Zpomalené aplikace

[altrok]

Dejte prosim aktualni log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Erža]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Schimansky12 (administrator) on ERZA-PC (29-09-2015 00:36:50)
Running from C:\Users\Schimansky12\Desktop
Loaded Profiles: Schimansky12 (Available Profiles: Schimansky12)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
( ) C:\Windows\System32\lxdncoms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Disc Soft Ltd) C:\Programs\DeamonTools Lite\DiscSoftBusService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Nemetschek SCIA) C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\scia\SCIA.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-24] ()
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-09-07] (Autodesk Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Schimansky12\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2665984 2015-08-13] (Acer)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Programs\DeamonTools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\MountPoints2: {972007fa-5bca-11e4-8261-f8a963e3bf2e} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-07-27] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8F663C73-0024-4F37-9D83-EC9EE20AACF2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD1B489B-823E-4F1E-906F-D96452103C06}: [DhcpNameServer] 158.196.149.9 158.196.162.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> DefaultScope {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-24] (AVG)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-24] (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll [2014-12-10] (AVG Secure Search)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-06] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-03]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

Chrome:
=======
CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Dokumenty Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Disk Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (AVG Secure Search) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (SiteAdvisor) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Schimansky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0276521443019773mcinstcleanup; C:\Windows\TEMP\027652~1.EXE [883024 2015-05-04] (McAfee, Inc.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Programs\DeamonTools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-30] (WildTangent)
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [6587728 2011-08-05] (Flexera Software, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S2 lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-09-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-24] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-24] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-21] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-02] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-04-02] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-29 00:35 - 2015-09-29 00:35 - 00000000 ____D C:\Users\Schimansky12\Desktop\FRST-OlderVersion
2015-09-28 23:52 - 2015-09-28 23:52 - 01204737 _____ C:\Users\Schimansky12\Downloads\BU51_P2_2014 (1).pptx
2015-09-28 23:51 - 2015-09-28 23:52 - 01204737 _____ C:\Users\Schimansky12\Downloads\BU51_P2_2014.pptx
2015-09-28 23:26 - 2015-09-28 23:26 - 01212544 _____ C:\Users\Schimansky12\Downloads\02_zatepleny_uskoceny_sokl.dwg
2015-09-28 23:25 - 2015-09-28 23:25 - 00049811 _____ C:\Users\Schimansky12\Downloads\20200016.dwg
2015-09-28 23:18 - 2015-09-29 00:12 - 00000000 ____D C:\Users\Schimansky12\Desktop\FAMILY 44 2in1
2015-09-28 23:17 - 2015-09-28 23:17 - 01680618 _____ C:\Users\Schimansky12\Downloads\FAMILY44-dwg.zip
2015-09-28 23:17 - 2015-09-28 23:17 - 01544650 _____ C:\Users\Schimansky12\Downloads\FAMILY44-2in1-dwg.zip
2015-09-25 16:10 - 2015-09-25 16:10 - 00060631 _____ C:\Users\Schimansky12\Downloads\1cv.pae
2015-09-25 11:16 - 2015-09-25 11:16 - 00001156 _____ C:\Users\Schimansky12\Desktop\MAM sken.txt
2015-09-23 16:48 - 2015-09-25 10:17 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 16:48 - 2015-09-23 16:48 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-23 16:48 - 2015-09-23 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-23 16:47 - 2015-09-23 16:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-23 16:47 - 2015-09-23 16:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-23 16:47 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-23 16:47 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-23 16:47 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-23 16:45 - 2015-09-23 16:46 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Schimansky12\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-23 08:14 - 2015-09-23 08:14 - 00000000 ____D C:\Users\Schimansky12\ESA15.1
2015-09-23 08:14 - 2015-09-23 08:14 - 00000000 ____D C:\ProgramData\CADS
