Zpomalené aplikace

[Erža]

Dobrý den,
prosím o kontrolu logu. Z ničeho nic se mi zpomalily jednoduché aplikace, jako např. Ccleaner, HijackThis, apod.
Kromě toho se mi dnes začal notebook sám od sebe vypínat :-/
-------------------------------------------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Schimansky12 at 2015-09-17 08:31:53
Microsoft Windows 8.1
System drive C: has 616 GB (66%) free of 936 GB
Total RAM: 3987 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:31:56, on 17. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Schimansky12.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={D60193A1 ... 2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [AcerPortal] "C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
O23 - Service: lxdn_device - Unknown owner - C:\Windows\system32\lxdncoms.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\siteadvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.1.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 12583 bytes

======Listing Processes======




c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-6e74-a02547202d77 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 85055538672
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
dashost.exe {9ec2353b-1a5a-4356-a2be1971fc9d323d}
C:\Windows\system32\lxdncoms.exe -service
c:\PROGRA~2\mcafee\siteadvisor\McSACore.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" startup
"C:/Users/Schimansky12/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
ctfmon.exe
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe"
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --uncaught-exception-stack-size=1024 --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="5672.1.1225182274\1570497877" /prefetch:673131151
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Quick Access\RMSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Schimansky12\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-3751293310-3690691840-2036008392-1001 -c 396 -s 3700 -g "C:\ProgramData\acer\CCD"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4316.0.711431771\1646590924" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4316.2.1194278728\519124092" --font-cache-shared-handle=2208 /prefetch:673131151
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ < \\.\pipe\chrome.nativeMessaging.in.133033bb4f9ebac6 > \\.\pipe\chrome.nativeMessaging.out.133033bb4f9ebac6
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4316.3.1711692308\1559660136" --font-cache-shared-handle=3768 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4316.6.467336431\180245055" --font-cache-shared-handle=4636 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4316.7.177138814\1615259857" --font-cache-shared-handle=5780 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4316.9.705634354\674714239" --font-cache-shared-handle=6076 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="4316.12.436823055\1408147084" --font-cache-shared-handle=3100 /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe

taskhost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

"C:\Users\Schimansky12\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-24 2476432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12 2340472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-24 2426256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12 1733240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-02 2199840]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Schimansky12\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2014-08-30 6403912]
"Akamai NetSession Interface"=C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"AcerPortal"=C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-08-13 2665984]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-07-31 3780520]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2015-08-24 3175312]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2015-07-27 91488]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-09-17 08:26:20 ----D---- C:\rsit
2015-09-17 08:26:20 ----D---- C:\Program Files\trend micro
2015-09-10 16:46:39 ----A---- C:\Windows\system32\msxml6.dll
2015-09-10 16:46:38 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-10 16:46:38 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-10 16:46:38 ----A---- C:\Windows\system32\msxml3.dll
2015-09-10 16:46:36 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-10 16:46:36 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-10 16:46:35 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-10 16:46:35 ----A---- C:\Windows\system32\tdh.dll
2015-09-10 16:46:34 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-09-10 16:46:34 ----A---- C:\Windows\system32\gdi32.dll
2015-09-10 16:46:34 ----A---- C:\Windows\system32\consent.exe
2015-09-10 16:46:30 ----A---- C:\Windows\system32\SettingsHandlers.dll
2015-09-10 16:46:28 ----A---- C:\Windows\system32\profsvc.dll
2015-09-10 16:46:26 ----A---- C:\Windows\system32\drivers\bthpan.sys
2015-09-09 14:53:24 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 14:53:23 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 14:53:23 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 14:53:23 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 14:53:23 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 14:53:23 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 14:53:23 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 14:53:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 14:53:22 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 14:53:22 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 14:53:22 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 14:53:22 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 14:52:41 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 14:52:41 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 14:52:34 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 14:52:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 14:52:27 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 14:52:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 14:52:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 14:52:23 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 14:52:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 14:52:22 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 14:52:22 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 14:52:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 14:52:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 14:52:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 14:52:21 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 14:52:21 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 14:52:21 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 14:52:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 14:52:20 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 14:52:20 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 14:52:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 14:52:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 14:52:18 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-09-09 14:52:18 ----A---- C:\Windows\system32\webcheck.dll
2015-09-09 14:52:18 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 14:52:17 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-09-09 14:52:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 14:52:17 ----A---- C:\Windows\system32\inetcomm.dll
2015-09-09 14:52:17 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 14:51:48 ----A---- C:\Windows\system32\taskeng.exe
2015-09-09 14:51:48 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 14:51:47 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2015-09-09 14:51:47 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2015-09-09 14:51:47 ----A---- C:\Windows\system32\schtasks.exe
2015-09-09 14:51:45 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 14:51:45 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 14:51:45 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 14:51:45 ----A---- C:\Windows\system32\SettingSync.dll
2015-09-09 14:51:45 ----A---- C:\Windows\system32\authui.dll
2015-09-09 14:51:44 ----A---- C:\Windows\SYSWOW64\shacct.dll
2015-09-09 14:51:44 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2015-09-09 14:51:44 ----A---- C:\Windows\system32\shacct.dll
2015-09-09 14:51:43 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 14:51:43 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 14:51:43 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 14:51:43 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 14:51:42 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 14:51:42 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 14:51:42 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 14:51:42 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 14:51:35 ----A---- C:\Windows\system32\tzsync.exe
2015-09-06 02:59:13 ----D---- C:\Windows\Minidump

======List of files/folders modified in the last 1 month======

2015-09-17 08:31:26 ----D---- C:\Windows\Prefetch
2015-09-17 08:30:26 ----D---- C:\Windows\Temp
2015-09-17 08:26:20 ----RD---- C:\Program Files
2015-09-17 08:15:50 ----D---- C:\Windows\debug
2015-09-17 08:15:50 ----D---- C:\Windows
2015-09-17 08:06:23 ----SHD---- C:\Windows\Installer
2015-09-17 08:06:22 ----SHD---- C:\Config.Msi
2015-09-16 22:00:01 ----D---- C:\Windows\system32\sru
2015-09-16 21:54:19 ----D---- C:\ProgramData\MFAData
2015-09-16 10:43:08 ----D---- C:\Windows\Inf
2015-09-16 09:49:04 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-16 08:49:27 ----D---- C:\Windows\Microsoft.NET
2015-09-16 08:49:13 ----RSD---- C:\Windows\assembly
2015-09-16 08:20:01 ----D---- C:\Program Files\Microsoft Office 15
2015-09-16 08:06:13 ----D---- C:\Windows\system32\config
2015-09-15 20:40:02 ----RD---- C:\Program Files (x86)
2015-09-15 20:39:54 ----D---- C:\Windows\Tasks
2015-09-15 11:32:44 ----RD---- C:\Windows\System32
2015-09-15 11:32:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-13 15:27:26 ----D---- C:\Windows\rescache
2015-09-13 15:23:41 ----SHD---- C:\System Volume Information
2015-09-12 12:18:30 ----D---- C:\Windows\AppReadiness
2015-09-11 15:21:59 ----D---- C:\Windows\WinSxS
2015-09-11 15:18:44 ----D---- C:\Windows\SysWOW64
2015-09-11 15:18:44 ----D---- C:\Windows\system32\DriverStore
2015-09-11 15:18:44 ----D---- C:\Windows\system32\drivers
2015-09-10 21:33:46 ----D---- C:\Windows\CbsTemp
2015-09-10 21:31:16 ----D---- C:\Windows\system32\MRT
2015-09-09 22:40:44 ----D---- C:\Windows\system32\en-US
2015-09-09 22:40:44 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 22:40:43 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 22:40:43 ----D---- C:\Program Files\Windows Journal
2015-09-09 22:40:43 ----D---- C:\Program Files\Internet Explorer
2015-09-09 22:40:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 17:01:20 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 17:01:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 14:49:23 ----D---- C:\Windows\system32\catroot2
2015-09-08 16:43:01 ----HD---- C:\ProgramData
2015-09-08 16:43:01 ----D---- C:\Windows\system32\Tasks
2015-09-06 02:59:27 ----D---- C:\Program Files (x86)\McAfee
2015-08-30 11:35:03 ----D---- C:\Program Files (x86)\Common Files
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-24 22:15:47 ----D---- C:\Users\Schimansky12\AppData\Roaming\vlc
2015-08-24 20:25:14 ----D---- C:\Program Files\AVG Web TuneUp
2015-08-24 20:25:09 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-08-18 22:43:15 ----HD---- C:\Program Files\WindowsApps

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-05-12 253408]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-07-28 245680]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-07-28 312752]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-06-16 259040]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2015-07-10 296896]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 bcbtums;@oem19.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-14 170712]
R3 BCM43XX;@oem21.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2014-02-25 7549616]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btwampfl;@oem19.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-02-03 166616]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-28 3949656]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 LMDriver;@oem22.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-10 100312]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2015-09-02 37960]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-04-09 12697032]
R3 RadioShim;@oem22.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 RTL8168;@oem9.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-28 854744]
R3 RTSPER;@oem13.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-04-02 476888]
R3 SynRMIHID;@oem12.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwaudio;@oem15.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-02-03 190168]
S3 btwavdt;@oem17.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2013-12-11 230104]
S3 btwl2cap;@oem18.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
S3 btwrchid;btwrchid; C:\Windows\System32\drivers\btwrchid.sys [2013-12-11 38616]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WDC_SAM;@oem30.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-04-30 23200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-07-31 3633576]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-07-31 335656]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-02-19 980184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2015-07-23 2858336]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-08-11 2768472]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-10-30 254016]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-21 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 lxdn_device;lxdn_device; C:\Windows\system32\lxdncoms.exe [2007-11-28 1039872]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\McSACore.exe [2015-09-02 157928]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1617352]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-04-08 925128]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 vToolbarUpdater40.1.6;vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [2015-08-24 1874320]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2014-06-26 449768]
R3 UEIPSvc;User Experience Improvement Program; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [2014-06-24 233216]
S2 BcmBtRSupport;@oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-14 2251992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2009-04-28 29184]
S3 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-21 279024]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-02-12 150600]

-----------------EOF-----------------

[altrok]

Zdravim

• Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
• archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Erža]

Kvůli přehlednosti to rozdělím na 3 odpovědi

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2015/09/17 12:33:09

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series SATA AHCI Controller - 8C03 [ATA]
- MATSHITA DVD-RAM UJ8HC
- WDC WD10JPVX-22JC3T0
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0
----------------------------------------------------------------------------
Model : WDC WD10JPVX-22JC3T0
Firmware : 01.01A01
Serial Number : WD-WX31A74J3ZTH
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1439 hod.
Power On Count : 702 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 183 180 _21 000000000729 Čas na roztočení ploten
04 _99 _99 __0 0000000006FE Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _99 _99 __0 00000000059F Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 0000000002BE Počet cyklů zapnutí zařízení
BF _93 _93 __0 000000000007 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000009 Počet vypnutí disku
C1 199 199 __0 0000000014F5 Počet cyklů načítání/vymazání
C2 114 _96 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3331 4137 344A 335A 5448
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 5658 2D32 324A 4333 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 0048
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 407F 0060
090: 0060 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 04D1 3482 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 2AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B7 B4 29 07 00 00 00 00 00 04 32 00 63 63 FE
020: 06 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 63 63 9F 05 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 BE 02 00 00 00 00 00 BF 32
070: 00 5D 5D 07 00 00 00 00 00 00 C0 32 00 C8 C8 09
080: 00 00 00 00 00 00 C1 32 00 C7 C7 F5 14 00 00 00
090: 00 00 C2 22 00 72 60 21 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 46 01 7B
170: 03 00 01 00 02 CA 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C2

