Problém s procesem LMS.exe*32

Zpráva

PeT@ · #1 Příspěvek od **PeT@** » 15 zář 2015 13:56

Dobrý den,

mám problém s procesem LMS.exe*32. Několikrát denně musím tento proces ručně ukončovat protože mi "žere" cca 25% z procesoru. Jelikož mám počítat od DELLu tak jsem se obrátil na jejich podporu a bohužel bez úspěchu. Proto se obracím na Vás jak tento problém řešit.
Projel jsem si počítač programem Hijackthis, procesy které jsem mohl fixnout jsem fixoval, nicméně, které odstranit nešly, v nápovědě po kontrole logu na Hijackthis.cz je napsáno (Zkontrolujte Vaše PC programem Spybot S&D z Kolla.de nebo LSPFix z Cexx.org. Neopravovat! Zkusit opravit s LSPFix z Cexx.org.)Bohužel Spybot S&D problém nevyřešil a LSPFIX nefunguje.
Chtěl bych Vás proto požádat o radu co s počítačem dělat.
Moc děkuji Petr

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:32:49, on 15.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_ ... 7439317439
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_ ... 7439317439
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_ ... 7439317439
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_ ... 7439317439
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\DellTPad\HidMonitorSvc.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Management Agent Service (DellMgmtAgent) - Dell Inc. - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
O23 - Service: Dell Security Framework Loader (DellMgmtLoader) - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
O23 - Service: DELL Security Framework Local Server (DellMgmtServer) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
O23 - Service: @C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe,-200 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15588 bytes

#2 Příspěvek od **Rudy** » 15 zář 2015 16:36

Zdravím! Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

PeT@ · #3 Příspěvek od **PeT@** » 16 zář 2015 08:09

Dobrý den,

zasílám požadovaný log děkuji za ochotu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Petr (administrator) on PETR-PC (16-09-2015 08:59:40)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpCardEngine.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [729432 2015-02-19] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4430824 2015-07-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe,
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-08-28] (Google Inc.)
HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 8.8.8.8
Tcpip\..\Interfaces\{331DF301-D525-4783-8FC3-167E4566DE94}: [DhcpNameServer] 62.129.50.20 8.8.8.8
Tcpip\..\Interfaces\{9E4488DA-BFD8-468F-989D-F28438758D48}: [DhcpNameServer] 62.129.50.20 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439&ts=1441260645
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439&ts=1441260645
SearchScopes: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439&ts=1441201474
SearchScopes: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439&ts=1441201474
SearchScopes: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000 -> {683E7B03-C4FC-48A6-A633-6092C8C31AA0} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-15] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-03-17] (DigitalPersona, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome
FF Extension: Dell Data Protection
Security Tools - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome [2014-11-29]

