Pomalý internet, FRST log

Zpráva

ras099 · #1 Příspěvek od **ras099** » 11 úno 2015 18:38

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 01
Ran by Martin (administrator) on MARTINRASZKA on 11-02-2015 18:34:33
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available profiles: Martin)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2013-03-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2014-02-22] (Lenovo)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [MSIDLL] => C:\WINDOWS\SysWOW64\rundll32.exe msisdl32.dll,XzXRQcUSq
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Policies\Explorer: [HideSCAPower] 0
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.9u4.lnk
ShortcutTarget: FreeRapid 0.9u4.lnk -> F:\Programs\Soubor manazery\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe (Vity)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> DefaultScope {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL = http://www.bing.com/search?FORM=U270DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL = http://www.bing.com/search?FORM=U270DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1
Tcpip\..\Interfaces\{77A2DCED-C301-442E-BEF8-8021202DFFE3}: [NameServer] 156.154.70.25,156.154.71.25

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\abs@avira.com [2014-11-26]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-06-14]
FF Extension: Google Translator for Firefox - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\translator@zoli.bod.xpi [2014-05-31]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube™ Video & Mp3 Downloader) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdglkojhnemnjjembalobdkccnnmeii [2015-01-27]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-01]
CHR Extension: (Adblock Pro) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhifeddjphjgoeajnekfceoifcigbhlb [2014-08-01]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-01]
CHR Extension: (Avira Browser Safety) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-26]
CHR Extension: (Streamus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2015-01-27]
CHR Extension: (Youtube-to-MP3) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekmfmemcfggilfpgplgjbfaijgchhfc [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [629192 2014-10-28] (Lenovo Corporation)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2014-02-22] (Lenovo)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2017736 2014-12-09] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [716232 2014-10-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [470472 2014-12-09] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2014-02-22] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44272 2013-03-29] (Synaptics Incorporated)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-17] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2014-03-22] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 18:34 - 2015-02-11 18:35 - 00022041 _____ () C:\Users\Martin\Desktop\FRST.txt
2015-02-11 18:34 - 2015-02-11 18:34 - 00000000 ____D () C:\FRST
2015-02-11 18:32 - 2015-02-11 18:32 - 02134016 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-02-11 18:30 - 2015-02-11 18:35 - 04766596 _____ () C:\Users\Martin\Desktop\JKS_525_Teba_Bože_chválime (1).mp3.crdownload
2015-02-11 18:30 - 2015-02-11 18:30 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\Unconfirmed 461234.crdownload
2015-02-11 17:54 - 2015-02-11 17:54 - 00000632 _____ () C:\WINDOWS\PFRO.log
2015-01-30 22:38 - 2015-01-31 00:21 - 00013913 _____ () C:\Users\Martin\Desktop\Nový Sešit OpenDocument.ods
2015-01-30 22:27 - 2015-01-30 22:36 - 00007168 _____ () C:\Users\Martin\Desktop\penize.xls
2015-01-25 21:00 - 2015-02-11 18:06 - 00004015 _____ () C:\WINDOWS\setupact.log
2015-01-25 21:00 - 2015-01-25 21:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-19 21:00 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-19 21:00 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-19 21:00 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-19 21:00 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-19 21:00 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-19 21:00 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-19 21:00 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-19 21:00 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-19 21:00 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-19 21:00 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-19 21:00 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-19 21:00 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-19 21:00 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-19 21:00 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-19 21:00 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-19 21:00 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-19 21:00 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-19 21:00 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-19 21:00 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-19 21:00 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-19 21:00 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-19 21:00 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-19 21:00 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-19 21:00 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-17 20:47 - 2015-01-17 20:47 - 00000000 ____D () C:\ProgramData\Norton
2015-01-17 20:46 - 2015-01-24 19:24 - 00001922 _____ () C:\Users\Martin\Desktop\WeatherBug®.lnk
2015-01-17 20:46 - 2015-01-17 20:46 - 00001902 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 __HDC () C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\Users\Martin\AppData\Local\IsolatedStorage
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\Program Files\Earth Networks
2015-01-17 20:45 - 2015-01-17 20:45 - 00725800 _____ () C:\Users\Martin\startw8(1).exe
2015-01-17 20:45 - 2015-01-17 20:45 - 00236344 _____ () C:\Users\Martin\startw8.exe
2015-01-17 12:21 - 2015-01-25 11:10 - 00000000 ____D () C:\Download