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE

[Erža]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Schimansky12 (administrator) on ERZA-PC (17-09-2015 12:42:38)
Running from C:\Users\Schimansky12\Desktop
Loaded Profiles: Schimansky12 (Available Profiles: Schimansky12)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
( ) C:\Windows\System32\lxdncoms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Schimansky12\Desktop\FRSTLauncher (3).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-24] ()
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2665984 2015-08-13] (Acer)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-07-27] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 158.196.149.9 158.196.162.8
Tcpip\..\Interfaces\{8F663C73-0024-4F37-9D83-EC9EE20AACF2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD1B489B-823E-4F1E-906F-D96452103C06}: [DhcpNameServer] 158.196.149.9 158.196.162.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> DefaultScope {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-24] (AVG)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-24] (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll [2014-12-10] (AVG Secure Search)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-06] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

Chrome:
=======
CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Dokumenty Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Disk Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (AVG Secure Search) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (SiteAdvisor) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-30] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S2 lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\siteadvisor\mcsacore.exe [157928 2015-09-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-24] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-24] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-02] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-04-02] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-17 12:42 - 2015-09-17 12:43 - 00024856 _____ C:\Users\Schimansky12\Desktop\FRST.txt
2015-09-17 12:42 - 2015-09-17 12:42 - 00029696 _____ C:\Users\Schimansky12\AppData\Local\MSGBOX.EXE
2015-09-17 12:42 - 2015-09-17 12:42 - 00015327 _____ C:\Users\Schimansky12\Desktop\LM.bat
2015-09-17 12:42 - 2015-09-17 12:42 - 00000000 ____D C:\FRST
2015-09-17 12:40 - 2015-09-17 12:40 - 00112640 _____ (forum.viry.cz) C:\Users\Schimansky12\Desktop\FRSTLauncher (3).exe
2015-09-17 12:39 - 2015-09-17 12:39 - 00112640 _____ (forum.viry.cz) C:\Users\Schimansky12\Downloads\Nepotvrzeno 567420.crdownload
2015-09-17 12:37 - 2015-09-17 12:37 - 02191360 _____ (Farbar) C:\Users\Schimansky12\Desktop\FRST64.exe
2015-09-17 12:36 - 2015-09-17 12:36 - 00112640 _____ (forum.viry.cz) C:\Users\Schimansky12\Downloads\Nepotvrzeno 337624.crdownload
2015-09-17 12:36 - 2015-09-17 12:36 - 00112640 _____ (forum.viry.cz) C:\Users\Schimansky12\Downloads\Nepotvrzeno 289169.crdownload
2015-09-17 12:32 - 2015-09-17 12:34 - 00000290 _____ C:\Users\Schimansky12\Downloads\DiskInfo.ini
2015-09-17 12:32 - 2015-09-17 12:32 - 02817875 _____ C:\Users\Schimansky12\Downloads\CrystalDiskInfo6_2_2.zip
2015-09-17 12:32 - 2015-09-17 12:32 - 00000000 ____D C:\Users\Schimansky12\Downloads\Smart
2015-09-17 12:32 - 2014-12-05 23:41 - 02385016 _____ (Crystal Dew World) C:\Users\Schimansky12\Downloads\DiskInfo.exe
2015-09-17 12:32 - 2014-12-05 11:23 - 00000000 ____D C:\Users\Schimansky12\Downloads\CdiResource
2015-09-17 12:32 - 2014-01-27 22:18 - 00000000 ____D C:\Users\Schimansky12\Downloads\License
2015-09-17 12:30 - 2015-09-17 12:30 - 00000000 ____D C:\Users\Schimansky12\Desktop\POS III
2015-09-17 09:22 - 2015-09-17 09:30 - 00000000 ____D C:\Users\Schimansky12\Desktop\Čomar
2015-09-17 09:20 - 2015-09-17 09:20 - 00000000 ____D C:\Users\Schimansky12\Desktop\hynooo pro hits
2015-09-17 09:19 - 2015-09-17 09:19 - 00001578 _____ C:\Windows\setupact.log
2015-09-17 09:19 - 2015-09-17 09:19 - 00000000 _____ C:\Windows\setuperr.log
2015-09-17 09:10 - 2015-09-17 09:32 - 1733472951 _____ (Autodesk, Inc.) C:\Users\Schimansky12\Downloads\AutoCAD_2015_Czech_Win_64bit_R1_dlm.sfx.exe
2015-09-17 09:07 - 2015-09-17 09:07 - 00000000 ____D C:\ProgramData\Applications
2015-09-17 09:06 - 2015-09-17 09:06 - 10690456 _____ (Autodesk, Inc.) C:\Users\Schimansky12\Downloads\AutodeskDownloadManagerSetup.exe
2015-09-17 08:26 - 2015-09-17 08:31 - 00000000 ____D C:\Program Files\trend micro
2015-09-17 08:26 - 2015-09-17 08:27 - 00000000 ____D C:\rsit
2015-09-17 08:26 - 2015-09-17 08:26 - 01222144 _____ C:\Users\Schimansky12\Downloads\RSITx64.exe
2015-09-17 08:17 - 2015-09-17 08:17 - 00096916 _____ C:\Users\Schimansky12\Desktop\cc_20150917_081746.reg
2015-09-15 13:50 - 2015-09-15 13:51 - 01996594 _____ C:\Users\Schimansky12\Downloads\GroupCalendar_5.4.4.zip
2015-09-11 15:36 - 2015-09-11 15:38 - 28002137 _____ C:\Users\Schimansky12\Downloads\zasilka-GAHK8V978F5GLD2B.zip
2015-09-10 16:46 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 16:46 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 16:46 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 16:46 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 16:46 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 16:46 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 16:46 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 16:46 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 16:46 - 2015-07-13 21:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-10 16:46 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-10 16:46 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-10 16:46 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 16:46 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-10 16:46 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 16:46 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-09 14:53 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 14:53 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 14:53 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 14:53 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 14:53 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 14:53 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 14:53 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 14:53 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 14:53 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 14:53 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 14:53 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 14:53 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 14:52 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 14:52 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 14:52 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 14:52 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 14:52 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 14:52 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 14:52 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 14:52 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 14:52 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 14:52 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 14:52 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 14:52 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 14:52 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 14:52 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 14:52 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 14:52 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 14:52 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 14:52 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 14:52 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 14:52 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 14:52 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 14:52 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 14:52 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 14:52 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 14:52 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 14:52 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 14:52 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 14:52 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 14:52 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 14:52 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 14:52 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 14:51 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 14:51 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 14:51 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 14:51 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 14:51 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 14:51 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 14:51 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 14:51 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 14:51 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 14:51 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 14:51 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 14:51 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 14:51 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 14:51 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 14:51 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 14:51 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 14:51 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 14:51 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 14:51 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 14:51 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 14:51 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 14:51 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-06 02:59 - 2015-09-17 08:15 - 00000000 ____D C:\Windows\Minidump
2015-08-30 12:14 - 2015-08-30 12:14 - 00000981 _____ C:\Users\Schimansky12\Desktop\Wow – zástupce (3).lnk
2015-08-24 22:19 - 2015-08-24 22:19 - 18665226 _____ C:\Users\Schimansky12\Downloads\23.8.2015.rar
2015-08-19 11:53 - 2015-08-19 11:53 - 00297904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2015-08-19 11:52 - 2015-08-19 11:52 - 00313264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-08-18 12:53 - 2015-08-18 12:53 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-17 12:44 - 2014-10-28 18:47 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-17 12:37 - 2015-05-18 10:41 - 01186405 _____ C:\Windows\WindowsUpdate.log
2015-09-17 12:37 - 2014-10-24 17:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751293310-3690691840-2036008392-1001
2015-09-17 12:34 - 2014-11-25 18:57 - 00000000 ____D C:\ProgramData\MFAData
2015-09-17 12:33 - 2015-08-04 12:10 - 00000997 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-09-17 12:33 - 2014-11-25 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-17 12:27 - 2014-10-28 18:47 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-17 12:27 - 2014-10-24 18:11 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Akamai
2015-09-17 12:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-17 09:33 - 2014-10-25 08:10 - 00000000 ____D C:\Users\Schimansky12
2015-09-17 09:22 - 2014-08-23 03:18 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-09-17 09:22 - 2014-08-23 03:18 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-09-17 09:22 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-17 09:09 - 2014-10-24 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-09-17 09:08 - 2015-04-14 09:56 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Autodesk
2015-09-17 08:15 - 2014-10-24 17:23 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\CrashDumps
2015-09-17 08:10 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-17 08:07 - 2014-10-24 17:22 - 00003994 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FA10D3F0-6C03-4954-A717-8AF77FFC5C78}
2015-09-16 08:20 - 2015-02-17 22:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-15 20:39 - 2014-10-28 18:47 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 20:39 - 2014-10-28 18:47 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 15:36 - 2014-10-25 08:12 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\clear.fi
2015-09-15 08:43 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-13 15:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-12 19:15 - 2014-12-04 11:45 - 00000000 ____D C:\Users\Schimansky12\Desktop\Movies
2015-09-12 19:10 - 2014-10-24 18:08 - 00000000 ____D C:\Users\Schimansky12\Desktop\Photos
2015-09-12 12:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-12 12:17 - 2014-10-28 18:47 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Google
2015-09-10 21:33 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-10 21:31 - 2014-10-30 16:12 - 00000000 ____D C:\Windows\system32\MRT
2015-09-10 15:24 - 2013-08-22 16:44 - 00566296 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 22:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-09 22:40 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-06 02:59 - 2014-07-14 19:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-02 20:44 - 2014-10-28 18:49 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-26 18:37 - 2014-10-30 16:12 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-24 22:15 - 2015-03-12 19:33 - 00000000 ____D C:\Users\Schimansky12\AppData\Roaming\vlc
2015-08-24 20:25 - 2014-11-26 20:21 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-08-24 20:25 - 2014-11-26 20:21 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-18 12:53 - 2014-08-23 03:14 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer

==================== Files in the root of some directories =======

2015-09-17 12:42 - 2015-09-17 12:42 - 0029696 _____ () C:\Users\Schimansky12\AppData\Local\MSGBOX.EXE
2014-08-23 03:04 - 2014-08-23 03:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Schimansky12\AppData\Local\Temp\DLMGuardian.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-13 14:53

==================== End of FRST.txt ============================

[Erža]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Schimansky12 (2015-09-17 12:44:49)
Running from C:\Users\Schimansky12\Desktop
Windows 8.1 (X64) (2014-10-25 06:10:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3751293310-3690691840-2036008392-500 - Administrator - Disabled)
Guest (S-1-5-21-3751293310-3690691840-2036008392-501 - Limited - Enabled)
Schimansky12 (S-1-5-21-3751293310-3690691840-2036008392-1001 - Administrator - Enabled) => C:\Users\Schimansky12

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.04.2004.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3008 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Area 2014 EDU (HKLM-x32\...\{0AC9E764-4DD9-464F-9B9B-9D29349E4612}) (Version: 2014.0.0.0 - Svoboda Software (svoboda.zbynek@quick.cz, mobile +420 606 227 420))
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{EC92633C-8F08-470A-BCDF-3FE5FD778C8D}) (Version: 4.0.14.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4419 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.6.294 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Pokki) (Version: 0.269.3.181 - Pokki)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.152 - McAfee, Inc.)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4753.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Pokki_Start_Menu) (Version: 0.269.3.181 - )
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Quake III Arena Point Release 1.32 (HKLM-x32\...\Quake III Arena Point Release 1.32) (Version: - )
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.01 - Ubisoft)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamSpeak 3 Client (HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Teplo 2014 EDU (HKLM-x32\...\{7FE859B7-4D7F-4FAE-B7CC-2F2870D582DC}) (Version: 2014.5.0.0 - Svoboda Software (svoboda.zbynek@quick.cz, mobile (+420) 606 227 420))
The Elder Scrolls V Skyrim LE (HKLM-x32\...\The Elder Scrolls V Skyrim LE_is1) (Version: - )
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Total War Rome II CZ version 1.0.0. (HKLM-x32\...\{C2872E18-8799-44A3-B6BD-AC535F1982A6}_is1) (Version: 1.0.0. - )
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Programs\DWG viewerr\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Programs\DWG viewerr\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

27-08-2015 18:32:25 Naplánovaný kontrolní bod
04-09-2015 15:04:40 Naplánovaný kontrolní bod
09-09-2015 17:00:26 Windows Update
17-09-2015 09:07:14 Installed Autodesk Download Manager

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {092C2AF8-8EE1-4FF2-B706-B060FF6EB2E0} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {178DADFA-0760-47FD-9083-7C0F1A453BEA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-12] (Microsoft Corporation)
Task: {1F84E435-EBB1-4C5F-B007-E4C5ADFA4A4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3216B9F1-ABFE-4667-A8F8-7C5DC53FBF3C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {34217039-5D13-43BB-84CE-DAF971C6969D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {40E175A0-E1BC-4202-8D04-8E516320BA10} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {445DFBA3-97EB-4061-8861-7FA8F373B191} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {516E789C-DE9A-465C-AF6C-28D02C7E2416} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {559469D0-39B5-49D6-AF08-FC715D635050} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {55EFEC12-7A6B-4F8C-9A84-F3817E85D46E} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {5BD8C093-8C2E-4117-B720-76139AC86FD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {5E36746C-BE75-42C6-8AF1-3587257A136D} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {7594D218-4D55-4A16-965B-3E4946A394FE} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {9C33D6E4-4723-4F65-BE63-789C2611B752} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {A9660C47-946B-456C-B1A0-A942AE391B8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {AE014423-4C81-47CB-A2B7-D8835168CED1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CFDD4056-62B2-419C-8AB5-8052FA76FD79} - System32\Tasks\AutoPico Daily Restart => C:\Programs\Office 2013\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {E1ECE884-A7F5-43F0-9BDE-90326C34F833} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {E5E3163E-B74E-477C-A7D4-58CB0781F0A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {FC361B1A-77F9-4C92-85DB-B7C176FEC701} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {FD12F0B7-2038-4FCD-9508-15A8B092A0D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {FD9C4D37-7EF7-47F0-9B3C-9805EF87396E} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-08-13] (Acer)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-11 12:04 - 2015-08-24 20:25 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2014-11-20 16:08 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-11-20 16:08 - 2012-09-18 16:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-11-18 20:57 - 2009-08-13 13:06 - 00177152 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2014-02-19 05:02 - 2014-02-19 05:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2015-02-17 22:08 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-23 03:20 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-24 20:25 - 2015-08-24 20:25 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
2014-08-23 02:59 - 2014-04-08 23:06 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-23 03:28 - 2014-07-01 06:26 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-11-26 20:21 - 2015-08-24 20:25 - 03175312 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-07-27 17:46 - 2015-07-27 17:46 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-07-27 17:46 - 2015-07-27 17:46 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-05-26 10:24 - 2014-03-07 18:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-11-22 02:03 - 2014-11-22 02:03 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-08-24 20:25 - 2015-08-24 20:25 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\log4cplusU.dll
2015-08-13 20:48 - 2015-08-13 20:48 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-08-13 20:48 - 2015-08-13 20:48 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2014-11-26 20:21 - 2015-08-24 20:25 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
2015-07-27 17:47 - 2015-07-27 17:47 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-07-30 12:24 - 2015-07-30 12:24 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 16:08 - 2015-07-23 16:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-07-23 15:56 - 2015-07-23 15:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-08-23 03:28 - 2014-07-01 06:26 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-09-02 20:44 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-02 20:44 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-02 20:44 - 2015-08-28 02:17 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Schimansky12\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 158.196.149.9 - 158.196.162.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\StartupApproved\Run: => "Pokki"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{51DCF985-88E8-49EB-8CE8-D8080ABD1D89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{936FF5D3-193C-4BD3-83BA-646107724096}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1B12D107-6775-4C8B-8A7C-95B61B795A36}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7BEF6F96-9B27-4925-A56B-7FB500479C07}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{A7C62839-D7CD-4ABB-9E75-863D8F102468}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E5C0D4B9-9E6B-4799-8048-CC94D3DCDE18}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7FC79242-A07F-4764-8909-DE4D139E4B62}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{FFA44017-B5B2-4100-9714-F275917A71BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{4C2AAAEE-0908-4BDB-93E7-8B9CD994155A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1ACDFD86-168C-4971-9ECE-AF8F0990C485}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2D875B05-5978-4AF6-8D81-94ED10A335D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2031C7A1-D9E5-4473-963A-4E1454FB3D74}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D46CA558-7DE4-4AC7-ABAE-73005A154916}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1E6A534C-A4AE-4A12-B2AE-67ACF27EC254}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EC6CA0EE-539F-49B7-8BC2-0E8142DC3CBA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E1FEADEB-0639-40AC-B486-3AE0EC885D5F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DD763006-2BB9-431E-A0F5-891C31C1A230}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{09B6169C-CA71-4EA9-9D39-BF5ACEDD4BBE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0527FECC-9F79-4F4B-B9F8-A0EB109BCD29}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9DFA0EAB-C854-45BF-B179-0B46C2974830}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2051FF12-B1C3-4C58-A2D3-3E00625086E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2B0111AB-5468-42A6-BDC9-42B6DEF66632}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F16BFFD6-CEC8-43D5-8E76-40AFA2EF980A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{86FF0495-20F1-428A-B9F0-A7C2DBBB1E7D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{14109C78-4986-4B9A-B32F-FC80EC7031A6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{72690A4D-905D-45EB-84FA-EE42E80C9C7F}] => (Allow) LPort=54744
FirewallRules: [{15981030-2E58-4126-8365-256F233692B5}] => (Allow) LPort=5000
FirewallRules: [{72951C0C-0FFE-450B-BFB8-3E4BDA08FEA6}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{3DA601A9-CA2F-47CB-8A2B-BA0FC56652E2}C:\users\schimansky12\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\schimansky12\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8761E80D-4F6D-4180-94C1-A13F2878685A}C:\users\schimansky12\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\schimansky12\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C3973E65-4C6E-43CE-92F4-4CA099123FC6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{6632DB2D-FCE1-450B-9690-F53C0123E6BA}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{97D0294A-1072-4620-82B6-039CE1267E76}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{13D68ABA-35C7-45B0-B0E1-133DFDFCF9CB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{36C9BE49-B5A6-4683-BB4B-73DC3B063985}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{119C68CE-6F7A-42F4-88D1-E86D18B9B8BB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F5FDA00C-7E77-4056-B94C-37A89D1CDF0D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{994E5DEF-E283-4DEC-A9A7-F9C1C1BF09B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C8E23240-ED40-4C84-90B0-E520961A233F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0926B217-EEC0-4E7E-8495-BD0650E42E20}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1CFE14D8-61CF-4E0D-AB69-571A88AF4BFA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0F922765-23EC-4BE3-B1EE-9C385C27D040}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E20A6A81-8A45-4E5D-A431-6CA6CF98274C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{06D2BA12-9196-4A79-99B7-4226157A186C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{81B5BCC0-FCC1-4DE2-B25D-879F4336DB85}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4FAB4A61-1C55-48B8-9FC5-55D437E23E13}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2BCDD306-D401-44D8-A0AA-5B15D2E9F86D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C0877A4A-12C3-4417-8110-BE6D8C90F4D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{006A443C-EC30-48C0-BDAE-DFE422478AF2}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{BB3C769C-8ED6-4D2F-B100-C8EB4BED7CB5}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{611953F8-D05C-4504-8F8E-0FBAF53132E0}] => (Allow) C:\Windows\system32\lxdncoms.exe
FirewallRules: [{8F18CAEB-5427-4B4C-A6EA-52497C5B6CAB}] => (Allow) C:\Windows\system32\spool\DRIVERS\x64\3\lxdnpswx.exe
FirewallRules: [{86AA06A8-21A9-432A-A07A-E60DE6ED7141}] => (Allow) C:\Windows\system32\spool\DRIVERS\x64\3\lxdntime.exe
FirewallRules: [TCP Query User{3A5C4F4A-0E37-4CEB-9A96-C3F4F813DDF4}C:\users\schimansky12\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\schimansky12\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{032CF5D6-BD49-4737-9A73-CD2E08EAEF9A}C:\users\schimansky12\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\schimansky12\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D00EA447-FB69-42DF-8A03-034A22F00C1E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{47A8D22B-A895-4E2E-B204-FA788DCD0E92}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A4B9FC21-DF4B-48FA-AE6C-686089B15C6D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{12191720-DE1B-4127-86AA-995A69D5D3E1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3580F3CB-6F6F-4C31-93B1-B9B393DEA4B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FA1BA46A-E819-411F-9D58-186CBED45144}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C564CD51-0867-4F05-9774-94E29152788C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{507B793E-449D-4AFF-AF25-340DC5601D83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3168AC68-6C08-47B8-9C6E-9BB4C7478FAB}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{6EE9997B-4643-42F8-9A99-41F7F288BB88}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{012EA665-B2AF-49A0-8B9D-EA0F5CF90E24}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{5F3486C6-F27C-48D6-AB17-168ED0635671}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{A3F17E5C-01D3-4946-B691-72B1A501B81A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FAF24F25-720C-42EF-AF6B-EA4713E5524D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{12E7DD13-33BB-45AB-AF83-A66EEAD47803}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7A91E345-B70D-472E-9277-BD4490CA8FEB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{1EF454AF-1432-4B0F-B157-A76682F3AD80}C:\games\cs1.6\hl.exe] => (Block) C:\games\cs1.6\hl.exe
FirewallRules: [UDP Query User{8D9D0072-F6A7-4305-B976-084E18A9438F}C:\games\cs1.6\hl.exe] => (Block) C:\games\cs1.6\hl.exe
FirewallRules: [{57C1CAF0-58C8-4695-99DA-0C9468FB88C6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EAEB4178-D4AF-49C4-AC42-86E33A73B5B2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{144E4821-20F5-49DA-AEB4-B8008B09830B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{027E0818-21CC-42FD-9E04-07D570798DAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5F3BBF7A-6E24-4F20-A73D-84B7C4DDA365}] => (Allow) C:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{62727207-E1B1-463C-B2D4-59CBEE1B9F26}] => (Allow) C:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{C4EDF951-2884-49DD-BCDD-4CF46D6E3C76}] => (Allow) C:\Games\Rayman Origins\gu.exe
FirewallRules: [{EE8BD701-F033-43E3-BCA4-3492F2E0965F}] => (Allow) C:\Games\Rayman Origins\gu.exe
FirewallRules: [{539BE111-A51F-4BB5-B00F-6CCA912CE4B8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{DF682EED-2948-46E5-BD11-B94697EEFEB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{8E901315-4EEB-4590-9E64-75E38642D79B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{4D11334D-50DD-428D-8D4E-B21E40A16B0B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D09187EF-D7D6-408F-A714-D72ABA8D9607}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{11055F21-86B4-4B9A-AE02-74F392B51F7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{624F250C-0C4E-468F-97D5-1D1CDC675446}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E68E1569-797F-48A9-A222-2B050D693B47}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{95A97C01-497D-4CDD-80FF-95D5A4725D95}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{056F214A-28D9-4FF0-89AF-C2506B0C89C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{87D23B3D-0A7D-4DCE-9B2C-B28FD0CF7594}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{029A80C0-532A-41C5-9599-D6E1917E8E78}C:\games\call of duty 2\cod2mp_s.exe] => (Allow) C:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{4D9D2A8B-272E-4ADF-9767-072D878F9A7D}C:\games\call of duty 2\cod2mp_s.exe] => (Allow) C:\games\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{29B9830E-0DB8-4332-BAB9-765139C2C627}C:\games\cs1.6\hl.exe] => (Allow) C:\games\cs1.6\hl.exe