Chrome:
=======
CHR HomePage: Default -> hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
CHR StartupUrls: Default -> "hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-30]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-30]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-30]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]
CHR HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-11-06] (Alps Electric Co., Ltd.)
S3 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1442344 2015-07-09] (AVG Technologies CZ, s.r.o.)
S3 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-05-26] (AVG Technologies CZ, s.r.o.)
S3 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [255328 2014-09-11] (Dell Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [26464 2014-09-11] ()
R2 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [33632 2014-09-11] (Dell, Inc.)
R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [472912 2014-03-19] (DigitalPersona, Inc.)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2014-11-30] (Macrovision Europe Ltd.) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-06-06] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-04-16] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73688 2015-06-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [249296 2015-05-26] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1423160 2014-04-18] (Motorola Solutions, Inc.)
R0 CredFltL; C:\Windows\System32\DRIVERS\CredFltL.sys [37120 2014-09-11] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-30] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [199624 2014-06-06] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2638808 2014-10-15] (Realtek Semiconductor Corp.)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [53568 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [61832 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-26] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-04-14] (Elex do Brasil Participações Ltda)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3438872 2015-02-22] (Intel Corporation)
S3 s916bus; C:\Windows\System32\DRIVERS\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mdfl; C:\Windows\System32\DRIVERS\s916mdfl.sys [19496 2007-11-02] (MCCI Corporation)
S3 s916mdm; C:\Windows\System32\DRIVERS\s916mdm.sys [145448 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\Windows\System32\DRIVERS\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\Windows\System32\DRIVERS\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
R0 SEDFilter; C:\Windows\System32\DRIVERS\SEDFilter.sys [61184 2014-09-11] (Dell Inc.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [75952 2014-04-21] (STMicroelectronics)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-16 08:59 - 2015-09-16 08:59 - 00027188 _____ C:\Users\Petr\Desktop\FRST.txt
2015-09-16 08:58 - 2015-09-16 08:59 - 00000000 ____D C:\FRST
2015-09-16 08:58 - 2015-09-16 08:58 - 02191360 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-09-15 14:32 - 2015-09-15 14:32 - 00015590 _____ C:\Users\Petr\Desktop\hijackthis.log
2015-09-10 08:35 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 08:35 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-10 08:35 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 08:34 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 08:33 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 08:33 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 08:33 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 08:33 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-10 08:33 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-10 08:33 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-10 08:33 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-10 08:33 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 08:33 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 08:33 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-10 08:33 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-10 08:33 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-10 08:33 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-10 08:33 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 08:33 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-10 08:33 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 08:33 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-10 08:33 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-10 08:33 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-10 08:33 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 08:33 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-10 08:33 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-10 08:33 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-10 08:33 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-10 08:33 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-10 08:33 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-10 08:33 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 08:33 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-10 08:33 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-10 08:33 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-10 08:33 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-10 08:33 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-10 08:33 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 08:33 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-10 08:33 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-10 08:33 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-10 08:33 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 08:33 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-10 08:33 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-10 08:33 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 08:33 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 08:33 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 08:33 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-10 08:33 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-10 08:33 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 08:33 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-10 08:33 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-10 08:33 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-10 08:33 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-10 08:33 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 08:33 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 08:33 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 08:33 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 08:33 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 08:33 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-10 08:33 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 08:33 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 08:33 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 08:33 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 08:33 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 08:33 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-10 08:33 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-10 08:32 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-10 08:32 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-10 08:32 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-10 