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 18:28 - 2014-05-27 22:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\AIMP3
2015-02-11 18:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-11 18:19 - 2014-11-26 22:26 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-11 18:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-11 17:57 - 2014-12-27 08:58 - 01495197 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-11 17:56 - 2014-11-26 22:26 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-11 17:56 - 2014-06-11 19:55 - 00000000 __RDO () C:\Users\Martin\OneDrive
2015-02-11 17:55 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-11 17:42 - 2014-08-18 20:10 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-11 17:33 - 2014-05-27 21:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1300877549-1184033115-3997360293-1001
2015-02-11 17:27 - 2014-11-26 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 17:27 - 2014-11-26 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-11 17:27 - 2014-11-26 22:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-11 17:25 - 2014-05-28 08:28 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{187D822E-949D-4D9E-8C15-2DF5457CDBB3}
2015-02-10 21:46 - 2014-08-02 06:58 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\eM Client
2015-02-09 20:27 - 2014-06-24 19:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2015-02-08 21:22 - 2014-08-01 18:59 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-08 20:42 - 2014-08-03 08:36 - 00000000 ____D () C:\ProgramData\StartW8
2015-02-04 22:14 - 2014-08-01 18:58 - 00003958 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 22:14 - 2014-08-01 18:58 - 00003722 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 22:19 - 2014-06-21 20:08 - 00000000 ____D () C:\Program Files (x86)\BatteryCare
2015-02-02 22:13 - 2014-06-21 20:08 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\BatteryCare
2015-02-02 10:51 - 2014-06-21 20:08 - 00001066 _____ () C:\Users\Public\Desktop\BatteryCare.lnk
2015-02-02 10:51 - 2014-06-21 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare
2015-01-31 22:13 - 2014-05-27 17:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2015-01-27 23:10 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-25 21:26 - 2014-07-27 19:04 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-24 19:34 - 2014-08-25 19:31 - 00000000 ____D () C:\Video
2015-01-21 21:08 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-21 21:06 - 2014-02-22 23:29 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-01-21 21:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-20 21:53 - 2014-08-11 19:48 - 00797960 _____ () C:\WINDOWS\system32\perfh015.dat
2015-01-20 21:53 - 2014-08-11 19:48 - 00163344 _____ () C:\WINDOWS\system32\perfc015.dat
2015-01-20 21:53 - 2014-03-18 16:33 - 03013310 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-20 21:53 - 2014-03-18 15:54 - 00963024 _____ () C:\WINDOWS\system32\perfh005.dat
2015-01-20 21:53 - 2014-03-18 15:54 - 00230394 _____ () C:\WINDOWS\system32\perfc005.dat
2015-01-19 21:10 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-19 21:08 - 2014-05-27 17:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-19 21:02 - 2014-05-27 17:38 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-19 20:49 - 2014-06-03 13:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\IrfanView
2015-01-17 20:46 - 2014-08-03 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartW8
2015-01-17 20:45 - 2014-05-27 21:10 - 00000000 ____D () C:\Users\Martin
2015-01-15 22:42 - 2014-08-02 20:11 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-01-15 22:42 - 2014-08-02 20:11 - 00000000 ____D () C:\Program Files (x86)\eM Client

==================== Files in the root of some directories =======

2014-05-27 15:29 - 2014-05-30 14:45 - 0004411 _____ () C:\Users\Martin\AppData\Roaming\AbsoluteReminder.xml
2014-06-14 17:07 - 2014-06-29 01:28 - 0003584 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-28 21:35 - 2014-07-28 21:36 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2014-05-27 15:30 - 2014-06-03 11:53 - 0000466 _____ () C:\Users\Martin\AppData\Local\RegisteredPackageInformation.xml
2014-06-03 16:47 - 2014-06-03 16:47 - 0000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg
2014-11-26 21:49 - 2014-11-13 10:52 - 5402840 _____ (COMODO) C:\ProgramData\cis22DA.exe
2014-11-26 21:54 - 2014-11-13 10:52 - 5402840 _____ (COMODO) C:\ProgramData\cis2EC9.exe
2014-11-26 22:22 - 2014-11-26 22:22 - 0000000 _____ () C:\ProgramData\cis4FD4.exe
2014-11-26 22:22 - 2014-11-26 22:22 - 0000000 _____ () C:\ProgramData\cis5EE9.exe
2014-11-26 22:13 - 2014-11-26 21:54 - 5402840 _____ (COMODO) C:\ProgramData\cisD5E4.exe
2014-06-08 10:44 - 2014-11-16 16:27 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-11-26 22:15 - 2014-11-26 22:15 - 0000016 _____ () C:\ProgramData\mntemp