2015-09-23 08:07 - 2015-09-23 08:07 - 11199744 _____ C:\Users\Schimansky12\Downloads\Detail-nadpraží.dwg
2015-09-23 08:03 - 2015-09-23 08:03 - 00002409 _____ C:\Users\Public\Desktop\FlexNET Licence administrator.lnk
2015-09-23 08:03 - 2015-09-23 08:03 - 00001349 _____ C:\Users\Public\Desktop\Scia správce aktivace.lnk
2015-09-23 08:03 - 2015-09-23 08:03 - 00000165 ____H C:\Users\Schimansky12\Desktop\~$ROZVRH.xlsx
2015-09-23 08:03 - 2015-09-23 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scia Licence Server
2015-09-23 08:03 - 2015-09-23 08:03 - 00000000 ____D C:\ProgramData\FNP
2015-09-23 08:02 - 2014-07-17 12:34 - 04683144 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2015-09-23 08:02 - 2014-07-17 12:34 - 04683144 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe
2015-09-23 08:02 - 2014-07-17 12:34 - 00162136 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys
2015-09-23 08:02 - 2014-07-17 12:34 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys
2015-09-23 08:00 - 2014-07-17 12:34 - 00331608 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys
2015-09-23 08:00 - 2014-07-17 12:34 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2015-09-23 07:58 - 2015-09-23 08:02 - 00016725 _____ C:\Windows\aksdrvsetup.log
2015-09-23 07:55 - 2015-09-23 07:55 - 01883712 _____ (Nemetschek Scia) C:\Users\Schimansky12\Downloads\SciaEngineer_15.1.106_setup.exe
2015-09-22 18:47 - 2015-09-29 00:30 - 00015982 _____ C:\Users\Schimansky12\Desktop\ROZVRH.xlsx
2015-09-22 18:17 - 2015-09-22 18:17 - 00011172 _____ C:\Users\Schimansky12\Downloads\Rozvrh-2015_2016-3.roc.xlsx
2015-09-22 13:39 - 2015-09-22 13:39 - 00000008 _____ C:\Users\Schimansky12\Documents\SKIJO.KEY
2015-09-21 21:11 - 2015-09-21 21:11 - 00000612 _____ C:\Windows\PFRO.log
2015-09-21 20:37 - 2015-09-21 20:37 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Disc_Soft_Ltd
2015-09-21 20:36 - 2015-09-21 20:36 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-09-21 20:35 - 2015-09-21 20:36 - 00000000 ____D C:\Users\Schimansky12\AppData\Roaming\DAEMON Tools Lite
2015-09-21 20:35 - 2015-09-21 20:35 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-09-21 20:35 - 2015-09-21 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-09-21 20:33 - 2015-09-21 20:34 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-09-21 20:31 - 2015-09-21 20:31 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Schimansky12\Downloads\DTLiteInstaller.exe
2015-09-21 20:25 - 2015-09-23 08:03 - 00000000 ____D C:\ProgramData\FLEXnet
2015-09-17 14:28 - 2015-09-17 14:28 - 00000000 ____D C:\Users\Schimansky12\Documents\Autodesk Application Manager
2015-09-17 14:26 - 2015-09-17 14:26 - 00001931 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2015-09-17 14:26 - 2015-09-17 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2015-09-17 14:19 - 2015-09-17 14:19 - 00001843 _____ C:\Users\Public\Desktop\AutoCAD 2015 – Čeština (Czech).lnk
2015-09-17 14:19 - 2015-09-17 14:19 - 00000000 ____D C:\Users\Schimansky12\Documents\Inventor Server SDK ACAD 2015
2015-09-17 14:19 - 2015-09-17 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 – Čeština (Czech)
2015-09-17 14:16 - 2015-09-17 14:16 - 00000153 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-09-17 14:16 - 2015-09-17 14:16 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2015-09-17 14:13 - 2015-09-17 14:13 - 00000000 ____D C:\Program Files\Autodesk
2015-09-17 14:08 - 2015-09-17 14:08 - 00001428 _____ C:\Windows\DirectX.log
2015-09-17 12:50 - 2015-09-17 12:50 - 00000000 ____D C:\Users\Schimansky12\Desktop\3. ROČNÍK
2015-09-17 12:44 - 2015-09-17 12:46 - 00049808 _____ C:\Users\Schimansky12\Desktop\Addition.txt
2015-09-17 12:42 - 2015-09-29 00:38 - 00027500 _____ C:\Users\Schimansky12\Desktop\FRST.txt
2015-09-17 12:42 - 2015-09-29 00:37 - 00000000 ____D C:\FRST
2015-09-17 12:37 - 2015-09-29 00:35 - 02192384 _____ (Farbar) C:\Users\Schimansky12\Desktop\FRST64.exe
2015-09-17 12:32 - 2015-09-17 12:34 - 00000290 _____ C:\Users\Schimansky12\Downloads\DiskInfo.ini
2015-09-17 12:32 - 2015-09-17 12:32 - 02817875 _____ C:\Users\Schimansky12\Downloads\CrystalDiskInfo6_2_2.zip
2015-09-17 12:32 - 2015-09-17 12:32 - 00000000 ____D C:\Users\Schimansky12\Downloads\Smart
2015-09-17 12:32 - 2014-12-05 23:41 - 02385016 _____ (Crystal Dew World) C:\Users\Schimansky12\Downloads\DiskInfo.exe
2015-09-17 12:32 - 2014-12-05 11:23 - 00000000 ____D C:\Users\Schimansky12\Downloads\CdiResource
2015-09-17 12:32 - 2014-01-27 22:18 - 00000000 ____D C:\Users\Schimansky12\Downloads\License
2015-09-17 09:22 - 2015-09-17 09:30 - 00000000 ____D C:\Users\Schimansky12\Desktop\Čomar
2015-09-17 09:20 - 2015-09-17 09:20 - 00000000 ____D C:\Users\Schimansky12\Desktop\hynooo pro hits
2015-09-17 09:19 - 2015-09-23 08:18 - 00002042 _____ C:\Windows\setupact.log
2015-09-17 09:19 - 2015-09-17 09:19 - 00000000 _____ C:\Windows\setuperr.log
