Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2015-04-25 18:35:17
Microsoft Windows 8.1
System drive C: has 145 GB (63%) free of 231 GB
Total RAM: 3982 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:17, on 25. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [StartW8Button] C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [WeatherBug] C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{77A2DCED-C301-442E-BEF8-8021202DFFE3}: NameServer = 156.154.70.25,156.154.71.25
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem40.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LnvMHService (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartW8Service - SODATSW spol. s .r.o. - C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9793 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\StartW8\bin\StartW8Service.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
dashost.exe {f973b516-4b8b-41c4-b8e73da625f02c1d}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-145e209e-b25e-49ad-85e1-73534966c16f -SystemEventPortName:HostProcess-52cc161d-ed31-4c38-b85f-28b442a29dd1 -IoCancelEventPortName:HostProcess-44144c99-9a20-4c1b-8f89-710eb1811cc8 -NonStateChangingEventPortName:HostProcess-9b56916d-5b0c-4701-85c7-5934bbf1b637 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:56635b1d-2a3d-49cc-a516-a8a2787f6ee8 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-db39fd80-0f23-402b-88c1-b69b907323e6 -SystemEventPortName:HostProcess-228e5e0e-171c-4f16-9430-3d6a8f4f67ac -IoCancelEventPortName:HostProcess-a827a7f0-9848-4828-9ce1-947642e258a8 -NonStateChangingEventPortName:HostProcess-6aa900f3-9d71-4684-acd8-7dd553670820 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4ef4f134-0fec-46f5-ac6d-943f10963134 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d950be13-3c37-4a54-afdd-ab767dc486cb -SystemEventPortName:HostProcess-a1db84bd-be95-4ce6-a8a3-02430362cdf6 -IoCancelEventPortName:HostProcess-56167614-c659-4fcf-ad27-5b9710f7135e -NonStateChangingEventPortName:HostProcess-c555ac69-1b57-41fe-88a6-2cc5a0701204 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c48d655f-a2c3-4356-9740-5fbad2d3950c -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-df0ecee4-7cdb-4a8b-a295-ecbd59806d49 -SystemEventPortName:HostProcess-f1cb43b2-c0cc-4d97-b157-48806256ed22 -IoCancelEventPortName:HostProcess-30839335-8adf-4d6b-aa89-43caff28f220 -NonStateChangingEventPortName:HostProcess-4b8736e9-ab11-443f-ac3e-b70b8e43c16c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:800f6dec-57cb-4d6f-a2e5-635def18f987 -DeviceGroupId:
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xef4_0x918_0x5a885e08"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000029e0
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
"C:\Program Files (x86)\StartW8\bin\StartW8Button.exe"
taskhostex.exe
C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
igfxEM.exe
igfxHK.exe
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\BatteryCare\BatteryCare.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe" -Xms32m -Xmx128m -jar "F:\Programs\Soubor manazery\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.jar" -m
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
taskhost.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Martin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-05-13 13538376]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-07-20 373760]
"LenovoOptMouseUpdate"=C:\Program Files\Lenovo\HOTKEY\extapsup.exe [2013-06-20 255480]
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2014-08-12 937968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-29 2916592]
"LMCSSTART1"=C:\WINDOWS\SysWOW64\lmcfrundll.exe [2015-01-19 24008]
"LMCSSTART2"=C:\WINDOWS\SysWOW64\lmcfrundll.exe [2015-01-19 24008]
"LMCSSTART3"=C:\WINDOWS\SysWOW64\lmcfrundll.exe [2015-01-19 24008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WeatherBug"=C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [2014-09-24 146736]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-03-12 548864]
"StartW8Button"=C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [2014-12-15 59752]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-04-01 726320]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAPower"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-25 18:29:49 ----D---- C:\rsit
2015-04-25 18:25:50 ----D---- C:\FRST
2015-04-18 17:27:24 ----D---- C:\Users\Martin\AppData\Roaming\PIT Projekt 2014
2015-04-18 17:27:10 ----D---- C:\ProgramData\PIT Projekt 2014
2015-04-18 17:27:10 ----D---- C:\Program Files (x86)\PIT Projekt 2014
======List of files/folders modified in the last 1 month======
2015-04-25 18:35:17 ----D---- C:\WINDOWS\Temp
2015-04-25 18:35:17 ----D---- C:\Program Files\trend micro
2015-04-25 18:35:01 ----D---- C:\WINDOWS\Prefetch
2015-04-25 18:27:33 ----D---- C:\Windows
2015-04-25 18:14:46 ----D---- C:\WINDOWS\system32\sru
2015-04-25 12:34:27 ----D---- C:\Users\Martin\AppData\Roaming\eM Client
2015-04-25 12:00:13 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2015-04-25 11:00:11 ----SHD---- C:\WINDOWS\Installer
2015-04-25 11:00:11 ----SHD---- C:\Config.Msi
2015-04-25 11:00:11 ----D---- C:\ProgramData\Skype
2015-04-25 11:00:04 ----RD---- C:\Program Files (x86)\Skype
2015-04-24 19:13:06 ----D---- C:\WINDOWS\system32\Tasks
2015-04-23 20:27:41 ----D---- C:\WINDOWS\Microsoft.NET
2015-04-23 17:38:20 ----D---- C:\WINDOWS\System32
2015-04-23 17:38:20 ----D---- C:\ProgramData\StartW8
2015-04-22 20:56:41 ----D---- C:\Program Files (x86)\eM Client
2015-04-22 20:56:14 ----SHD---- C:\System Volume Information
2015-04-21 21:12:59 ----D---- C:\WINDOWS\system32\NDF
2015-04-19 19:21:52 ----D---- C:\WINDOWS\Inf
2015-04-19 19:21:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-18 17:27:10 ----RD---- C:\Program Files (x86)
2015-04-18 17:27:10 ----HD---- C:\ProgramData
2015-04-18 12:11:45 ----D---- C:\Download
2015-04-18 11:32:44 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2015-04-18 10:29:41 ----D---- C:\Users\Martin\AppData\Roaming\BatteryCare
2015-04-16 09:52:55 ----AH---- C:\IFRToolLog.txt
2015-04-15 23:03:48 ----D---- C:\WINDOWS\system32\config
2015-04-12 19:32:13 ----D---- C:\WINDOWS\CbsTemp
2015-04-12 19:31:59 ----D---- C:\WINDOWS\WinSxS
2015-04-11 20:00:18 ----D---- C:\WINDOWS\AppReadiness
2015-04-10 10:24:52 ----D---- C:\ProgramData\Package Cache
2015-04-10 10:24:45 ----D---- C:\Program Files (x86)\Avira
2015-04-07 23:16:47 ----HD---- C:\Program Files\WindowsApps
2015-04-01 10:39:51 ----D---- C:\Users\Martin\AppData\Roaming\Avira
2015-04-01 10:39:17 ----D---- C:\ProgramData\Avira
2015-04-01 10:39:16 ----D---- C:\WINDOWS\system32\drivers
2015-03-26 22:44:10 ----D---- C:\Users\Martin\AppData\Roaming\AIMP3
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-11-19 652344]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2015-03-10 132120]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2014-10-22 28600]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwr64v.sys [2015-01-16 20736]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2015-03-10 128536]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2015-03-10 43576]
R3 AmUStor;@oem25.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-07-20 100992]