FirewallRules: [UDP Query User{281F3D80-59E2-4299-B03D-51CBC73993DF}C:\games\cs1.6\hl.exe] => (Allow) C:\games\cs1.6\hl.exe
FirewallRules: [{880E8672-689C-4E78-B37F-5A9B46CD5189}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{54822E42-045F-4C4F-BFA1-49B488BA1F8F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{53BFCB7F-50CF-4F6B-9F15-6691043563E0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{1E846F0B-82AD-48A5-80AF-86DC31C1CDA4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{66FCAF8D-FD83-4B04-86BB-E35A4645DE67}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C918AF01-D83A-482F-BBEB-09B8963D694F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E8AEBBC3-9E8A-482F-9EEB-9DF931DE77E0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3D17528B-E16A-428D-82B7-912B64ED56C5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{012E43DC-CEEF-4B15-965F-C99B746F4CEB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BD8606E7-6B6B-4F22-95BC-1C1F12A97741}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DB1BEAFA-35EF-4526-85CD-DC09B8EE723D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C05EFB92-649E-4CE2-8EB8-2F9AC956C4E2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{0F1A1B3E-5D79-43DE-BE21-1E5AC623B3A2}C:\games\total war rome ii cz\total war rome ii\rome2.exe] => (Allow) C:\games\total war rome ii cz\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{D74E426F-2C39-4A90-B80C-8FA31F8DB806}C:\games\total war rome ii cz\total war rome ii\rome2.exe] => (Allow) C:\games\total war rome ii cz\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{FE20041A-B9B1-48D5-8ACC-963E1DC75CF8}E:\hry\cataclysm\launcher.exe] => (Allow) E:\hry\cataclysm\launcher.exe
FirewallRules: [UDP Query User{F5F620F6-A024-4F18-AEFD-1E4950032156}E:\hry\cataclysm\launcher.exe] => (Allow) E:\hry\cataclysm\launcher.exe
FirewallRules: [TCP Query User{A538608F-3567-4DEB-B167-B8FF2F0ABB80}E:\hry\cataclysm\launcher.patch.exe] => (Allow) E:\hry\cataclysm\launcher.patch.exe
FirewallRules: [UDP Query User{CAD0FFFD-7990-4C64-B76B-9DC2DBBB4C99}E:\hry\cataclysm\launcher.patch.exe] => (Allow) E:\hry\cataclysm\launcher.patch.exe
FirewallRules: [{C42F1354-AE03-420A-AC97-045F86825B38}] => (Allow) C:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{802D5C13-BCE5-4F07-940A-4DCFBF5B2D91}] => (Allow) C:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{41427663-1F28-4537-9129-97DC6E3106AD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{309BD454-345E-4731-9A17-EA5E4AD30845}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{1AF80A25-7E7E-49C8-AD5C-12E38820E348}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D0A50460-1828-4115-BC9A-B3EB56CA9A54}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DAB4B311-7268-42E8-A589-CEF551600F81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8C1CE24B-765F-4D48-80D3-9F418816624C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{35A47605-78EE-4526-BDD9-FDC3BF4483A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E656E7AB-7A56-4E8B-9E7B-61C1C4FF2ACB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{39E8AFB2-C60B-41EE-B044-1B396800C378}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D1FEA12D-E096-4FAE-9B96-74158D227199}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E0BB0EEC-A819-4C9F-8B5C-FC557FB91BD2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{833C8CE9-55C2-4E57-B494-9AA430B84FF5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{439811C6-4F89-4FEC-AF7F-CCD71DF02156}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{531C6800-B1A2-4323-B958-C582CEC249AD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{505FBA89-7F39-44A5-B835-74705152C13E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{BB4EF214-DB21-4782-9FAA-B76032D62019}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B59302A8-A52A-4C2A-B2DE-AFF497C1311E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{22688AC0-6966-496F-8694-EC3FE50ABACB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{4F8E59C5-6CC1-406B-BFF0-4B5476014B1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1EF3FFC0-D7C0-4840-8F75-E9546119DA01}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{35AAD679-E3D1-401F-B6EA-BBC3B62844D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5BB4BD72-48D7-4DDA-850B-930C1B57E3AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{0A159F71-1F2B-4B34-AE6D-6A5BF813F9DA}C:\games\cataclysm\launcher.patch.exe] => (Allow) C:\games\cataclysm\launcher.patch.exe
FirewallRules: [UDP Query User{5E58D68F-624D-4441-BD17-DA61F9FDC12E}C:\games\cataclysm\launcher.patch.exe] => (Allow) C:\games\cataclysm\launcher.patch.exe
FirewallRules: [TCP Query User{13827370-CD55-414C-94F6-0E20F8034023}C:\games\cataclysm\launcher.exe] => (Allow) C:\games\cataclysm\launcher.exe
FirewallRules: [UDP Query User{3A50322C-37D2-469C-AE78-5142BEFBF1F4}C:\games\cataclysm\launcher.exe] => (Allow) C:\games\cataclysm\launcher.exe
FirewallRules: [{275F77AB-E770-4A2F-A435-EE0C98114C6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E8F3BF60-C4D1-46F5-88C6-130BC365CFA3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{743BB0A6-04F6-40D2-BB69-429481A806A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{3C8C85CF-1703-46A1-8259-E91DD2FC44DB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{E82A065C-7349-42E4-B733-4A81A7C470C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9E7F6D02-E62A-4AC3-93E4-19C70DCF04CD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{75ACF51C-745C-4F4F-BCBA-AFD38F872D02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/17/2015 12:27:38 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/17/2015 12:27:07 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/17/2015 08:12:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ccd.exe, verze: 0.0.0.0, časové razítko: 0x558aa83f
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17936, časové razítko: 0x55a68dd1
Kód výjimky: 0xc0000374
Posun chyby: 0x000e5904
ID chybujícího procesu: 0x928
Čas spuštění chybující aplikace: 0xccd.exe0
Cesta k chybující aplikaci: ccd.exe1
Cesta k chybujícímu modulu: ccd.exe2
ID zprávy: ccd.exe3
Úplný název chybujícího balíčku: ccd.exe4
ID aplikace související s chybujícím balíčkem: ccd.exe5