Files to move or delete:
====================
C:\ProgramData\cis22DA.exe
C:\ProgramData\cis2EC9.exe
C:\ProgramData\cis4FD4.exe
C:\ProgramData\cis5EE9.exe
C:\ProgramData\cisD5E4.exe
C:\Users\Martin\startw8(1).exe
C:\Users\Martin\startw8.exe

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-01 21:24

==================== End Of Log ============================

#2 Příspěvek od **Rudy** » 11 úno 2015 19:04

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

ras099 · #3 Příspěvek od **ras099** » 11 úno 2015 19:18

# AdwCleaner v4.110 - Logfile created 11/02/2015 at 19:15:36
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Martin - MARTINRASZKA
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Deal Keeper

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v

-\\ Google Chrome v40.0.2214.111

*************************

AdwCleaner[R2].txt - [1299 bytes] - [18/11/2014 22:48:14]
AdwCleaner[R3].txt - [1012 bytes] - [11/02/2015 19:11:32]
AdwCleaner[R4].txt - [1071 bytes] - [11/02/2015 19:13:09]
AdwCleaner[S2].txt - [1374 bytes] - [18/11/2014 22:53:10]
AdwCleaner[S3].txt - [1004 bytes] - [11/02/2015 19:15:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1063 bytes] ##########

#4 Příspěvek od **Rudy** » 11 úno 2015 19:22

Dejte nový log FRST.

ras099 · #5 Příspěvek od **ras099** » 11 úno 2015 19:31

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 01
Ran by Martin (administrator) on MARTINRASZKA on 11-02-2015 19:29:22
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available profiles: Martin)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2013-03-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2014-02-22] (Lenovo)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [MSIDLL] => C:\WINDOWS\SysWOW64\rundll32.exe msisdl32.dll,XzXRQcUSq
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Policies\Explorer: [HideSCAPower] 0
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.9u4.lnk
ShortcutTarget: FreeRapid 0.9u4.lnk -> F:\Programs\Soubor manazery\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe (Vity)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL = http://www.bing.com/search?FORM=U270DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1
Tcpip\..\Interfaces\{77A2DCED-C301-442E-BEF8-8021202DFFE3}: [NameServer] 156.154.70.25,156.154.71.25