R3 bcbtums;@oem34.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-09-04 170712]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btwampfl;@oem34.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-09-04 166104]
R3 btwaudio;@oem3.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2013-04-24 186584]
R3 btwavdt;@oem3.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\WINDOWS\System32\drivers\btwavdt.sys [2013-04-24 228568]
R3 btwl2cap;@oem6.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 btwpanfl;BTW PAN filter driver; \??\C:\WINDOWS\system32\drivers\btwpanfl.sys [2013-01-20 44912]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2013-04-24 22744]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-05-14 3413320]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 LnvHIDHW;@oem28.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MEIx64;@oem18.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-03-12 64624]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-03-29 44272]
R3 SynTP;@oem23.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-03-29 448240]
R3 vm331avs;@oem9.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\WINDOWS\System32\Drivers\vm331avs.sys [2013-04-17 1049984]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2014-02-23 66288]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-05-28 197264]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-04-01 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-04-01 434424]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2015-01-21 560584]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2013-05-28 958680]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-02-23 140016]
R2 IBMPMSVC;@oem40.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-05-21 314696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-03-12 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-01-23 2016472]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
R2 LnvHotSpotSvc;LnvMHService; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2014-08-12 474608]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2015-01-09 469720]
R2 StartW8Service;StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [2014-12-15 620392]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-04-01 124464]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2015-01-16 1668848]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-04-01 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-04-01 1004280]
S2 BcmBtRSupport;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-09-04 2252504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-05-21 278344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2015-01-21 626120]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S4 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2015-01-21 456136]
S4 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-04-07 110128]
S4 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2015-01-21 453576]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
RSIT log - prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: RSIT log - prosím o preventivku
Zdravim 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: RSIT log - prosím o preventivku
# AdwCleaner v4.202 - Logfile created 26/04/2015 at 10:52:17
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Martin - MARTINRASZKA
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.202.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
Folder Deleted : C:\Program Files (x86)\Deal Keeper
Folder Deleted : C:\Program Files\Earth Networks
File Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Local AppWizard-Generated Applications
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v
-\\ Google Chrome v42.0.2311.90
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : fcfenmboojpjinhpgggodefccipikbpd
*************************
AdwCleaner[R5].txt - [1449 bytes] - [26/04/2015 10:46:34]
AdwCleaner[R6].txt - [1508 bytes] - [26/04/2015 10:49:47]
AdwCleaner[S4].txt - [1375 bytes] - [26/04/2015 10:52:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1434 bytes] ##########
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Martin - MARTINRASZKA
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.202.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
Folder Deleted : C:\Program Files (x86)\Deal Keeper
Folder Deleted : C:\Program Files\Earth Networks
File Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Local AppWizard-Generated Applications
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v
-\\ Google Chrome v42.0.2311.90
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : fcfenmboojpjinhpgggodefccipikbpd
*************************
AdwCleaner[R5].txt - [1449 bytes] - [26/04/2015 10:46:34]
AdwCleaner[R6].txt - [1508 bytes] - [26/04/2015 10:49:47]
AdwCleaner[S4].txt - [1375 bytes] - [26/04/2015 10:52:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1434 bytes] ##########
Re: RSIT log - prosím o preventivku
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: RSIT log - prosím o preventivku
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 26. 4. 2015
Čas skenování: 17:02:13
Protokol: ahoj.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.26.03
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 595046
Uplynulý čas: 2 hod, 9 min, 1 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 4
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\bitstreams, , [4cdfc5ac06844cea412a148108fbde22],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper, , [0a214c2596f457df6d6c3b7321e2d62a],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin, , [0a214c2596f457df6d6c3b7321e2d62a],
Soubory: 15
Trojan.BitMiner, C:\Windows\Inf\mncadswlx\mncadswlx.exe, , [57d44b2613773600c5d7c1bc8e74ce32],
PUP.Optional.InstallCore, F:\Programs\Mobil\Samsung-PC-Studio(18722).exe, , [919adc95008abf7790bacc02f70e0000],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\diablo130302.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\diakgcn121016.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libcurl-4.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libeay32.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libidn-11.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\librtmp.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libssh2.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\phatk121016.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\poclbm130302.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\scrypt130511.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\ssleay32.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\zlib1.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [4cdfc5ac06844cea412a148108fbde22],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 26. 4. 2015
Čas skenování: 17:02:13
Protokol: ahoj.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.26.03
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 595046
Uplynulý čas: 2 hod, 9 min, 1 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 4