08:32 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 08:32 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 08:32 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-10 08:32 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-10 08:32 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 08:32 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-10 08:31 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-10 08:31 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 08:31 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-10 08:31 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-10 08:31 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-10 08:31 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 08:31 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-10 08:31 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-10 08:31 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 08:31 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 08:31 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-10 08:31 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-10 08:31 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 08:31 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-10 08:31 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 08:31 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-10 08:31 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 08:31 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 08:31 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 08:31 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-10 08:31 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-03 15:55 - 2015-09-03 16:01 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-03 15:55 - 2015-09-03 15:55 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-03 15:55 - 2015-09-03 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-03 15:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-09-03 15:34 - 2015-09-03 15:34 - 00014824 _____ C:\Windows\SysWOW64\hijackthis.log
2015-09-03 11:24 - 2015-09-03 11:24 - 00000000 ____D C:\Users\Petr\AppData\Roaming\eCyber
2015-09-03 09:55 - 2015-09-03 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-09-03 09:55 - 2015-09-03 09:55 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2015-09-03 09:55 - 2015-04-16 10:55 - 00053568 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-09-03 09:55 - 2015-04-14 11:01 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-09-03 09:54 - 2015-09-03 09:54 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Elex-tech
2015-09-02 13:23 - 2015-09-03 08:10 - 00002888 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-09-02 13:23 - 2015-09-03 08:10 - 00002888 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-09-02 13:23 - 2015-09-02 13:23 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-09-02 13:23 - 2015-09-02 13:23 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-09-02 13:21 - 2015-09-03 09:52 - 00000000 ____D C:\ProgramData\Lavasoft
2015-09-02 13:17 - 2015-09-02 13:17 - 00000085 _____ C:\Windows\wininit.ini
2015-09-01 13:38 - 2015-09-01 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-01 13:33 - 2015-09-03 15:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-01 13:33 - 2015-09-01 13:33 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-24 09:34 - 2015-08-24 09:34 - 00067584 _____ C:\Users\Petr\Desktop\NS Buresova VZT _Rozpocet.xls
2015-08-19 14:45 - 2015-08-19 14:45 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-08-19 13:56 - 2015-05-21 10:35 - 04630352 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2015-08-17 12:28 - 2015-08-18 14:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-16 08:56 - 2015-08-13 08:11 - 00113831 _____ C:\Windows\SysWOW64\Gms.log
2015-09-16 08:47 - 2014-11-30 04:47 - 00669830 _____ C:\Windows\system32\perfh005.dat
2015-09-16 08:47 - 2014-11-30 04:47 - 00141956 _____ C:\Windows\system32\perfc005.dat
2015-09-16 08:47 - 2009-07-14 07:13 - 01586648 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-16 08:43 - 2009-07-14 06:51 - 00095759 _____ C:\Windows\setupact.log
2015-09-16 08:32 - 2015-04-15 14:22 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-16 08:29 - 2014-11-30 09:10 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-16 08:29 - 2014-11-30 09:10 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 08:17 - 2014-11-30 16:03 - 00000000 ___RD C:\Users\Petr\Disk Google
2015-09-16 08:05 - 2014-11-29 19:51 - 01474340 _____ C:\Windows\WindowsUpdate.log
2015-09-16 08:02 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-16 08:02 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-16 07:55 - 2014-11-23 17:18 - 00131072 ___SH C:\CredSED.dat
2015-09-16 07:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-15 15:17 - 2015-06-23 11:09 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-09-15 14:54 - 2014-12-10 14:02 - 00000000 ____D C:\Users\Petr\Downloads\backups
2015-09-14 13:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-14 08:49 - 2014-11-30 13:00 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2015-09-11 15:16 - 2014-11-30 16:10 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-09-11 08:05 - 2009-07-14 06:45 - 00513016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-11 08:04 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 08:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 16:51 - 2014-11-30 09:12 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 16:29 - 2015-03-30 09:25 - 00000000 ____D C:\Users\Petr\Documents\KIA CEED II
2015-09-04 08:04 - 2010-11-21 05:47 - 00246900 _____ C:\Windows\PFRO.log
2015-09-02 14:43 - 2014-11-30 18:24 - 00000000 ____D C:\ProgramData\MFAData
2015-09-01 08:24 - 2014-11-30 09:10 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 08:24 - 2014-11-30 09:10 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-26 18:37 - 2014-11-30 09:12 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-21 07:19 - 2014-10-18 23:54 - 00000000 ____D C:\Temp
2015-08-19 15:23 - 2014-11-29 20:33 - 00142816 _____ C:\Users\Petr\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-19 14:45 - 2014-11-30 15:58 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-08-19 14:45 - 2014-11-30 15:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-19 08:24 - 2014-11-30 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-19 07:43 - 2014-11-30 13:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-11-30 18:37 - 2014-11-30 18:37 - 0026900 _____ () C:\Users\Petr\AppData\Local\dt.dat
2014-11-30 12:23 - 2015-03-16 11:39 - 0007621 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\AcDeltree.exe
C:\Users\Petr\AppData\Local\Temp\avguidx.dll
C:\Users\Petr\AppData\Local\Temp\cc54b6e3-0cef-4705-b731-5b4102c7e1eb.exe
C:\Users\Petr\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Petr\AppData\Local\Temp\gert0.exe
C:\Users\Petr\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Petr\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Petr\AppData\Local\Temp\msvcp110.dll
C:\Users\Petr\AppData\Local\Temp\msvcr110.dll
C:\Users\Petr\AppData\Local\Temp\oi_{CEE35BF7-2D15-49CB-BE0E-AAD3CC23FF13}.exe
C:\Users\Petr\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Petr\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Petr\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-11 12:56

==================== End of FRST.txt ============================

#4 Příspěvek od **Rudy** » 16 zář 2015 18:19

Teď pusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

PeT@ · #5 Příspěvek od **PeT@** » 18 zář 2015 15:01

Dobrý den,

zkoušel jsem Vámi popsaný postup, ale bohužel po spuštění tlačítka clean se objevila hláška (viz v příloze) a počítač se restartoval. Stejný postup jsem zkoušel 2x. Níže zasílám vysledek z LOGu

Děkuji za ochotu Petr
# AdwCleaner v5.008 - Logfile created 18/09/2015 at 15:54:18
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.008.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : iSafeKrnl
Service Found : iSafeKrnlBoot
Service Found : iSafeKrnlKit
Service Found : iSafeKrnlMon
Service Found : iSafeKrnlR3
Service Found : iSafeNetFilter
Service Found : iSafeService

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Elex-tech
Folder Found : C:\ProgramData\{8AF32939-989B-460A-8726-CA2C776032A1}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
Folder Found : C:\Users\Petr\AppData\Local\Temp\iSafeRightKeyScan
Folder Found : C:\Users\Petr\AppData\Roaming\eCyber
Folder Found : C:\Users\Petr\AppData\Roaming\Elex-tech

***** [ Files ] *****

File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_toolbar.avg.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.savemygame.fr_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
File Found : C:\Windows\Sysnative\log\iSafeKrnlCall.log
File Found : C:\Windows\Sysnative\drivers\iSafeKrnlBoot.sys
File Found : C:\Windows\Sysnative\drivers\iSafeNetFilter.sys

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : ASP

***** [ Registry ] *****

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [GoHD-bg.exe]
Key Found : HKLM\SOFTWARE\68af48d8-19fc-4dbe-acc2-b1b37da5c58e
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644214480}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053418d8-ee52-44e1-a557-b330f382ccdc}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181f830b-6a92-4bbd-a271-553fa91e5c04}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e329f16-ab06-48c9-a5ea-c1e3ee3d3e0c}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3525742b-7e87-4351-b57a-aeb47f7e5dcf}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428A-92C9-0CFC28B9D1BF}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053418d8-ee52-44e1-a557-b330f382ccdc}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181f830b-6a92-4bbd-a271-553fa91e5c04}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e329f16-ab06-48c9-a5ea-c1e3ee3d3e0c}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3525742b-7e87-4351-b57a-aeb47f7e5dcf}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\GoHD
Key Found : HKCU\Software\Elex-tech
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Key Found : HKLM\SOFTWARE\Elex-tech
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Key Found : [x64] HKCU\Software\Elex-tech
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\GoHD
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\GoHD
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}
Key Found : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}

***** [ Web browsers ] *****

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [8155 bytes] ##########

#6 Příspěvek od **Rudy** » 18 zář 2015 17:12

Zkuste to ještě jednou v nouz. režimu.

PeT@ · #7 Příspěvek od **PeT@** » 19 zář 2015 20:27

Dobrý večer,

postup v nouzovém režimu zafungoval níže zasílám Log z programu, který se objevil po tom co program restartoval počítač. Níže je obsah logu před tím něž jsem spustil v programu Clean. Nevím zda je již počítač OK.
Pokud ano tak moc děkuji, Petr
# AdwCleaner v5.008 - Logfile created 19/09/2015 at 21:10:45
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : iSafeKrnl
[-] Service Deleted : iSafeKrnlBoot
[-] Service Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlMon
[-] Service Deleted : iSafeKrnlR3
[-] Service Deleted : iSafeNetFilter
[-] Service Deleted : iSafeService

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Elex-tech
[-] Folder Deleted : C:\ProgramData\{8AF32939-989B-460A-8726-CA2C776032A1}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
[-] Folder Deleted : C:\Users\Petr\AppData\Local\Temp\iSafeRightKeyScan
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\eCyber
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Elex-tech

***** [ Files ] *****

[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_toolbar.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.savemygame.fr_0.localstorage-journal
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
[-] File Deleted : C:\Windows\Sysnative\log\iSafeKrnlCall.log
[-] File Deleted : C:\Windows\Sysnative\drivers\iSafeKrnlBoot.sys
[-] File Deleted : C:\Windows\Sysnative\drivers\iSafeNetFilter.sys

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : ASP

***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [GoHD-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\68af48d8-19fc-4dbe-acc2-b1b37da5c58e
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644214480}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053418d8-ee52-44e1-a557-b330f382ccdc}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181f830b-6a92-4bbd-a271-553fa91e5c04}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e329f16-ab06-48c9-a5ea-c1e3ee3d3e0c}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3525742b-7e87-4351-b57a-aeb47f7e5dcf}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428A-92C9-0CFC28B9D1BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053418d8-ee52-44e1-a557-b330f382ccdc}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181f830b-6a92-4bbd-a271-553fa91e5c04}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e329f16-ab06-48c9-a5ea-c1e3ee3d3e0c}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3525742b-7e87-4351-b57a-aeb47f7e5dcf}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\GoHD
[-] Key Deleted : HKCU\Software\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[!] Key Not Deleted : [x64] HKCU\Software\Elex-tech
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\GoHD
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\GoHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}
[!] Key Not Deleted : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}

***** [ Web browsers ] *****

[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yac safe search
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [7554 bytes] ##########

Obsah LOGu před spuštěním CLEAN

# AdwCleaner v5.008 - Logfile created 19/09/2015 at 21:09:39
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.008.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : iSafeKrnl
Service Found : iSafeKrnlBoot
Service Found : iSafeKrnlKit
Service Found : iSafeKrnlMon
Service Found : iSafeKrnlR3
Service Found : iSafeNetFilter
Service Found : iSafeService

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Elex-tech
Folder Found : C:\ProgramData\{8AF32939-989B-460A-8726-CA2C776032A1}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
Folder Found : C:\Users\Petr\AppData\Local\Temp\iSafeRightKeyScan
Folder Found : C:\Users\Petr\AppData\Roaming\eCyber
Folder Found : C:\Users\Petr\AppData\Roaming\Elex-tech

***** [ Files ] *****

File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_toolbar.avg.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.savemygame.fr_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
File Found : C:\Windows\Sysnative\log\iSafeKrnlCall.log
File Found : C:\Windows\Sysnative\drivers\iSafeKrnlBoot.sys
File Found : C:\Windows\Sysnative\drivers\iSafeNetFilter.sys

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : ASP

***** [ Registry ] *****

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [GoHD-bg.exe]
Key Found : HKLM\SOFTWARE\68af48d8-19fc-4dbe-acc2-b1b37da5c58e
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644214480}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053418d8-ee52-44e1-a557-b330f382ccdc}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181f830b-6a92-4bbd-a271-553fa91e5c04}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e329f16-ab06-48c9-a5ea-c1e3ee3d3e0c}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3525742b-7e87-4351-b57a-aeb47f7e5dcf}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428A-92C9-0CFC28B9D1BF}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{053418d8-ee52-44e1-a557-b330f382ccdc}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181f830b-6a92-4bbd-a271-553fa91e5c04}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1e329f16-ab06-48c9-a5ea-c1e3ee3d3e0c}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3525742b-7e87-4351-b57a-aeb47f7e5dcf}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\GoHD
Key Found : HKCU\Software\Elex-tech
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Key Found : HKLM\SOFTWARE\Elex-tech
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Key Found : [x64] HKCU\Software\Elex-tech
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\GoHD
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\GoHD
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Data Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}
Key Found : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Software\Microsoft\Internet Explorer\SearchScopes\{683E7B03-C4FC-48A6-A633-6092C8C31AA0}

***** [ Web browsers ] *****

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : isearch.avg.com
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : yac safe search
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=samsungxssdxpm851xmsatax256gb_s1evnyaf317439317439

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [8382 bytes] ##########

#8 Příspěvek od **Rudy** » 19 zář 2015 21:20

OK. Dejte nový log FRST.

PeT@ · #9 Příspěvek od **PeT@** » 21 zář 2015 07:11

Dobrý den,

níže zasílám log z FRST.