Error: (09/17/2015 08:06:22 AM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/17/2015 08:05:49 AM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/16/2015 09:51:49 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/16/2015 09:51:21 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/16/2015 05:27:16 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/16/2015 05:26:51 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (09/16/2015 01:23:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: ERZA-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\Schimansky12\AppData\Local\Akamai\rswinui.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.


System errors:
=============
Error: (09/17/2015 09:33:05 AM) (Source: DCOM) (EventID: 10010) (User: ERZA-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/17/2015 09:33:05 AM) (Source: DCOM) (EventID: 10010) (User: ERZA-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/17/2015 08:10:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba lxdnCATSCustConnectService neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (09/17/2015 08:10:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby lxdnCATSCustConnectService bylo dosaženo časového limitu (30000 ms).

Error: (09/17/2015 08:10:17 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:04:19, ‎17. ‎9. ‎2015) bylo neočekávané.

Error: (09/17/2015 08:04:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba lxdnCATSCustConnectService neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (09/17/2015 08:04:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby lxdnCATSCustConnectService bylo dosaženo časového limitu (30000 ms).

Error: (09/16/2015 08:49:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba lxdnCATSCustConnectService neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (09/16/2015 08:49:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby lxdnCATSCustConnectService bylo dosaženo časového limitu (30000 ms).

Error: (09/16/2015 08:49:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:48:34, ‎16. ‎9. ‎2015) bylo neočekávané.


CodeIntegrity:
===================================
Date: 2014-11-29 19:59:01.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 3987.27 MB
Available physical RAM: 1957.39 MB
Total Virtual: 8083.27 MB
Available Virtual: 5656.27 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.67 GB) (Free:593.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1536A17)

Partition: GPT.

==================== End of Addition.txt ============================

[altrok]

Provedte obnovu systemu k datu, kdy korektne fungoval.

[Erža]

Omlouvám se za delší neaktivitu - poměrně hodně práce při začátku akademického roku.
Systém mi fungoval korektně v době, po které jsem si do PC nahrál a postahoval celkem velké množství dat (návody v pdf, obrázky, excel tabulky, nový AutoCAD, Scia Engineer, apod.), nepřijdu o to všechno?

Btw.: AVG mi začalo vyplivovat novou hrozbu:

Trojský kůň Patched3_c.BLDE
C:\Windows\SECOH-QAD.exe

[altrok]

Je Vas operacni system legalni?

[Erža]

Ano, vlastním Win 8.1, který byl v notebooku nainstalován již při koupi.

[altrok]

C:\Windows\SECOH-QAD.exe patri cracku na officy, takze se nebojte a tento soubor smazte.
Pri pouziti bodu obnoveni byste prisel o nainstalovane programy.


Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin

[Erža]

Nevíte, proč mi antivir neustále hlásí hrozbu, ale aktuálně ten soubor v adresáři vůbec nevidím ?
Dobrá, sken udělám co nejdříve to bude možné. Bohužel studuji a k tomu dělám brigádu, takže komunikace a reakce na vaše rady z mé strany (z důvodu nedostatku času) trošku váznou.

PS.: Děkuji za dosavadní pomoc. Je to již v pořadí 4. topic, kde mi vy a vaši kolegové pomáháte, a tak jsem poslal symbolickou (přece jenom pořad ještě studuji) sumu na provoz fóra.

[altrok]

Dle meho ten crack bude mit zaznam v naplanovanych ulohach, ktery pozdeji vymazeme. Udelejte napr. pres noc sken pomoci MBAMu (v takovem pripade nezapomente upravit prechod do rezimu spanku/hibernace).

Taky jsem ted hodne casove vytizeny, ale nikam nespechame. Za pripadny prispevek na provoz fora Vam jmenem celeho tymu dekuji.

[Erža]

Po 5 hodinách jsem ukládal log a program přestal pracovat Beru to jako náhodu, chybou bylo, že jsem do toho dělal další věci, takže to zítra zkusím znova....

Kdy a jak se dovím, že platba dorazila ?

[altrok]

Spustte MBAM -> zalozka History -> vlevo Application Logs -> tam pohledejte Scan Log -> pokud nejaky takovy bude, dvakrat na nej poklepejte -> Export a ulozte jako .txt

Ohledne uctu se optam kolegu a budu Vas informovat.

[Erža]

Nic to nenašlo
------------------
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23. 9. 2015
Čas skenování: 16:51
Protokol: MAM sken.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.23.03
Databáze rootkitů: v2015.09.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Schimansky12

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 689620
Uplynulý čas: 4 hod, 59 min, 47 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)