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\bitstreams, , [4cdfc5ac06844cea412a148108fbde22],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper, , [0a214c2596f457df6d6c3b7321e2d62a],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin, , [0a214c2596f457df6d6c3b7321e2d62a],
Soubory: 15
Trojan.BitMiner, C:\Windows\Inf\mncadswlx\mncadswlx.exe, , [57d44b2613773600c5d7c1bc8e74ce32],
PUP.Optional.InstallCore, F:\Programs\Mobil\Samsung-PC-Studio(18722).exe, , [919adc95008abf7790bacc02f70e0000],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\diablo130302.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\diakgcn121016.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libcurl-4.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libeay32.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libidn-11.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\librtmp.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\libssh2.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\phatk121016.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\poclbm130302.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\scrypt130511.cl, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\ssleay32.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\zlib1.dll, , [4cdfc5ac06844cea412a148108fbde22],
Trojan.Agent.BCM, C:\Windows\Inf\mncadswlx\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [4cdfc5ac06844cea412a148108fbde22],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: RSIT log - prosím o preventivku
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: RSIT log - prosím o preventivku
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 26. 4. 2015
Čas skenování: 19:55:09
Protokol: ahoj.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.26.04
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 595146
Uplynulý čas: 1 hod, 48 min, 10 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 26. 4. 2015
Čas skenování: 19:55:09
Protokol: ahoj.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.04.26.04
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 595146
Uplynulý čas: 1 hod, 48 min, 10 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: RSIT log - prosím o preventivku
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: RSIT log - prosím o preventivku
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Martin (administrator) on MARTINRASZKA on 27-04-2015 19:54:44
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & (Available profiles: Martin)
Platform: Windows 8.1 (X64) OS Language: Czeski (Republika Czeska)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2013-03-29] (Synaptics Incorporated)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Policies\Explorer: [HideSCAPower] 1
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAPower] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77A2DCED-C301-442E-BEF8-8021202DFFE3}: [NameServer] 156.154.70.25,156.154.71.25
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [2014-11-18] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [2014-11-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\abs@avira.com [2014-11-26]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-06-14]
FF Extension: Google Translator for Firefox - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\translator@zoli.bod.xpi [2014-05-31]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube™ Video & Mp3 Downloader) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdglkojhnemnjjembalobdkccnnmeii [2015-01-27]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Adblock Pro) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhifeddjphjgoeajnekfceoifcigbhlb [2014-08-01]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-01]
CHR Extension: (Bookmark Manager) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-08]
CHR Extension: (Streamus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2015-01-27]
CHR Extension: (Youtube-to-MP3) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekmfmemcfggilfpgplgjbfaijgchhfc [2015-01-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2014-02-23] (Lenovo)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2014-02-23] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44272 2013-03-29] (Synaptics Incorporated)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-17] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2014-03-22] (OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 19:54 - 2015-04-27 19:55 - 00021732 _____ () C:\Users\Martin\Desktop\FRST.txt
2015-04-27 19:52 - 2015-04-27 19:52 - 02100736 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-04-26 21:47 - 2015-04-26 21:47 - 00001151 _____ () C:\Users\Martin\Desktop\ahoj.txt
2015-04-26 19:49 - 2015-04-26 19:49 - 00000000 ____D () C:\Avenger
2015-04-26 17:00 - 2015-04-26 17:00 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-26 10:46 - 2015-04-26 19:53 - 00000000 ____D () C:\AdwCleaner
2015-04-26 10:45 - 2015-04-26 10:45 - 02224640 _____ () C:\Users\Martin\Desktop\adwcleaner_4.202.exe
2015-04-25 18:29 - 2015-04-25 18:29 - 00000000 ____D () C:\rsit
2015-04-25 18:25 - 2015-04-27 19:54 - 00000000 ____D () C:\FRST
2015-04-25 11:00 - 2015-04-25 11:00 - 00000000 ____D () C:\Users\Martin\Tracing
2015-04-18 17:27 - 2015-04-18 18:23 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\PIT Projekt 2014
2015-04-18 17:27 - 2015-04-18 17:27 - 00001167 _____ () C:\Users\Public\Desktop\PIT Projekt 2014.lnk
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\ProgramData\PIT Projekt 2014
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GP SOFT
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\PIT Projekt 2014
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 19:54 - 2014-08-02 07:58 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\eM Client
2015-04-27 19:48 - 2015-02-23 22:40 - 00014796 _____ () C:\WINDOWS\setupact.log
2015-04-27 19:42 - 2014-08-18 21:10 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-27 19:41 - 2014-05-28 09:28 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{187D822E-949D-4D9E-8C15-2DF5457CDBB3}
2015-04-27 19:38 - 2014-06-11 20:55 - 00000000 __RDO () C:\Users\Martin\OneDrive
2015-04-27 19:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-26 21:49 - 2014-05-27 18:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2015-04-26 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-26 21:30 - 2014-05-27 22:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1300877549-1184033115-3997360293-1001
2015-04-26 20:46 - 2014-08-11 20:48 - 00807160 _____ () C:\WINDOWS\system32\perfh015.dat
2015-04-26 20:46 - 2014-08-11 20:48 - 00163478 _____ () C:\WINDOWS\system32\perfc015.dat
2015-04-26 20:46 - 2014-03-18 17:33 - 03013310 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-26 20:46 - 2014-03-18 16:54 - 00953834 _____ () C:\WINDOWS\system32\perfh005.dat
2015-04-26 20:46 - 2014-03-18 16:54 - 00230264 _____ () C:\WINDOWS\system32\perfc005.dat
2015-04-26 19:55 - 2014-08-03 15:20 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-26 19:51 - 2014-12-27 09:58 - 01132703 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-26 19:49 - 2015-02-26 01:33 - 00206426 _____ () C:\WINDOWS\PFRO.log