2015-09-17 09:10 - 2015-09-17 09:32 - 1733472951 _____ (Autodesk, Inc.) C:\Users\Schimansky12\Downloads\AutoCAD_2015_Czech_Win_64bit_R1_dlm.sfx.exe
2015-09-17 09:07 - 2015-09-17 09:07 - 00000000 ____D C:\ProgramData\Applications
2015-09-17 09:06 - 2015-09-17 09:06 - 10690456 _____ (Autodesk, Inc.) C:\Users\Schimansky12\Downloads\AutodeskDownloadManagerSetup.exe
2015-09-17 08:26 - 2015-09-17 08:31 - 00000000 ____D C:\Program Files\trend micro
2015-09-17 08:26 - 2015-09-17 08:27 - 00000000 ____D C:\rsit
2015-09-17 08:26 - 2015-09-17 08:26 - 01222144 _____ C:\Users\Schimansky12\Downloads\RSITx64.exe
2015-09-17 08:17 - 2015-09-17 08:17 - 00096916 _____ C:\Users\Schimansky12\Desktop\cc_20150917_081746.reg
2015-09-15 13:50 - 2015-09-15 13:51 - 01996594 _____ C:\Users\Schimansky12\Downloads\GroupCalendar_5.4.4.zip
2015-09-11 15:36 - 2015-09-11 15:38 - 28002137 _____ C:\Users\Schimansky12\Downloads\zasilka-GAHK8V978F5GLD2B.zip
2015-09-10 16:46 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 16:46 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 16:46 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 16:46 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 16:46 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 16:46 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 16:46 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 16:46 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 16:46 - 2015-07-13 21:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-10 16:46 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-10 16:46 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-10 16:46 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 16:46 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-10 16:46 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 16:46 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-09 14:53 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 14:53 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 14:53 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 14:53 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 14:53 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 14:53 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 14:53 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 14:53 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 14:53 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 14:53 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 14:53 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 14:53 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 14:52 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 14:52 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 14:52 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 14:52 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 14:52 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 14:52 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 14:52 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 14:52 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 14:52 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 14:52 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 14:52 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 14:52 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 14:52 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 14:52 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 14:52 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 14:52 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 14:52 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 14:52 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 14:52 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 14:52 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 14:52 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 14:52 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 14:52 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 14:52 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 14:52 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 14:52 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 14:52 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 14:52 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 14:52 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 14:52 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 14:52 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 14:51 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 14:51 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 14:51 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 14:51 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 14:51 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 14:51 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 14:51 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 14:51 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 14:51 