 17:52 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-16 17:52 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-16 17:52 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-16 17:23 - 2016-10-16 17:23 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2016-10-16 17:23 - 2016-10-16 17:23 - 05672954 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-10-16 17:23 - 2016-10-16 17:23 - 03895040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2016-10-16 17:23 - 2016-10-16 17:23 - 02900736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 02830592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2016-10-16 17:23 - 2016-10-16 17:23 - 02723824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 02433592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 02157304 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 02006784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 01750296 _____ (DTS, Inc.) C:\Windows\system32\slcnt32.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 01518760 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 01074056 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00942104 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00532896 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00401056 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00371816 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00357160 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00307240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00307240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00232752 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00181232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00150560 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00105656 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00101328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00088280 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2016-10-16 17:23 - 2016-10-16 17:23 - 00074384 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2016-10-14 08:11 - 2016-10-14 08:17 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-02 15:40 - 2016-10-02 15:55 - 00000000 ____D C:\Users\doma\Desktop\FT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-28 08:44 - 2016-02-06 15:58 - 00000000 ____D C:\Users\doma\Desktop\Plocha
2016-10-28 08:32 - 2011-05-29 06:07 - 00000178 _____ C:\ProgramData\HPWALog.txt
2016-10-28 08:27 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-28 08:27 - 2006-11-02 14:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-28 08:27 - 2006-11-02 14:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-27 19:52 - 2009-05-22 03:06 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-10-27 19:52 - 2006-11-02 15:01 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-25 22:26 - 2014-02-13 13:45 - 00154552 _____ C:\Users\doma\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-25 22:23 - 2014-02-13 13:39 - 00550760 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-25 22:18 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-10-25 22:12 - 2013-09-21 17:57 - 00000000 ____D C:\Windows\erdnt
2016-10-25 20:18 - 2009-03-22 03:31 - 00657962 _____ C:\Windows\system32\perfh005.dat
2016-10-25 20:18 - 2009-03-22 03:31 - 00142384 _____ C:\Windows\system32\perfc005.dat
2016-10-25 20:18 - 2006-11-02 12:33 - 01559382 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-24 19:32 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2016-10-23 21:05 - 2013-02-15 12:22 - 00000000 ____D C:\KBCertifikat
2016-10-23 19:58 - 2009-08-05 21:21 - 00000000 ____D C:\Users\doma\AppData\Roaming\Mozilla
2016-10-23 19:50 - 2013-09-21 23:28 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-23 17:54 - 2009-08-05 10:58 - 00000909 _____ C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-23 15:13 - 2009-08-05 10:48 - 00000000 ____D C:\Users\doma
2016-10-23 15:10 - 2015-03-04 00:30 - 00000000 ____D C:\Users\doma\AppData\Local\CrashDumps
2016-10-23 15:08 - 2006-11-02 13:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-10-22 23:26 - 2014-02-18 20:58 - 00003978 _____ C:\DelFix.txt
2016-10-22 22:58 - 2013-09-20 16:53 - 00000000 ____D C:\Diagnostické programy
2016-10-22 21:55 - 2015-01-21 22:22 - 00000000 ____D C:\ProgramData\Oracle
2016-10-22 21:53 - 2015-01-21 22:25 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-10-22 21:53 - 2014-10-17 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-22 21:52 - 2014-10-17 11:30 - 00000000 ____D C:\Program Files\Java
2016-10-22 11:12 - 2015-03-02 16:08 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-10-22 11:09 - 2015-03-02 16:08 - 00000000 ____D C:\ProgramData\RogueKiller
2016-10-22 08:47 - 2016-08-30 20:36 - 00000000 ____D C:\Users\doma\AppData\Roaming\IObit
2016-10-22 08:47 - 2016-08-30 20:35 - 00000000 ____D C:\ProgramData\IObit
2016-10-21 18:43 - 2009-08-05 21:33 - 00000000 ____D C:\Users\doma\AppData\Roaming\Skype
2016-10-21 18:34 - 2009-08-05 21:32 - 00000000 ____D C:\ProgramData\Skype
2016-10-17 22:02 - 2009-08-05 21:32 - 00000000 ___RD C:\Program Files\Skype
2016-10-16 17:27 - 2013-12-13 12:12 - 00000000 ____D C:\Windows\system32\RTCOM
2016-10-16 17:23 - 2013-12-13 12:10 - 00022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2016-10-15 08:18 - 2014-03-12 22:56 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-14 18:05 - 2015-10-13 23:15 - 00000000 ____D C:\cfa583d8313f1acb827fec27853aa21d
2016-10-14 08:11 - 2015-05-20 12:21 - 00000000 ____D C:\Users\doma\AppData\Local\Adobe
2016-10-14 08:11 - 2009-08-08 08:58 - 00000000 ____D C:\Program Files\Adobe
2016-10-14 08:11 - 2009-08-05 10:52 - 00000000 ____D C:\ProgramData\Adobe
2016-10-14 08:11 - 2009-08-05 10:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-10-14 08:02 - 2012-09-14 11:33 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-10-14 08:02 - 2012-07-22 15:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-10-14 08:02 - 2009-03-21 20:18 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-13 12:12 - 2009-08-09 10:36 - 00000000 ____D C:\Users\doma\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2012-05-19 17:13 - 2012-05-19 17:13 - 0000604 ____H () C:\Program Files\STLL Notifier
2012-05-20 13:45 - 2012-05-20 13:45 - 0000604 ____H () C:\Program Files\_Z2
2014-02-16 19:26 - 2014-02-16 19:26 - 0000000 _____ () C:\Users\doma\AppData\Local\AtStart.txt
2014-03-17 14:16 - 2014-03-17 14:16 - 0000680 _____ () C:\Users\doma\AppData\Local\d3d9caps.dat
2009-08-05 23:07 - 2015-10-26 23:02 - 0129536 _____ () C:\Users\doma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-08-05 10:58 - 2014-02-16 19:26 - 0000000 _____ () C:\Users\doma\AppData\Local\DSwitch.txt
2009-08-05 10:58 - 2014-02-16 19:26 - 0000000 _____ () C:\Users\doma\AppData\Local\QSwitch.txt
2011-05-29 06:07 - 2016-10-28 08:32 - 0000178 _____ () C:\ProgramData\HPWALog.txt
2009-09-02 15:43 - 2009-12-21 20:01 - 0001629 _____ () C:\ProgramData\hpzinstall.log
2014-02-25 23:25 - 2015-10-24 16:38 - 0031776 _____ () C:\ProgramData\nvModes.001
2014-02-25 23:12 - 2015-10-24 16:38 - 0031776 _____ () C:\ProgramData\nvModes.dat
2009-05-22 04:13 - 2009-05-22 04:13 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-03-21 20:48 - 2009-03-21 20:49 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-05-22 04:11 - 2009-05-22 04:11 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-03-21 20:41 - 2009-03-21 20:43 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-05-22 04:09 - 2009-05-22 04:09 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-05-22 04:12 - 2009-05-22 04:12 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-03-21 20:40 - 2009-03-21 20:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-03-21 20:43 - 2009-03-21 20:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-05-22 04:13 - 2009-05-22 04:13 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-28 08:42

==================== End of FRST.txt ============================