2015-04-26 19:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-04-26 19:49 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-26 19:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-26 19:15 - 2014-08-02 21:11 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-04-26 19:15 - 2014-08-02 21:11 - 00000000 ____D () C:\Program Files (x86)\eM Client
2015-04-26 17:00 - 2014-08-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 18:35 - 2014-07-12 12:09 - 00000000 ____D () C:\Program Files\trend micro
2015-04-25 11:00 - 2014-09-15 21:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-25 11:00 - 2014-05-27 22:10 - 00000000 ____D () C:\Users\Martin
2015-04-25 11:00 - 2014-05-27 18:29 - 00000000 ____D () C:\ProgramData\Skype
2015-04-23 17:38 - 2014-08-03 09:36 - 00000000 ____D () C:\ProgramData\StartW8
2015-04-18 12:11 - 2015-01-17 13:21 - 00000000 ____D () C:\Download
2015-04-18 11:32 - 2014-06-24 20:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2015-04-18 10:29 - 2014-06-21 21:08 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\BatteryCare
2015-04-17 21:13 - 2014-08-01 19:59 - 00002216 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 09:38 - 2014-08-03 15:20 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-08-03 15:20 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-08-03 15:20 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-12 19:32 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-11 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-10 10:24 - 2014-11-26 23:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-10 10:24 - 2014-11-26 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-10 10:24 - 2014-11-26 23:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-01 10:39 - 2014-11-26 23:32 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Avira
2015-04-01 10:39 - 2014-11-26 23:29 - 00000000 ____D () C:\ProgramData\Avira
==================== Files in the root of some directories =======
2014-05-27 16:29 - 2014-05-30 15:45 - 0004411 _____ () C:\Users\Martin\AppData\Roaming\AbsoluteReminder.xml
2014-07-28 22:35 - 2014-07-28 22:36 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2014-05-27 16:30 - 2014-06-03 12:53 - 0000466 _____ () C:\Users\Martin\AppData\Local\RegisteredPackageInformation.xml
2014-06-03 17:47 - 2014-06-03 17:47 - 0000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg
2014-11-26 22:49 - 2014-11-13 11:52 - 5402840 _____ (COMODO) C:\ProgramData\cis22DA.exe
2014-11-26 22:54 - 2014-11-13 11:52 - 5402840 _____ (COMODO) C:\ProgramData\cis2EC9.exe
2014-11-26 23:22 - 2014-11-26 23:22 - 0000000 _____ () C:\ProgramData\cis4FD4.exe
2014-11-26 23:22 - 2014-11-26 23:22 - 0000000 _____ () C:\ProgramData\cis5EE9.exe
2014-11-26 23:13 - 2014-11-26 22:54 - 5402840 _____ (COMODO) C:\ProgramData\cisD5E4.exe
2014-06-08 11:44 - 2014-11-16 17:27 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-11-26 23:15 - 2014-11-26 23:15 - 0000016 _____ () C:\ProgramData\mntemp
Files to move or delete:
====================
C:\ProgramData\cis22DA.exe
C:\ProgramData\cis2EC9.exe
C:\ProgramData\cis4FD4.exe
C:\ProgramData\cis5EE9.exe
C:\ProgramData\cisD5E4.exe
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avgnt.exe
C:\Users\Martin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-23 20:21
==================== End Of Log ============================
Ran by Martin (administrator) on MARTINRASZKA on 27-04-2015 19:54:44
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & (Available profiles: Martin)
Platform: Windows 8.1 (X64) OS Language: Czeski (Republika Czeska)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373760 2012-07-20] (Alcor Micro Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2013-03-29] (Synaptics Incorporated)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\Policies\Explorer: [HideSCAPower] 1
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAPower] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77A2DCED-C301-442E-BEF8-8021202DFFE3}: [NameServer] 156.154.70.25,156.154.71.25
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [2014-11-18] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [2014-11-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\abs@avira.com [2014-11-26]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-06-14]
FF Extension: Google Translator for Firefox - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\translator@zoli.bod.xpi [2014-05-31]
FF Extension: Adblock Plus - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\cm6h64l7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-14]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Youtube™ Video & Mp3 Downloader) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdglkojhnemnjjembalobdkccnnmeii [2015-01-27]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Adblock Pro) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhifeddjphjgoeajnekfceoifcigbhlb [2014-08-01]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-01]
CHR Extension: (Bookmark Manager) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-08]
CHR Extension: (Streamus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2015-01-27]
CHR Extension: (Youtube-to-MP3) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekmfmemcfggilfpgplgjbfaijgchhfc [2015-01-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2014-02-23] (Lenovo)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2014-02-23] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44272 2013-03-29] (Synaptics Incorporated)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-17] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2014-03-22] (OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 19:54 - 2015-04-27 19:55 - 00021732 _____ () C:\Users\Martin\Desktop\FRST.txt
2015-04-27 19:52 - 2015-04-27 19:52 - 02100736 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-04-26 21:47 - 2015-04-26 21:47 - 00001151 _____ () C:\Users\Martin\Desktop\ahoj.txt
2015-04-26 19:49 - 2015-04-26 19:49 - 00000000 ____D () C:\Avenger
2015-04-26 17:00 - 2015-04-26 17:00 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-26 10:46 - 2015-04-26 19:53 - 00000000 ____D () C:\AdwCleaner
2015-04-26 10:45 - 2015-04-26 10:45 - 02224640 _____ () C:\Users\Martin\Desktop\adwcleaner_4.202.exe
2015-04-25 18:29 - 2015-04-25 18:29 - 00000000 ____D () C:\rsit
2015-04-25 18:25 - 2015-04-27 19:54 - 00000000 ____D () C:\FRST
2015-04-25 11:00 - 2015-04-25 11:00 - 00000000 ____D () C:\Users\Martin\Tracing
2015-04-18 17:27 - 2015-04-18 18:23 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\PIT Projekt 2014
2015-04-18 17:27 - 2015-04-18 17:27 - 00001167 _____ () C:\Users\Public\Desktop\PIT Projekt 2014.lnk
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\ProgramData\PIT Projekt 2014
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GP SOFT
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\PIT Projekt 2014
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 19:54 - 2014-08-02 07:58 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\eM Client
2015-04-27 19:48 - 2015-02-23 22:40 - 00014796 _____ () C:\WINDOWS\setupact.log
2015-04-27 19:42 - 2014-08-18 21:10 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-27 19:41 - 2014-05-28 09:28 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{187D822E-949D-4D9E-8C15-2DF5457CDBB3}