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\abs@avira.com [2014-11-26]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-06-14]
FF Extension: Google Translator for Firefox - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\translator@zoli.bod.xpi [2014-05-31]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube™ Video & Mp3 Downloader) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdglkojhnemnjjembalobdkccnnmeii [2015-01-27]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-01]
CHR Extension: (Adblock Pro) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhifeddjphjgoeajnekfceoifcigbhlb [2014-08-01]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-01]
CHR Extension: (Avira Browser Safety) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-26]
CHR Extension: (Streamus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2015-01-27]
CHR Extension: (Youtube-to-MP3) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekmfmemcfggilfpgplgjbfaijgchhfc [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [629192 2014-10-28] (Lenovo Corporation)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2014-02-22] (Lenovo)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2017736 2014-12-09] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [716232 2014-10-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [470472 2014-12-09] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2014-02-22] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44272 2013-03-29] (Synaptics Incorporated)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-17] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2014-03-22] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 19:29 - 2015-02-11 19:29 - 00021569 _____ () C:\Users\Martin\Desktop\FRST.txt
2015-02-11 19:10 - 2015-02-11 19:10 - 02112512 _____ () C:\Users\Martin\Desktop\adwcleaner_4.110.exe
2015-02-11 18:34 - 2015-02-11 19:29 - 00000000 ____D () C:\FRST
2015-02-11 18:32 - 2015-02-11 18:32 - 02134016 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-02-11 17:54 - 2015-02-11 17:54 - 00000632 _____ () C:\WINDOWS\PFRO.log
2015-01-25 21:00 - 2015-02-11 19:26 - 00004395 _____ () C:\WINDOWS\setupact.log
2015-01-25 21:00 - 2015-01-25 21:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-19 21:00 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-19 21:00 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-19 21:00 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-19 21:00 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-19 21:00 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-19 21:00 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-19 21:00 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-19 21:00 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-19 21:00 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-19 21:00 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-19 21:00 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-19 21:00 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-19 21:00 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-19 21:00 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-19 21:00 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-19 21:00 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-19 21:00 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-19 21:00 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-19 21:00 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-19 21:00 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-19 21:00 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-19 21:00 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-19 21:00 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-19 21:00 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-19 21:00 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-17 20:47 - 2015-01-17 20:47 - 00000000 ____D () C:\ProgramData\Norton
2015-01-17 20:46 - 2015-01-24 19:24 - 00001922 _____ () C:\Users\Martin\Desktop\WeatherBug®.lnk
2015-01-17 20:46 - 2015-01-17 20:46 - 00001902 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 __HDC () C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\Users\Martin\AppData\Local\IsolatedStorage
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\Program Files\Earth Networks
2015-01-17 20:45 - 2015-01-17 20:45 - 00725800 _____ () C:\Users\Martin\startw8(1).exe
2015-01-17 20:45 - 2015-01-17 20:45 - 00236344 _____ () C:\Users\Martin\startw8.exe
2015-01-17 12:21 - 2015-01-25 11:10 - 00000000 ____D () C:\Download

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 19:19 - 2014-11-26 22:26 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-11 19:17 - 2014-12-27 08:58 - 01496503 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-11 19:17 - 2014-11-26 22:26 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-11 19:17 - 2014-06-11 19:55 - 00000000 __RDO () C:\Users\Martin\OneDrive
2015-02-11 19:16 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-11 19:15 - 2014-11-18 22:48 - 00000000 ____D () C:\AdwCleaner
2015-02-11 19:15 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-11 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-11 18:54 - 2014-05-27 21:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1300877549-1184033115-3997360293-1001
2015-02-11 18:49 - 2014-05-27 22:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\AIMP3
2015-02-11 18:42 - 2014-08-18 20:10 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-11 18:42 - 2014-06-12 17:36 - 00000000 ____D () C:\Temp
2015-02-11 18:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-11 17:27 - 2014-11-26 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 17:27 - 2014-11-26 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-11 17:27 - 2014-11-26 22:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-11 17:25 - 2014-05-28 08:28 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{187D822E-949D-4D9E-8C15-2DF5457CDBB3}
2015-02-10 21:46 - 2014-08-02 06:58 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\eM Client
2015-02-09 20:27 - 2014-06-24 19:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2015-02-08 21:22 - 2014-08-01 18:59 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-08 20:42 - 2014-08-03 08:36 - 00000000 ____D () C:\ProgramData\StartW8
2015-02-04 22:14 - 2014-08-01 18:58 - 00003958 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 22:14 - 2014-08-01 18:58 - 00003722 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 22:19 - 2014-06-21 20:08 - 00000000 ____D () C:\Program Files (x86)\BatteryCare
2015-02-02 22:13 - 2014-06-21 20:08 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\BatteryCare
2015-02-02 10:51 - 2014-06-21 20:08 - 00001066 _____ () C:\Users\Public\Desktop\BatteryCare.lnk
2015-02-02 10:51 - 2014-06-21 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryCare
2015-01-31 22:13 - 2014-05-27 17:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2015-01-25 21:26 - 2014-07-27 19:04 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-24 19:34 - 2014-08-25 19:31 - 00000000 ____D () C:\Video
2015-01-21 21:08 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-21 21:06 - 2014-02-22 23:29 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-01-21 21:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-20 21:53 - 2014-08-11 19:48 - 00797960 _____ () C:\WINDOWS\system32\perfh015.dat
2015-01-20 21:53 - 2014-08-11 19:48 - 00163344 _____ () C:\WINDOWS\system32\perfc015.dat
2015-01-20 21:53 - 2014-03-18 16:33 - 03013310 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-20 21:53 - 2014-03-18 15:54 - 00963024 _____ () C:\WINDOWS\system32\perfh005.dat
2015-01-20 21:53 - 2014-03-18 15:54 - 00230394 _____ () C:\WINDOWS\system32\perfc005.dat
2015-01-19 21:10 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-19 21:08 - 2014-05-27 17:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-19 21:02 - 2014-05-27 17:38 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-19 20:49 - 2014-06-03 13:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\IrfanView
2015-01-17 20:46 - 2014-08-03 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartW8
2015-01-17 20:45 - 2014-05-27 21:10 - 00000000 ____D () C:\Users\Martin
2015-01-15 22:42 - 2014-08-02 20:11 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-01-15 22:42 - 2014-08-02 20:11 - 00000000 ____D () C:\Program Files (x86)\eM Client