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 14:51 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 14:51 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 14:51 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 14:51 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 14:51 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 14:51 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 14:51 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 14:51 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 14:51 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 14:51 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 14:51 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 14:51 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 14:51 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-06 02:59 - 2015-09-17 08:15 - 00000000 ____D C:\Windows\Minidump
2015-08-30 12:14 - 2015-08-30 12:14 - 00000981 _____ C:\Users\Schimansky12\Desktop\Wow – zástupce (3).lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-29 00:26 - 2015-05-18 10:41 - 01078896 _____ C:\Windows\WindowsUpdate.log
2015-09-29 00:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-28 23:44 - 2014-10-28 18:47 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-28 22:02 - 2014-11-25 18:57 - 00000000 ____D C:\ProgramData\MFAData
2015-09-28 20:44 - 2014-10-28 18:47 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-28 20:38 - 2014-10-24 18:11 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Akamai
2015-09-27 14:04 - 2014-10-24 17:23 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\CrashDumps
2015-09-27 10:36 - 2014-10-25 08:12 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\clear.fi
2015-09-26 10:57 - 2014-10-24 17:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751293310-3690691840-2036008392-1001
2015-09-26 10:46 - 2014-10-28 18:49 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-25 18:30 - 2015-03-12 19:33 - 00000000 ____D C:\Users\Schimansky12\AppData\Roaming\vlc
2015-09-25 10:33 - 2015-02-17 22:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-24 11:47 - 2014-10-24 17:22 - 00000000 __SHD C:\Users\Schimansky12\AppData\Local\EmieUserList
2015-09-24 11:47 - 2014-10-24 17:22 - 00000000 __SHD C:\Users\Schimansky12\AppData\Local\EmieSiteList
2015-09-24 11:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-24 11:36 - 2015-04-14 09:58 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-09-24 11:35 - 2015-04-14 09:56 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-09-24 11:35 - 2014-10-24 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-09-24 11:35 - 2014-10-24 18:46 - 00000000 ____D C:\ProgramData\Autodesk
2015-09-24 11:33 - 2014-10-25 17:17 - 00000000 ___RD C:\Users\Schimansky12\Desktop\Ty píčárny ze začátku
2015-09-23 18:24 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-23 16:48 - 2014-07-14 19:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-23 08:53 - 2014-10-25 08:10 - 00000000 ____D C:\Users\Schimansky12
2015-09-23 08:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-23 08:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2015-09-23 07:58 - 2014-08-23 03:14 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-22 18:22 - 2014-10-25 08:11 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Packages
2015-09-22 13:34 - 2015-04-14 09:56 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Autodesk
2015-09-22 09:30 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-21 20:40 - 2014-10-24 18:46 - 00000000 ____D C:\Users\Schimansky12\AppData\Roaming\Autodesk
2015-09-21 17:11 - 2013-08-22 16:44 - 00570560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-19 20:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-17 13:58 - 2014-08-23 03:18 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-09-17 13:58 - 2014-08-23 03:18 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-09-17 13:58 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-17 12:33 - 2014-11-25 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-15 20:39 - 2014-10-28 18:47 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 20:39 - 2014-10-28 18:47 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 03:18 - 2014-07-14 19:54 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-07-14 19:54 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 15:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-12 19:15 - 2014-12-04 11:45 - 00000000 ____D C:\Users\Schimansky12\Desktop\Movies
2015-09-12 19:10 - 2014-10-24 18:08 - 00000000 ____D C:\Users\Schimansky12\Desktop\Photos
2015-09-12 12:17 - 2014-10-28 18:47 - 00000000 ____D C:\Users\Schimansky12\AppData\Local\Google
2015-09-10 21:31 - 2014-10-30 16:12 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 22:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-09 22:40 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Files in the root of some directories =======