2015-04-27 19:38 - 2014-06-11 20:55 - 00000000 __RDO () C:\Users\Martin\OneDrive
2015-04-27 19:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-26 21:49 - 2014-05-27 18:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2015-04-26 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-26 21:30 - 2014-05-27 22:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1300877549-1184033115-3997360293-1001
2015-04-26 20:46 - 2014-08-11 20:48 - 00807160 _____ () C:\WINDOWS\system32\perfh015.dat
2015-04-26 20:46 - 2014-08-11 20:48 - 00163478 _____ () C:\WINDOWS\system32\perfc015.dat
2015-04-26 20:46 - 2014-03-18 17:33 - 03013310 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-26 20:46 - 2014-03-18 16:54 - 00953834 _____ () C:\WINDOWS\system32\perfh005.dat
2015-04-26 20:46 - 2014-03-18 16:54 - 00230264 _____ () C:\WINDOWS\system32\perfc005.dat
2015-04-26 19:55 - 2014-08-03 15:20 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-26 19:51 - 2014-12-27 09:58 - 01132703 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-26 19:49 - 2015-02-26 01:33 - 00206426 _____ () C:\WINDOWS\PFRO.log
2015-04-26 19:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-04-26 19:49 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-26 19:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-26 19:15 - 2014-08-02 21:11 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-04-26 19:15 - 2014-08-02 21:11 - 00000000 ____D () C:\Program Files (x86)\eM Client
2015-04-26 17:00 - 2014-08-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 18:35 - 2014-07-12 12:09 - 00000000 ____D () C:\Program Files\trend micro
2015-04-25 11:00 - 2014-09-15 21:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-25 11:00 - 2014-05-27 22:10 - 00000000 ____D () C:\Users\Martin
2015-04-25 11:00 - 2014-05-27 18:29 - 00000000 ____D () C:\ProgramData\Skype
2015-04-23 17:38 - 2014-08-03 09:36 - 00000000 ____D () C:\ProgramData\StartW8
2015-04-18 12:11 - 2015-01-17 13:21 - 00000000 ____D () C:\Download
2015-04-18 11:32 - 2014-06-24 20:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc
2015-04-18 10:29 - 2014-06-21 21:08 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\BatteryCare
2015-04-17 21:13 - 2014-08-01 19:59 - 00002216 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 09:38 - 2014-08-03 15:20 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-08-03 15:20 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-08-03 15:20 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-12 19:32 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-11 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-10 10:24 - 2014-11-26 23:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-10 10:24 - 2014-11-26 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-10 10:24 - 2014-11-26 23:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-01 10:39 - 2014-11-26 23:32 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Avira
2015-04-01 10:39 - 2014-11-26 23:29 - 00000000 ____D () C:\ProgramData\Avira
==================== Files in the root of some directories =======
2014-05-27 16:29 - 2014-05-30 15:45 - 0004411 _____ () C:\Users\Martin\AppData\Roaming\AbsoluteReminder.xml
2014-07-28 22:35 - 2014-07-28 22:36 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2014-05-27 16:30 - 2014-06-03 12:53 - 0000466 _____ () C:\Users\Martin\AppData\Local\RegisteredPackageInformation.xml
2014-06-03 17:47 - 2014-06-03 17:47 - 0000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg
2014-11-26 22:49 - 2014-11-13 11:52 - 5402840 _____ (COMODO) C:\ProgramData\cis22DA.exe
2014-11-26 22:54 - 2014-11-13 11:52 - 5402840 _____ (COMODO) C:\ProgramData\cis2EC9.exe
2014-11-26 23:22 - 2014-11-26 23:22 - 0000000 _____ () C:\ProgramData\cis4FD4.exe
2014-11-26 23:22 - 2014-11-26 23:22 - 0000000 _____ () C:\ProgramData\cis5EE9.exe
2014-11-26 23:13 - 2014-11-26 22:54 - 5402840 _____ (COMODO) C:\ProgramData\cisD5E4.exe
2014-06-08 11:44 - 2014-11-16 17:27 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-11-26 23:15 - 2014-11-26 23:15 - 0000016 _____ () C:\ProgramData\mntemp
Files to move or delete:
====================
C:\ProgramData\cis22DA.exe
C:\ProgramData\cis2EC9.exe
C:\ProgramData\cis4FD4.exe
C:\ProgramData\cis5EE9.exe
C:\ProgramData\cisD5E4.exe
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avgnt.exe
C:\Users\Martin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-23 20:21
==================== End Of Log ============================
Re: RSIT log - prosím o preventivku
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Martin at 2015-04-27 19:55:33
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1300877549-1184033115-3997360293-500 - Administrator - Disabled)
Guest (S-1-5-21-1300877549-1184033115-3997360293-501 - Limited - Disabled)
Martin (S-1-5-21-1300877549-1184033115-3997360293-1001 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.12.3042.71515 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515 - Alcor Micro Corp.) Hidden
Appset Updater 1.1.101.0 (HKLM-x32\...\{DDD912CF-0BD4-11E3-997F-6036DDC13256}) (Version: 1.1.101.0 - Appset)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AuthenTec Fingerprint Driver (Version: 1.6.2.352 - AuthenTec) Hidden
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
BatteryCare 0.9.21 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.21 - Filipe Lourenço)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.151 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
eM Client (HKLM-x32\...\{6D1C3187-2820-44F9-B64F-83FD3DEE0201}) (Version: 6.0.22344.0 - eM Client Inc.)
Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 1.0 - Blue Labs, LLC)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.3 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
K-Lite Codec Pack 8.7.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.11 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Multimedia and Communications Core Runtime (HKLM\...\{033DC0E0-DA89-4C33-B66C-89B64D312CD1}_is1) (Version: 5.0.13.94 - Lenovo Corporation)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.19.209 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.4.0.5 - Lenovo Group Limited)
Lenovo Settings – Power (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 7.49.4 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.6 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.85 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.3.7 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Thunderbird 31.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 en-GB)) (Version: 31.0 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.30.00 - )
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PIT Projekt 2014 (HKLM-x32\...\{E8068C90-002F-469E-B65F-3CB6D141B145}}_is1) (Version: 3.0.12 - GP SOFT)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
StartW8 1.2.111.0 (HKLM-x32\...\{2FA895E0-C8CF-4216-90AB-C2E21A62BCB1}) (Version: 1.2.111.0 - SODATSW spol. s r. o.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.71 - Synaptics Incorporated)
Ulož.to File Manager version 1.2 (HKLM-x32\...\{3688960A-BB04-4F2C-9AB1-620F169446A9}_is1) (Version: 1.2 - Nodus Technologies s.r.o.)