==================== Files in the root of some directories =======

2014-05-27 15:29 - 2014-05-30 14:45 - 0004411 _____ () C:\Users\Martin\AppData\Roaming\AbsoluteReminder.xml
2014-06-14 17:07 - 2014-06-29 01:28 - 0003584 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-28 21:35 - 2014-07-28 21:36 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2014-05-27 15:30 - 2014-06-03 11:53 - 0000466 _____ () C:\Users\Martin\AppData\Local\RegisteredPackageInformation.xml
2014-06-03 16:47 - 2014-06-03 16:47 - 0000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg
2014-11-26 21:49 - 2014-11-13 10:52 - 5402840 _____ (COMODO) C:\ProgramData\cis22DA.exe
2014-11-26 21:54 - 2014-11-13 10:52 - 5402840 _____ (COMODO) C:\ProgramData\cis2EC9.exe
2014-11-26 22:22 - 2014-11-26 22:22 - 0000000 _____ () C:\ProgramData\cis4FD4.exe
2014-11-26 22:22 - 2014-11-26 22:22 - 0000000 _____ () C:\ProgramData\cis5EE9.exe
2014-11-26 22:13 - 2014-11-26 21:54 - 5402840 _____ (COMODO) C:\ProgramData\cisD5E4.exe
2014-06-08 10:44 - 2014-11-16 16:27 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-11-26 22:15 - 2014-11-26 22:15 - 0000016 _____ () C:\ProgramData\mntemp

Files to move or delete:
====================
C:\ProgramData\cis22DA.exe
C:\ProgramData\cis2EC9.exe
C:\ProgramData\cis4FD4.exe
C:\ProgramData\cis5EE9.exe
C:\ProgramData\cisD5E4.exe
C:\Users\Martin\startw8(1).exe
C:\Users\Martin\startw8.exe

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avgnt.exe
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-11 18:54

==================== End Of Log ============================

#6 Příspěvek od **Rudy** » 11 úno 2015 20:03

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [MSIDLL] => C:\WINDOWS\SysWOW64\rundll32.exe msisdl32.dll,XzXRQcUSq
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL = http://www.bing.com/search?FORM=U270DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Martin\startw8(1).exe
C:\Users\Martin\startw8.exe
C:\Users\Martin\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

ras099 · #7 Příspěvek od **ras099** » 11 úno 2015 20:17

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-02-2015 01
Ran by Martin at 2015-02-11 20:17:23 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available profiles: Martin)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [MSIDLL] => C:\WINDOWS\SysWOW64\rundll32.exe msisdl32.dll,XzXRQcUSq
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL = http://www.bing.com/search?FORM=U270DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Martin\startw8(1).exe
C:\Users\Martin\startw8.exe
C:\Users\Martin\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MSIDLL => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4726F2FD-48EF-44CA-9501-F2771B5F9B81}" => Key deleted successfully.
HKCR\CLSID\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => Key not found.
"HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => Key not found.
Firefox DefaultSearchUrl deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox Keyword.URL deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\Users\Martin\startw8(1).exe => Moved successfully.
C:\Users\Martin\startw8.exe => Moved successfully.
C:\Users\Martin\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 20:17:23 ====

#8 Příspěvek od **Rudy** » 11 úno 2015 21:21

Smazáno. Nastala nějaká změna?

ras099 · #9 Příspěvek od **ras099** » 11 úno 2015 21:29

Jooo!

#10 Příspěvek od **Rudy** » 11 úno 2015 21:39

Tak to jsem rád!

VIRY.CZ

Pomalý internet, FRST log

Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log

Re: Pomalý internet, FRST log