2014-08-23 03:04 - 2014-08-23 03:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-17 14:16 - 2015-09-17 14:16 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Schimansky12\AppData\Local\Temp\AcDeltree.exe
C:\Users\Schimansky12\AppData\Local\Temp\DLMGuardian.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-22 19:01

==================== End of FRST.txt ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Policies\Explorer: [NoFolderOptions] 0
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
  HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Programs\DeamonTools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
  HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Policies\Explorer: []
  HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\MountPoints2: {972007fa-5bca-11e4-8261-f8a963e3bf2e} - "E:\WD SmartWare.exe" autoplay=true
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.0.411&pid=wtu&sg=&sap=hp
  HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=hp
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> DefaultScope {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
  SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
  SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=dsp&q={searchTerms}
  CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1
  CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
  CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
  CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
  2015-09-25 11:16 - 2015-09-25 11:16 - 00001156 _____ C:\Users\Schimansky12\Desktop\MAM sken.txt
  2015-09-23 16:45 - 2015-09-23 16:46 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Schimansky12\Downloads\mbam-setup-2.1.8.1057.exe
  2015-09-17 12:44 - 2015-09-17 12:46 - 00049808 _____ C:\Users\Schimansky12\Desktop\Addition.txt
  2015-09-17 12:42 - 2015-09-29 00:38 - 00027500 _____ C:\Users\Schimansky12\Desktop\FRST.txt
  2015-09-17 12:32 - 2015-09-17 12:34 - 00000290 _____ C:\Users\Schimansky12\Downloads\DiskInfo.ini
  2015-09-17 12:32 - 2015-09-17 12:32 - 02817875 _____ C:\Users\Schimansky12\Downloads\CrystalDiskInfo6_2_2.zip
  2015-09-17 12:32 - 2015-09-17 12:32 - 00000000 ____D C:\Users\Schimansky12\Downloads\Smart
  2015-09-17 12:32 - 2014-12-05 23:41 - 02385016 _____ (Crystal Dew World) C:\Users\Schimansky12\Downloads\DiskInfo.exe
  2015-09-17 12:32 - 2014-12-05 11:23 - 00000000 ____D C:\Users\Schimansky12\Downloads\CdiResource
  2015-09-17 12:32 - 2014-01-27 22:18 - 00000000 ____D C:\Users\Schimansky12\Downloads\License
  2015-09-17 08:26 - 2015-09-17 08:31 - 00000000 ____D C:\Program Files\trend micro
  2015-09-17 08:26 - 2015-09-17 08:27 - 00000000 ____D C:\rsit
  2015-09-17 08:26 - 2015-09-17 08:26 - 01222144 _____ C:\Users\Schimansky12\Downloads\RSITx64.exe
  2014-08-23 03:04 - 2014-08-23 03:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  Task: {CFDD4056-62B2-419C-8AB5-8052FA76FD79} - System32\Tasks\AutoPico Daily Restart => C:\Programs\Office 2013\KMSpico\AutoPico.exe [2014-03-02] ()
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  FirewallRules: [{3168AC68-6C08-47B8-9C6E-9BB4C7478FAB}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
  FirewallRules: [{6EE9997B-4643-42F8-9A99-41F7F288BB88}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
  FirewallRules: [{012EA665-B2AF-49A0-8B9D-EA0F5CF90E24}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
  FirewallRules: [{5F3486C6-F27C-48D6-AB17-168ED0635671}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
  C:\Programs\Office 2013\KMSpico
  Hosts:
  EmptyTemp:
  End