Děkuji Petr

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Petr (2015-09-21 08:05:18)
Running from C:\Users\Petr\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-11-29 17:51:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4051538019-3922889268-3770889596-500 - Administrator - Disabled)
Guest (S-1-5-21-4051538019-3922889268-3770889596-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4051538019-3922889268-3770889596-1002 - Limited - Enabled)
Petr (S-1-5-21-4051538019-3922889268-3770889596-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Business Edition (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG AntiVirus Business Edition (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG AntiVirus Business Edition (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 5.0 CE (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{645065ef-124b-4017-ae38-6b625817f144}) (Version: 17.15.0 - Intel Corporation)
AutoCAD LT 2010 - český (HKLM\...\AutoCAD LT 2010 - český) (Version: 18.0.55.0 - Autodesk)
AutoCAD LT 2010 - český (Version: 18.0.55.0 - Autodesk) Hidden
AVG (HKLM\...\AVG) (Version: 3532 - AVG Technologies CZ, s.r.o.)
AVG 2013 (Version: 13.0.3532 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2013 (Version: 13.0.4365 - AVG Technologies CZ, s.r.o.) Hidden
CanoScan Toolbox Ver4.1 (HKLM-x32\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - )
CmgMasterPrerequisites (x32 Version: 1.4.1.777 - Credant Technologies Inc.) Hidden
Commandos 3 - Destination Berlin (HKLM-x32\...\{C270BC04-1540-4673-960F-A546B2C860CD}) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{AB904BBA-B274-44E7-9FDD-E96E5D69F9D3}) (Version: 2.3.440.224 - Broadcom Corporation)
Dell Data Protection | Client Security Framework (HKLM\...\{05FDD00D-1C45-44D1-AB3F-C24D45C39457}) (Version: 8.4.1.1717 - Dell, Inc.)
Dell Data Protection | Security Tools (x32 Version: 1.4.1.777 - Dell, Inc.) Hidden
Dell Data Protection | Security Tools Authentication (HKLM\...\{0B72160B-9F67-47C0-858F-5A0074162148}) (Version: 1.3.1.433 - DigitalPersona, Inc.)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.118 - ALPS ELECTRIC CO., LTD.)
Direct WAV MP3 Splitter version 2.7.0.25 (HKLM-x32\...\Direct WAV MP3 Splitter_is1) (Version: 2.7.0.25 - Piston Software)
FastStone Image Viewer 5.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.2 - FastStone Soft)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0466 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxx Audio Installer (x64) (Version: 1.6.4711.73 - Waves Audio Ltd.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4753.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 cs)) (Version: 38.2.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v10.3 (HKLM-x32\...\{CC162285-75C3-42BD-831D-7742B56E0AC8}) (Version: 10.3 - Spigot, Inc.) <==== ATTENTION
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6053 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.245 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0055 - ST Microelectronics)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Teruna (HKLM-x32\...\Teruna) (Version: 1.5b - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\AutoCAD LT 2010\acadltficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD LT 2010\acadlt.exe (Autodesk, Inc.)

==================== Restore Points =========================

03-09-2015 08:16:16 Windows Update
07-09-2015 08:04:21 Windows Update
10-09-2015 08:27:01 Windows Update
10-09-2015 16:47:32 Windows Update
14-09-2015 08:28:50 Windows Update
18-09-2015 10:09:11 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14555442-23CA-4E3F-8921-DB835EC141EF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {17EBCD9B-3C74-402F-B8CE-126FF7C6A08B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3E4F4644-5F48-4B7C-A0F6-FB481A281429} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {50142CA6-4A0A-4624-95F2-AF59DE7767CC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {56DAA88B-29CC-4D96-BC8A-31098CD8AE39} - System32\Tasks\{40461039-5A99-405A-B546-64C3C23BF451} => pcalua.exe -a "C:\Program Files (x86)\GoHD\Uninstall.exe" -c /fcp=1
Task: {629DFFF6-0B28-4F49-9CAF-795E7D5A42B2} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-02] (Realtek Semiconductor)
Task: {6A310D86-4D5A-4361-91FC-272005C68A4D} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2014-05-05] (Dell Inc.)
Task: {6E2C488E-8323-41CE-8180-6E754FA0CCD1} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {80557956-2C51-4831-9A02-9B5D37549FC8} - System32\Tasks\{D6399365-EC5A-47C4-AFF1-9D291136F07F} => Chrome.exe http://ui.skype.com/ui/0/7.3.0.101/cs/a ... rogressBar
Task: {832FE11B-EC1A-41A7-AAA3-BBD45F50F43F} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/almost-done?pid=avg&lang=cs
Task: {8B0542DD-712D-44C7-AF0B-45D766CE8840} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-12] (Microsoft Corporation)
Task: {9CC37924-3F61-441E-BA5D-4C910FCBC456} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {A1DD7220-0FAA-4F1A-B134-ED65FE87BE6F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B9B79A53-5171-443D-871F-B95F57A9EADA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {D79848C2-6125-470E-BD86-FE3588028547} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D8445BC9-B361-4EAC-8114-3FFE08C862E6} - System32\Tasks\{3F09E84B-4127-490A-A2F7-14C3CC88BCF6} => pcalua.exe -a C:\Users\Petr\Downloads\IRST_APP_Intel_A11_WIN_R4HDM_SETUP_ZPE.exe -d C:\Users\Petr\Downloads
Task: {E2C18FBE-247D-4E5D-BBFC-2A2DC707804C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {F18818E9-2F1E-4EB9-B30A-C8BD0D09EABC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F36FDB14-00F6-476D-9542-B4BC880AED16} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe@--new-window http:/toolbar.avg.com/

==================== Loaded Modules (Whitelisted) ==============

2014-09-11 19:59 - 2014-09-11 19:59 - 00303968 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\authproxy.dll
2014-11-30 16:08 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-04-15 14:22 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00026464 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
2014-09-11 19:59 - 2014-09-11 19:59 - 02172768 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Resources.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00027488 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Interfaces.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00082272 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Objects.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00062816 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Agent.Plugins.AuthProxy.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00079200 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Agent.Plugins.PBA.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00036192 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Agent.Plugins.SED.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00129376 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CredSEDProxy.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00666464 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CredCommon.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00879456 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\CryptoProvider.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00707424 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DBManager.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00353632 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\OPALProvider.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 01507680 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\ConnectionProvider.dll
2014-09-11 19:59 - 2014-09-11 19:59 - 00047968 _____ () C:\Program Files\Dell\Dell Data Protection\Client Security Framework\FVEProvider.dll
2015-09-03 15:55 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-03 15:55 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-03 15:55 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-03 15:55 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-03 15:55 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-11-10 12:12 - 2014-11-10 12:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-16 13:30 - 2015-09-12 02:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-16 13:30 - 2015-09-12 02:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll
2015-09-21 08:01 - 2015-09-21 08:01 - 00098816 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32api.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00110080 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\pywintypes27.dll
2015-09-21 08:01 - 2015-09-21 08:01 - 00364544 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\pythoncom27.dll
2015-09-21 08:01 - 2015-09-21 08:01 - 00045568 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_socket.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 01161216 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_ssl.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00320512 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32com.shell.shell.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00713216 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_hashlib.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 01176576 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._core_.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00806400 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._gdi_.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00816128 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._windows_.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 01067008 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._controls_.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00733184 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._misc_.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00682496 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\pysqlite2._sqlite.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00087552 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_ctypes.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00119808 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32file.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00108544 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32security.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00007168 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\hashobjs_ext.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00068096 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\usb_ext.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00167936 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32gui.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00018432 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32event.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00128512 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_elementtree.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00127488 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\pyexpat.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00013824 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\common.time34.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00036864 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_psutil_windows.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00038912 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32inet.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00011264 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32crypt.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00077312 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._html2.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00027136 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_multiprocessing.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00020480 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\_yappi.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00035840 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32process.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00686080 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\unicodedata.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00123392 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._wizard.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00024064 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32pipe.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00010240 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\select.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00025600 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32pdh.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00525640 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\windows._lib_cacheinvalidation.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00017408 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32profile.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00022528 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\win32ts.pyd
2015-09-21 08:01 - 2015-09-21 08:01 - 00078848 _____ () C:\Users\Petr\AppData\Local\Temp\_MEI33322\wx._animate.pyd
2015-08-17 12:28 - 2015-08-17 12:28 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-08-17 12:28 - 2015-08-17 12:28 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-04-25 21:26 - 2015-04-25 21:26 - 00008704 _____ () C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\e4yu1o6h.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2015-04-15 14:22 - 2015-04-15 14:27 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4051538019-3922889268-3770889596-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BDAB2675-7CC9-4E68-A753-53E449974987}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79078BC2-7B9F-44DA-9379-279625466DE0}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{0AEEA826-B072-461B-B728-F50D8E454E9A}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [TCP Query User{ED9062BC-DB7E-4FCF-BC22-E2A84F1A42B4}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{08FBA880-1610-4DB5-86D5-1F6395AAD7B6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{8CAEC3D7-501F-44E8-BF7C-288D339196B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{5A06ABB4-32E3-4121-9B24-0EC0B5E42C5C}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{F233D0B4-C318-41E5-8878-DE7F13ADED3C}] => (Allow) C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{06B950E1-3D5C-421E-B0AB-AF6F47CC5DA4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{9400C3EB-D17A-4B2D-89BF-78F437E1EFD0}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{49D3DB15-B620-4E96-AFF7-EB1373A5ADEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{2FBC908E-07BD-4C1B-BC5B-42DC84F1C27C}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2E1FDBC4-571A-4548-B6A9-F032CE3BDC96}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{E512290F-6D3A-4D49-8350-34B151645730}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
FirewallRules: [{0A81804C-2EAA-4B76-A0FE-C54646536780}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
FirewallRules: [{C449BC94-E252-4A93-BA61-8C41A9371A49}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{F1892D10-78D2-46AB-A4AE-68E901F85A9A}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{5DB80B6C-5CBB-418B-95C7-0FB361701C49}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{9F1A2411-A467-426B-B4C5-866CBF40DD59}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{C39D2117-BAC3-4983-83DE-1E9B16037673}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{87031ADA-ABD2-4919-8904-AAB604974D84}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{F9819215-4034-4BB0-8499-D7753DF968C2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
FirewallRules: [{AE2AEE21-3DE7-48A4-8861-6DF9BD7F8B3F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
FirewallRules: [{36FC5226-F8F2-4EAA-B761-63DC20104F29}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{C22F3389-0C06-4694-BE05-E6C05A55A7B4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{3B7FCDE6-7905-49A1-B0A4-02451D8D1A79}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{866085B2-DA29-4AA7-A8DA-4BE4C1548477}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6A51B6CA-FF09-49F1-B4A8-C60F4B1485E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E1E72963-CB4B-4506-952F-DA78DF4CBCDE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1AE338BF-B346-4872-9FC1-E7B1B7425E40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{15EC0629-D2C1-4BC0-9847-C403315F793B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2015 07:55:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2015 09:12:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2015 09:10:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2015 03:48:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2015 03:45:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/18/2015 07:59:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2015 01:18:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2015 08:33:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2015 07:54:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2015 10:02:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (09/19/2015 09:09:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084Bluetooth Device Monitor{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (09/19/2015 09:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (09/19/2015 09:08:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz
Percentage of memory in use: 32%
Total physical RAM: 8097.39 MB
Available physical RAM: 5473.32 MB
Total Virtual: 16192.98 MB
Available Virtual: 13402.4 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:226.19 GB) (Free:111.32 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

#10 Příspěvek od **Rudy** » 21 zář 2015 16:25

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {17EBCD9B-3C74-402F-B8CE-126FF7C6A08B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Petr\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

PeT@ · #11 Příspěvek od **PeT@** » 22 zář 2015 10:22

Dobrý den,

provedl jsem to co jste popsal. Níže zasílám obsah Logu. Snad je to všechno OK.

Děkuji za ochotu

Petr

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Petr (2015-09-22 11:13:11) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: {17EBCD9B-3C74-402F-B8CE-126FF7C6A08B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Petr\AppData\Local\Temp
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17EBCD9B-3C74-402F-B8CE-126FF7C6A08B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17EBCD9B-3C74-402F-B8CE-126FF7C6A08B}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

"C:\Users\Petr\AppData\Local\Temp" folder move:

Could not move "C:\Users\Petr\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-09-22 11:15:58)<=

C:\Users\Petr\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:15:58 ====

#12 Příspěvek od **Rudy** » 22 zář 2015 16:45

Ano, vše bylo smazáno.

PeT@ · #13 Příspěvek od **PeT@** » 23 zář 2015 16:00

Dobrý den,

děkuji Vám za Váš čas a za pomoc s tímto problémem. Chtěl bych se Vás ještě zeptat jakým způsobem se dá účinně tomuto předcházet a bránit se.

Děkuji Petr Andrys

#14 Příspěvek od **Rudy** » 23 zář 2015 17:27

Mít aktuální antivir a na internetu se chovat obezřetně, tj, nechodit do jeho "temných zákoutí" a rozmyslet si, než na něco kliknu. Nemáte zač!

VIRY.CZ

Problém s procesem LMS.exe*32

Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32

Re: Problém s procesem LMS.exe*32