Ulož.to File Manager version 1.6 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.6 - Nodus Technologies s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
Windows Driver Package - Intel Corporation (iaStorA) HDC (11/19/2012 11.7.0.1013) (HKLM\...\D1AAAA88A17BD0C40261ADD70E15166BF4D1C076) (Version: 11/19/2012 11.7.0.1013 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
25-03-2015 22:42:14 Zaplanowany punkt kontrolny
18-04-2015 16:42:56 Zaplanowany punkt kontrolny
18-04-2015 19:13:39 Installed eM Client
22-04-2015 20:55:21 Installed eM Client
26-04-2015 19:14:27 Installed eM Client
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {13FF65D2-2719-4541-A172-A318896988B4} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {1E6E0B87-368D-4E04-ACB1-068992270803} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18] (Adobe Systems Incorporated)
Task: {2098D2E8-5603-48B6-AC59-91DAE8D32E6A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {22E526F2-F562-474A-85F1-E1C8CC3C82A7} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {74871869-2EC8-421A-994B-EC4FC78A73D3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {76782B4B-A654-400C-8493-EDDE98485D49} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {8DA49190-463F-4090-9F7A-F1FCF6B6D269} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-29] (Synaptics Incorporated)
Task: {9E0A785C-F5A2-4690-8F1A-18BF5CD85B9A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {A295A643-CE79-4935-8DF8-0B0FFB373E27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {AE2C34FF-AAD7-4D65-ABFA-7A9E5FA60EEA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {B00A9150-C938-436F-B4C5-3E026A29D793} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {B032E29C-6CE0-4DB0-98FB-E9B707E657B5} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C5A87FBF-AFEF-43C9-8A69-C22BF291874A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {D213ABFD-DABE-41D6-8182-D4A56ED95D72} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {DC8203BB-FC66-4AB5-83EA-656DC23686EC} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2015-04-23] ()
Task: {E0760045-1473-43E2-8AC2-46C4D44E8777} - System32\Tasks\BatteryCareAuto => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2015-01-29] (Filipe Lourenço)
Task: {E3A0D5CA-5B67-4DAD-A5B3-4E6BD0AFFEE2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F80B140A-76C6-4E5B-9395-D7CB5CEE0994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {FB529594-E15D-4D55-B081-3EE0D911833C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-07-30] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) ==============
2013-05-28 16:55 - 2013-05-28 16:55 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-05-27 17:35 - 2015-01-16 08:49 - 00105472 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.dll
2014-12-27 10:10 - 2015-01-16 08:49 - 00109056 ____N () C:\Program Files (x86)\ThinkPad\Utilities\PL\PWMRT64V.dll
2014-11-04 10:57 - 2014-11-04 10:57 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2013-06-21 15:42 - 2015-01-09 16:40 - 00469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-06-21 15:42 - 2015-01-09 16:40 - 00013528 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-12-27 10:10 - 2015-01-16 08:49 - 00109056 ____N () C:\Program Files (x86)\ThinkPad\Utilities\PL\PWMRT64V.DLL
2014-06-21 21:08 - 2014-03-22 14:08 - 00252928 _____ () C:\Program Files (x86)\BatteryCare\OpenHardwareMonitorLib.dll
2014-05-27 17:22 - 2013-03-12 13:20 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\cisD5E4.exe:$CmdTcID
AlternateDataStreams: C:\Users\Martin\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "StartW8Button"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "S60 PC Suite Tray"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "Appset Update"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "MSIDLL"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "WeatherBug"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "S60 PC Suite Tray"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Appset Update"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MSIDLL"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "WeatherBug"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{4F69F16E-410B-4B76-8084-ABC674A322C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F3EE39A1-4D85-4F2D-A0CE-5A98453B3A21}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{77443FEE-E324-4E02-80FD-2051316D2C9D}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{4D2DC002-D045-47BE-9AF7-AC2403D5FD03}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{8B5E8BE8-3B6D-4C30-8E0B-B96154D7CCA1}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [{5FA49862-956E-4A5D-A022-1C78ED4F02B1}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{38677D67-3116-4FA6-B819-C42901E014E7}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{B88AC29C-83AD-445A-9B61-39946869F3B1}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{02E89663-5586-4B13-AB05-A562E81571C7}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7C567650-0AC4-40E8-A8EA-8DFA23E3389B}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C1E37F57-5812-4803-ADE7-9EEEC2CEF001}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{CA61A3B0-543D-436C-9BBA-F9AD8F3FBC2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2015 07:47:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji LenovoCorporation.LenovoSettings_4642shxvsv8s2!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji E046963F.LenovoCompanion_k1h2ywk1493x8!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 08:50:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
System errors:
=============
Error: (04/27/2015 07:47:53 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/27/2015 07:38:31 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/27/2015 07:38:31 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/27/2015 07:38:30 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:49 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:49 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:49 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:48 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: App.AppXy154r4gkram3rdpk3xrb0dt6gadqn6zm.mca
Error: (04/26/2015 09:48:48 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: App.AppX98wb6g77tn4g47pmhnngvex75z63bw5e.mca
Error: (04/26/2015 08:50:07 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Microsoft Office Sessions:
=========================
Error: (04/27/2015 07:47:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: LenovoCorporation.LenovoSettings_4642shxvsv8s2!App-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2144927141
Error: (04/26/2015 08:50:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
CodeIntegrity Errors:
===================================
Date: 2014-11-26 22:15:34.541
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-26 21:54:25.405
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-26 21:52:25.711
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-26 21:06:23.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-26 09:19:47.703
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-25 21:44:23.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 20:56:38.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-23 23:42:02.370
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-23 20:55:26.719
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-23 20:08:58.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 3982.22 MB
Available physical RAM: 2656.54 MB
Total Pagefile: 4686.22 MB
Available Pagefile: 2926.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:225.77 GB) (Free:141.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Data) (Fixed) (Total:224.67 GB) (Free:34.53 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Ran by Martin at 2015-04-27 19:55:33
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1300877549-1184033115-3997360293-500 - Administrator - Disabled)
Guest (S-1-5-21-1300877549-1184033115-3997360293-501 - Limited - Disabled)
Martin (S-1-5-21-1300877549-1184033115-3997360293-1001 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.12.3042.71515 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.12.3042.71515 - Alcor Micro Corp.) Hidden
Appset Updater 1.1.101.0 (HKLM-x32\...\{DDD912CF-0BD4-11E3-997F-6036DDC13256}) (Version: 1.1.101.0 - Appset)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AuthenTec Fingerprint Driver (Version: 1.6.2.352 - AuthenTec) Hidden
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
BatteryCare 0.9.21 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.21 - Filipe Lourenço)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.151 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
eM Client (HKLM-x32\...\{6D1C3187-2820-44F9-B64F-83FD3DEE0201}) (Version: 6.0.22344.0 - eM Client Inc.)
Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 1.0 - Blue Labs, LLC)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.3 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
K-Lite Codec Pack 8.7.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.11 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Multimedia and Communications Core Runtime (HKLM\...\{033DC0E0-DA89-4C33-B66C-89B64D312CD1}_is1) (Version: 5.0.13.94 - Lenovo Corporation)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.19.209 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.4.0.5 - Lenovo Group Limited)
Lenovo Settings – Power (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 7.49.4 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.6 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.85 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.3.7 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Thunderbird 31.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 en-GB)) (Version: 31.0 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.30.00 - )
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PIT Projekt 2014 (HKLM-x32\...\{E8068C90-002F-469E-B65F-3CB6D141B145}}_is1) (Version: 3.0.12 - GP SOFT)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
StartW8 1.2.111.0 (HKLM-x32\...\{2FA895E0-C8CF-4216-90AB-C2E21A62BCB1}) (Version: 1.2.111.0 - SODATSW spol. s r. o.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.71 - Synaptics Incorporated)
Ulož.to File Manager version 1.2 (HKLM-x32\...\{3688960A-BB04-4F2C-9AB1-620F169446A9}_is1) (Version: 1.2 - Nodus Technologies s.r.o.)
Ulož.to File Manager version 1.6 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.6 - Nodus Technologies s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
Windows Driver Package - Intel Corporation (iaStorA) HDC (11/19/2012 11.7.0.1013) (HKLM\...\D1AAAA88A17BD0C40261ADD70E15166BF4D1C076) (Version: 11/19/2012 11.7.0.1013 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
25-03-2015 22:42:14 Zaplanowany punkt kontrolny
18-04-2015 16:42:56 Zaplanowany punkt kontrolny
18-04-2015 19:13:39 Installed eM Client
22-04-2015 20:55:21 Installed eM Client
26-04-2015 19:14:27 Installed eM Client
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {13FF65D2-2719-4541-A172-A318896988B4} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {1E6E0B87-368D-4E04-ACB1-068992270803} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18] (Adobe Systems Incorporated)
Task: {2098D2E8-5603-48B6-AC59-91DAE8D32E6A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {22E526F2-F562-474A-85F1-E1C8CC3C82A7} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {74871869-2EC8-421A-994B-EC4FC78A73D3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {76782B4B-A654-400C-8493-EDDE98485D49} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {8DA49190-463F-4090-9F7A-F1FCF6B6D269} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-29] (Synaptics Incorporated)
Task: {9E0A785C-F5A2-4690-8F1A-18BF5CD85B9A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {A295A643-CE79-4935-8DF8-0B0FFB373E27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {AE2C34FF-AAD7-4D65-ABFA-7A9E5FA60EEA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {B00A9150-C938-436F-B4C5-3E026A29D793} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {B032E29C-6CE0-4DB0-98FB-E9B707E657B5} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C5A87FBF-AFEF-43C9-8A69-C22BF291874A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {D213ABFD-DABE-41D6-8182-D4A56ED95D72} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {DC8203BB-FC66-4AB5-83EA-656DC23686EC} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2015-04-23] ()
Task: {E0760045-1473-43E2-8AC2-46C4D44E8777} - System32\Tasks\BatteryCareAuto => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2015-01-29] (Filipe Lourenço)
Task: {E3A0D5CA-5B67-4DAD-A5B3-4E6BD0AFFEE2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F80B140A-76C6-4E5B-9395-D7CB5CEE0994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {FB529594-E15D-4D55-B081-3EE0D911833C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-07-30] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) ==============
2013-05-28 16:55 - 2013-05-28 16:55 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-05-27 17:35 - 2015-01-16 08:49 - 00105472 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.dll
2014-12-27 10:10 - 2015-01-16 08:49 - 00109056 ____N () C:\Program Files (x86)\ThinkPad\Utilities\PL\PWMRT64V.dll
2014-11-04 10:57 - 2014-11-04 10:57 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2013-06-21 15:42 - 2015-01-09 16:40 - 00469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-06-21 15:42 - 2015-01-09 16:40 - 00013528 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2014-12-27 10:10 - 2015-01-16 08:49 - 00109056 ____N () C:\Program Files (x86)\ThinkPad\Utilities\PL\PWMRT64V.DLL
2014-06-21 21:08 - 2014-03-22 14:08 - 00252928 _____ () C:\Program Files (x86)\BatteryCare\OpenHardwareMonitorLib.dll
2014-05-27 17:22 - 2013-03-12 13:20 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\cisD5E4.exe:$CmdTcID
AlternateDataStreams: C:\Users\Martin\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "StartW8Button"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "S60 PC Suite Tray"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "Appset Update"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "MSIDLL"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "WeatherBug"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "S60 PC Suite Tray"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Appset Update"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MSIDLL"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "WeatherBug"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{4F69F16E-410B-4B76-8084-ABC674A322C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F3EE39A1-4D85-4F2D-A0CE-5A98453B3A21}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{77443FEE-E324-4E02-80FD-2051316D2C9D}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{4D2DC002-D045-47BE-9AF7-AC2403D5FD03}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{8B5E8BE8-3B6D-4C30-8E0B-B96154D7CCA1}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [{5FA49862-956E-4A5D-A022-1C78ED4F02B1}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{38677D67-3116-4FA6-B819-C42901E014E7}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{B88AC29C-83AD-445A-9B61-39946869F3B1}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{02E89663-5586-4B13-AB05-A562E81571C7}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7C567650-0AC4-40E8-A8EA-8DFA23E3389B}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C1E37F57-5812-4803-ADE7-9EEEC2CEF001}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{CA61A3B0-543D-436C-9BBA-F9AD8F3FBC2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2015 07:47:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji LenovoCorporation.LenovoSettings_4642shxvsv8s2!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji E046963F.LenovoCompanion_k1h2ywk1493x8!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (04/26/2015 08:50:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
System errors:
=============
Error: (04/27/2015 07:47:53 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/27/2015 07:38:31 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/27/2015 07:38:31 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/27/2015 07:38:30 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:49 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:49 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:49 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (04/26/2015 09:48:48 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: App.AppXy154r4gkram3rdpk3xrb0dt6gadqn6zm.mca
Error: (04/26/2015 09:48:48 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: App.AppX98wb6g77tn4g47pmhnngvex75z63bw5e.mca
Error: (04/26/2015 08:50:07 PM) (Source: DCOM) (EventID: 10010) (User: MARTINRASZKA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Microsoft Office Sessions:
=========================
Error: (04/27/2015 07:47:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/27/2015 07:38:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: LenovoCorporation.LenovoSettings_4642shxvsv8s2!App-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (04/26/2015 09:48:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2144927141
Error: (04/26/2015 08:50:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARTINRASZKA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
CodeIntegrity Errors:
===================================
Date: 2014-11-26 22:15:34.541
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-26 21:54:25.405
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-26 21:52:25.711
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-26 21:06:23.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-26 09:19:47.703
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-25 21:44:23.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 20:56:38.461
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-23 23:42:02.370
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-23 20:55:26.719
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-23 20:08:58.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 3982.22 MB
Available physical RAM: 2656.54 MB
Total Pagefile: 4686.22 MB
Available Pagefile: 2926.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:225.77 GB) (Free:141.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Data) (Fixed) (Total:224.67 GB) (Free:34.53 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Re: RSIT log - prosím o preventivku
To sice nebylo uplne podle navodu...
Napiste mi velikost adresare plochy (C:\Users\Martin\Plocha)
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Napiste mi velikost adresare plochy (C:\Users\Martin\Plocha) Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
C:\Windows\System32\drivers\HipShieldK.sys
C:\Windows\system32\DRIVERS\mfencbdc.sys
C:\Windows\system32\DRIVERS\mfencrk.sys
Task: {B032E29C-6CE0-4DB0-98FB-E9B707E657B5} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {D213ABFD-DABE-41D6-8182-D4A56ED95D72} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: RSIT log - prosím o preventivku
Velikost C:\Users\Martin\Plocha : 4,20 MB
Re: RSIT log - prosím o preventivku
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-04-2015 01
Ran by Martin at 2015-04-28 21:15:38 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & (Available profiles: Martin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
C:\Windows\System32\drivers\HipShieldK.sys
C:\Windows\system32\DRIVERS\mfencbdc.sys
C:\Windows\system32\DRIVERS\mfencrk.sys
Task: {B032E29C-6CE0-4DB0-98FB-E9B707E657B5} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {D213ABFD-DABE-41D6-8182-D4A56ED95D72} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
"HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4726F2FD-48EF-44CA-9501-F2771B5F9B81}" => Key deleted successfully.
HKCR\CLSID\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => Key not found.
"HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4726F2FD-48EF-44CA-9501-F2771B5F9B81}" => Key deleted successfully.
HKCR\CLSID\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => Key not found.
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
HipShieldK => Service deleted successfully.
mfencbdc => Service deleted successfully.
mfencrk => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\System32\drivers\HipShieldK.sys => Moved successfully.
C:\Windows\system32\DRIVERS\mfencbdc.sys => Moved successfully.
C:\Windows\system32\DRIVERS\mfencrk.sys => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B032E29C-6CE0-4DB0-98FB-E9B707E657B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B032E29C-6CE0-4DB0-98FB-E9B707E657B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D213ABFD-DABE-41D6-8182-D4A56ED95D72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D213ABFD-DABE-41D6-8182-D4A56ED95D72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1006.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:16:52 ====
Ran by Martin at 2015-04-28 21:15:38 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & (Available profiles: Martin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01 116648]
C:\Windows\System32\drivers\HipShieldK.sys
C:\Windows\system32\DRIVERS\mfencbdc.sys
C:\Windows\system32\DRIVERS\mfencrk.sys
Task: {B032E29C-6CE0-4DB0-98FB-E9B707E657B5} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {D213ABFD-DABE-41D6-8182-D4A56ED95D72} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
"HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4726F2FD-48EF-44CA-9501-F2771B5F9B81}" => Key deleted successfully.
HKCR\CLSID\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => Key not found.
"HKU\S-1-5-21-1300877549-1184033115-3997360293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4726F2FD-48EF-44CA-9501-F2771B5F9B81}" => Key deleted successfully.
HKCR\CLSID\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => Key not found.
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
HipShieldK => Service deleted successfully.
mfencbdc => Service deleted successfully.
mfencrk => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\System32\drivers\HipShieldK.sys => Moved successfully.
C:\Windows\system32\DRIVERS\mfencbdc.sys => Moved successfully.
C:\Windows\system32\DRIVERS\mfencrk.sys => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B032E29C-6CE0-4DB0-98FB-E9B707E657B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B032E29C-6CE0-4DB0-98FB-E9B707E657B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D213ABFD-DABE-41D6-8182-D4A56ED95D72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D213ABFD-DABE-41D6-8182-D4A56ED95D72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1006.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:16:52 ====
Re: RSIT log - prosím o preventivku
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: RSIT log - prosím o preventivku
Vypadá to, že je vše v pořádku. Díky, pokud to je vše .
.
Přispějete na provoz fóra?