[Erža]

Fix result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Schimansky12 (2015-09-30 13:42:40) Run:1
Running from C:\Users\Schimansky12\Desktop
Loaded Profiles: Schimansky12 (Available Profiles: Schimansky12)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Programs\DeamonTools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\MountPoints2: {972007fa-5bca-11e4-8261-f8a963e3bf2e} - "E:\WD SmartWare.exe" autoplay=true
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> DefaultScope {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D60193A1-08FB-46CC-AFB5-FCE237CE5401}&mid=4dc19258aade47cda1d029e0250756dd-2ae059e01abff0fb6ddfe3075af444f088f9fc54&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-11-26 19:21:26&v=4.1.5.143&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
2015-09-25 11:16 - 2015-09-25 11:16 - 00001156 _____ C:\Users\Schimansky12\Desktop\MAM sken.txt
2015-09-23 16:45 - 2015-09-23 16:46 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Schimansky12\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-17 12:44 - 2015-09-17 12:46 - 00049808 _____ C:\Users\Schimansky12\Desktop\Addition.txt
2015-09-17 12:42 - 2015-09-29 00:38 - 00027500 _____ C:\Users\Schimansky12\Desktop\FRST.txt
2015-09-17 12:32 - 2015-09-17 12:34 - 00000290 _____ C:\Users\Schimansky12\Downloads\DiskInfo.ini
2015-09-17 12:32 - 2015-09-17 12:32 - 02817875 _____ C:\Users\Schimansky12\Downloads\CrystalDiskInfo6_2_2.zip
2015-09-17 12:32 - 2015-09-17 12:32 - 00000000 ____D C:\Users\Schimansky12\Downloads\Smart
2015-09-17 12:32 - 2014-12-05 23:41 - 02385016 _____ (Crystal Dew World) C:\Users\Schimansky12\Downloads\DiskInfo.exe
2015-09-17 12:32 - 2014-12-05 11:23 - 00000000 ____D C:\Users\Schimansky12\Downloads\CdiResource
2015-09-17 12:32 - 2014-01-27 22:18 - 00000000 ____D C:\Users\Schimansky12\Downloads\License
2015-09-17 08:26 - 2015-09-17 08:31 - 00000000 ____D C:\Program Files\trend micro
2015-09-17 08:26 - 2015-09-17 08:27 - 00000000 ____D C:\rsit
2015-09-17 08:26 - 2015-09-17 08:26 - 01222144 _____ C:\Users\Schimansky12\Downloads\RSITx64.exe
2014-08-23 03:04 - 2014-08-23 03:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Task: {CFDD4056-62B2-419C-8AB5-8052FA76FD79} - System32\Tasks\AutoPico Daily Restart => C:\Programs\Office 2013\KMSpico\AutoPico.exe [2014-03-02] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{3168AC68-6C08-47B8-9C6E-9BB4C7478FAB}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{6EE9997B-4643-42F8-9A99-41F7F288BB88}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{012EA665-B2AF-49A0-8B9D-EA0F5CF90E24}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
FirewallRules: [{5F3486C6-F27C-48D6-AB17-168ED0635671}] => (Allow) C:\Programs\Office 2013\KMSpico\AutoPico.exe
C:\Programs\Office 2013\KMSpico
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{972007fa-5bca-11e4-8261-f8a963e3bf2e}" => key removed successfully
HKCR\CLSID\{972007fa-5bca-11e4-8261-f8a963e3bf2e} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24F41045-CC84-4AFA-AD46-4129C9CB6FE7}" => key removed successfully
HKCR\CLSID\{24F41045-CC84-4AFA-AD46-4129C9CB6FE7} => key not found.
"HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
Chrome HomePage removed successfully
Chrome DefaultSearchURL removed successfully
Chrome DefaultSearchKeyword removed successfully
Chrome DefaultSuggestURL removed successfully
C:\Users\Schimansky12\Desktop\MAM sken.txt => moved successfully
C:\Users\Schimansky12\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\Users\Schimansky12\Desktop\Addition.txt => moved successfully
C:\Users\Schimansky12\Desktop\FRST.txt => moved successfully
C:\Users\Schimansky12\Downloads\DiskInfo.ini => moved successfully
C:\Users\Schimansky12\Downloads\CrystalDiskInfo6_2_2.zip => moved successfully
C:\Users\Schimansky12\Downloads\Smart => moved successfully
C:\Users\Schimansky12\Downloads\DiskInfo.exe => moved successfully
C:\Users\Schimansky12\Downloads\CdiResource => moved successfully
C:\Users\Schimansky12\Downloads\License => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Schimansky12\Downloads\RSITx64.exe => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFDD4056-62B2-419C-8AB5-8052FA76FD79}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFDD4056-62B2-419C-8AB5-8052FA76FD79}" => key removed successfully
C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3168AC68-6C08-47B8-9C6E-9BB4C7478FAB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EE9997B-4643-42F8-9A99-41F7F288BB88} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{012EA665-B2AF-49A0-8B9D-EA0F5CF90E24} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F3486C6-F27C-48D6-AB17-168ED0635671} => value removed successfully
C:\Programs\Office 2013\KMSpico => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.3 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 13:43:32 ====

[altrok]

Log je ted cisty. Jak se chova PC?

[Erža]

Je to mnohem lepší. Už není zasekaný, nevypíná se a už nevyskakuje antivirová hrozba SECOH-QAD.exe.
Za dobře odvedenou práci děkuji

[altrok]

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy