50% využití procesem svchost.exe (dlouhodobě)

Zpráva

CcervV · #1 Příspěvek od **CcervV** » 21 čer 2016 17:48

Dobrý den ve spolek. Pravidelně se mi spouští svchost.exe, který využívá asi 50% procesorů. Když ho killnu spouští se znova a znova. Dělá to už delší dobu (týden cca?), takže si myslím, že aktualizace už by byla dávno stažená, i když sestře se prý "sám aktualizoval Win 8 na Win 10."

Co jsem zkoušel...
1) Projel jsem PC antivirem
2) zkousil jsem Ad-Aware
3) vypnul jsem aktualizace

problém stále stejný... co jsem tak vypozoroval, tak se před spuštěním svchost.exe spustí TrustInstaller nebo tak nějak. PC bych chtěl pořádně zazálohovat (průběžné zálohy důležitých částí mám) a pak přeinstalovat, ale kvůli tomu, že tím zřejmě přijdu o jednu licenci na soft, tak bych potřeboval udržet v chodu PC ještě 2-3 měsíce. Také mě zajímá čím je PC napadeno, abych případně nějakou havěť "nezazálohoval"...

Je tu někdo, kdo by byl ochotný se na to mrknout? Který log je potřeba k analýze?

Add: Ještě jsem zkoušel:
4) vrátit se k bodu obnovení (do období, kdy vše fungovalo)

#2 Příspěvek od **Rudy** » 21 čer 2016 18:23

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

CcervV · #3 Příspěvek od **CcervV** » 21 čer 2016 19:47

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Filip (administrator) on FILIP-PC (21-06-2016 20:30:19)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(PTC Inc.) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(X-Formation) C:\Program Files (x86)\VI-grade\VI-Licensing\lmx-serv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2014-06-20] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1289296 2010-02-26] (Dritek System Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-25] (Google Inc.)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [Dropbox Update] => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1208712 2014-05-14] (Autodesk, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-06-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-07-02]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive pro firmy.lnk [2014-09-10]
ShortcutTarget: OneDrive pro firmy.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\nutafun4.dll [205624 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9-x64 13 C:\Windows\system32\nutafun4.dll [205624 2012-10-12] (MKS Software Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A542AE47-3103-4307-B83B-8032E9DB61C7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_7741&r=27360614l116l04e8z105v46m18221
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_7741&r=27360614l116l04e8z105v46m18221
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Filip\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
URLSearchHook: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Filip\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ593
SearchScopes: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ593
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll [2010-03-25] (Google Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: BS Player ControlBar B Toolbar -> {31264a33-a653-46c4-af49-1232c59a7da5} -> C:\Users\Filip\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2010-03-25] (Google Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Filip\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\0ql3utaj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2278198626-3794590262-4264707233-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Filip\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-19] (Citrix Online)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\0ql3utaj.default\extensions\artur.dubovoy@gmail.com [2016-05-08]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-06-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-13] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-14]
CHR Extension: (SiteAdvisor) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Readline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbkmfadmomgaokjodomncmbgmmodona [2016-01-29]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-01-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-07-02] (Adobe Systems) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-12] (Autodesk, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [676864 2014-09-07] (PTC Inc.) [File not signed]
R2 VI-grade-LMX; C:\Program Files (x86)\VI-grade\VI-Licensing\lmx-serv.exe [12902952 2015-07-10] (X-Formation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 LfNtSp50; C:\Windows\System32\Drivers\LfNtSp50.sys [46712 2015-08-15] (Life Racing Limited)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-10-11] (Oracle Corporation)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-21 20:30 - 2016-06-21 20:30 - 00029790 _____ C:\Users\Filip\Desktop\FRST.txt
2016-06-21 20:29 - 2016-06-21 20:30 - 00000000 ____D C:\FRST
2016-06-21 20:25 - 2016-06-21 20:26 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2016-06-21 20:14 - 2016-06-21 20:14 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\Nepotvrzeno 653360.crdownload
2016-06-21 20:13 - 2016-06-21 20:14 - 02387456 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2016-06-20 21:55 - 2016-06-20 21:55 - 00203082 _____ C:\Users\Filip\Desktop\Prukaz.pdf
2016-06-20 21:55 - 2016-06-20 21:55 - 00122071 _____ C:\Users\Filip\Desktop\smlouva.pdf
2016-06-19 20:29 - 2016-06-19 20:29 - 00724161 _____ C:\Users\Filip\Desktop\DAH.pdf
2016-06-19 20:17 - 2016-06-19 20:17 - 00030317 _____ C:\Users\Filip\Desktop\Ordinacni_hodiny_3_1_2014.pdf
2016-06-19 10:26 - 2016-06-19 10:26 - 00003008 _____ C:\Users\Filip\Desktop\auto – zástupce.lnk
2016-06-19 10:11 - 2016-06-19 10:11 - 00001875 _____ C:\Users\Filip\Desktop\0-PRACE – zástupce.lnk
2016-06-19 10:00 - 2016-06-19 10:00 - 00001887 _____ C:\Users\Filip\Desktop\Hudba-flash – zástupce.lnk
2016-06-19 10:00 - 2016-06-19 10:00 - 00001793 _____ C:\Users\Filip\Desktop\Hudba – zástupce.lnk
2016-06-18 00:34 - 2016-06-18 22:36 - 00000000 ____D C:\Users\Filip\Desktop\ProcessExplorer
2016-06-18 00:32 - 2016-06-18 00:33 - 01270466 _____ C:\Users\Filip\Desktop\ProcessExplorer.zip
2016-06-17 21:00 - 2016-06-17 21:01 - 16790116 _____ C:\Users\Filip\Desktop\app-release.apk
2016-06-17 20:56 - 2016-06-17 20:56 - 00429216 _____ C:\Users\Filip\Desktop\ENG_MAPA0.LRC
2016-06-16 22:21 - 2016-06-19 01:10 - 00011671 _____ C:\Users\Filip\Desktop\testprotokol.xlsx
2016-06-16 21:22 - 2016-06-16 21:22 - 00012422 _____ C:\Users\Filip\Desktop\Tomas.rar
2016-06-16 21:19 - 2016-06-16 21:20 - 00000000 ____D C:\Users\Filip\Desktop\Tomas
2016-06-15 17:35 - 2016-06-15 17:35 - 00429240 _____ C:\Users\Filip\Desktop\ENG_MAPA2.LRCU
2016-06-14 21:26 - 2016-06-14 21:26 - 00143564 _____ C:\Users\Filip\Desktop\YMD-pokus.xlsm
2016-06-14 21:16 - 2016-06-14 21:17 - 00154883 _____ C:\Users\Filip\Desktop\YMD.xlsm
2016-06-13 01:10 - 2016-06-13 01:10 - 00000967 _____ C:\Users\Filip\Desktop\Z-Prezentace – zástupce.lnk
2016-06-11 21:53 - 2016-06-12 10:30 - 00000506 _____ C:\Users\Public\Documents\pglclock_trl.txt.2
2016-06-09 17:33 - 2016-06-09 17:33 - 00005749 _____ C:\Users\Filip\Desktop\YMDv30.rar
2016-06-08 13:55 - 2016-06-08 13:55 - 00910234 _____ C:\Users\Filip\Documents\Scan0006.pdf
2016-06-08 13:53 - 2016-06-08 13:53 - 00941916 _____ C:\Users\Filip\Documents\Scan0005.pdf
2016-06-08 00:33 - 2016-06-18 22:36 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-27 00:20 - 2016-05-27 00:20 - 00000110 _____ C:\Users\Filip\AppData\Roaming\BDLPro.ini
2016-05-27 00:20 - 2016-05-27 00:20 - 00000102 _____ C:\Users\Filip\AppData\Roaming\BDLView.ini
2016-05-27 00:19 - 2016-05-27 00:19 - 00000000 ____D C:\Users\Filip\Desktop\BDL1.5
2016-05-27 00:17 - 2016-05-27 00:18 - 08145131 _____ C:\Users\Filip\Desktop\BDL1.5.zip
2016-05-25 08:16 - 2016-05-25 08:16 - 00167319 _____ C:\Users\Filip\Documents\Scan0004.pdf
2016-05-24 01:14 - 2016-05-24 01:15 - 00349184 _____ C:\Users\Filip\Desktop\Lecture 1.ppt
2016-05-23 22:30 - 2016-05-23 22:30 - 00100247 _____ C:\Users\Filip\Documents\Scan0003.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-21 20:29 - 2014-06-22 15:18 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 20:15 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-21 20:15 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-21 20:09 - 2016-05-11 20:38 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job
2016-06-21 20:09 - 2015-07-12 21:59 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job
2016-06-21 20:09 - 2015-05-16 10:31 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job
2016-06-21 20:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 20:08 - 2009-07-14 07:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-21 20:04 - 2015-07-19 09:59 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job
2016-06-21 20:04 - 2015-05-16 10:31 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job
2016-06-21 19:13 - 2015-12-14 22:09 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-06-21 19:01 - 2014-08-04 22:48 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 18:48 - 2015-03-19 17:12 - 00000562 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job
2016-06-21 18:43 - 2016-05-11 20:38 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job
2016-06-21 18:43 - 2016-02-02 19:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job
2016-06-21 18:36 - 2015-02-07 20:31 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job
2016-06-21 18:36 - 2014-10-20 14:24 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job
2016-06-21 18:35 - 2015-09-16 16:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job
2016-06-21 18:35 - 2015-07-12 21:59 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job
2016-06-21 18:06 - 2014-10-07 21:29 - 00000000 ____D C:\Users\Filip\AppData\Local\Akamai
2016-06-21 18:05 - 2014-08-05 23:34 - 00000000 ____D C:\Users\Filip\AppData\Local\Adobe
2016-06-21 17:45 - 2015-05-31 14:35 - 00000658 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job
2016-06-21 07:05 - 2014-07-02 12:03 - 00000000 ____D C:\Users\Filip\Downloads\Install
2016-06-19 22:30 - 2016-03-25 21:34 - 00012686 _____ C:\Users\Filip\Desktop\TO DO.xlsx
2016-06-19 10:50 - 2015-04-06 13:42 - 00000000 ____D C:\Users\Filip\Documents\5-Podklady
2016-06-19 10:48 - 2014-12-29 01:34 - 00000000 ____D C:\Users\Filip\Documents\1-SKOLA
2016-06-19 10:38 - 2014-09-02 15:23 - 00000000 ____D C:\Users\Filip\Documents\0-Bruno
2016-06-19 10:02 - 2014-12-16 16:46 - 00000000 ____D C:\Users\Filip\Documents\3-PLOCHA
2016-06-18 22:37 - 2014-10-08 00:50 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Autodesk
2016-06-18 22:37 - 2014-10-08 00:50 - 00000000 ____D C:\ProgramData\Autodesk
2016-06-18 22:36 - 2015-11-06 00:07 - 00000000 ____D C:\Users\Filip\AppData\Roaming\vlc
2016-06-18 22:36 - 2015-06-14 23:50 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-06-18 22:36 - 2014-11-21 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-06-18 22:36 - 2014-08-04 22:48 - 00000000 ____D C:\Windows\system32\Macromed
2016-06-18 22:36 - 2014-07-01 13:09 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Dropbox
2016-06-18 22:36 - 2014-06-20 09:14 - 00000000 ____D C:\Users\Filip
2016-06-18 22:36 - 2010-03-25 06:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-18 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-06-18 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-18 21:56 - 2014-11-28 13:58 - 00000000 ____D C:\Users\Filip\.VirtualBox
2016-06-18 21:55 - 2014-12-18 13:14 - 00000000 ____D C:\Program Files\ANSYS Inc
2016-06-18 21:45 - 2014-07-02 12:04 - 00000000 ____D C:\Games
2016-06-17 21:02 - 2014-08-04 22:48 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 21:02 - 2014-08-04 22:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 21:02 - 2014-08-04 22:48 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 21:53 - 2015-05-31 14:35 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2278198626-3794590262-4264707233-1000
2016-06-16 21:53 - 2015-03-19 17:12 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2278198626-3794590262-4264707233-1000
2016-06-16 21:18 - 2014-07-22 19:38 - 00000116 _____ C:\Windows\NeroDigital.ini
2016-06-16 21:18 - 2014-06-22 15:23 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 21:18 - 2014-06-22 15:23 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-16 20:45 - 2014-07-01 13:13 - 00000000 ___RD C:\Users\Filip\Dropbox
2016-06-15 22:37 - 2014-06-20 18:06 - 00668792 _____ C:\Windows\system32\perfh005.dat
2016-06-15 22:37 - 2014-06-20 18:06 - 00141420 _____ C:\Windows\system32\perfc005.dat
2016-06-15 22:37 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-13 00:38 - 2014-12-18 13:13 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Ansys
2016-06-13 00:18 - 2015-05-05 13:01 - 00000112 _____ C:\Users\Public\Documents\std.err
2016-06-12 10:39 - 2015-07-02 00:46 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000Core.job
2016-06-11 15:22 - 2015-07-02 00:46 - 00000000 ____D C:\Users\Filip\AppData\Local\Dropbox
2016-06-09 22:13 - 2015-11-01 11:30 - 00000000 ____D C:\ProgramData\Origin
2016-06-09 22:13 - 2015-11-01 11:27 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-09 18:22 - 2014-07-01 21:37 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Skype
2016-05-25 22:56 - 2015-02-09 20:53 - 00000000 ____D C:\Users\Filip\Documents\2-KNIHY
2016-05-25 07:35 - 2014-06-29 21:50 - 00000000 ____D C:\ProgramData\boost_interprocess

==================== Files in the root of some directories =======

2014-11-21 16:44 - 2015-05-19 18:29 - 0000034 _____ () C:\Users\Filip\AppData\Roaming\AdobeWLCMCache.dat
2016-05-27 00:20 - 2016-05-27 00:20 - 0000110 _____ () C:\Users\Filip\AppData\Roaming\BDLPro.ini
2016-05-27 00:20 - 2016-05-27 00:20 - 0000102 _____ () C:\Users\Filip\AppData\Roaming\BDLView.ini
2015-06-24 11:34 - 2016-03-03 23:19 - 0007168 _____ () C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-19 00:07 - 2016-04-04 20:49 - 0007666 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2015-11-11 21:16 - 2015-11-11 21:16 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-03-25 06:59 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Filip\AppData\Local\Temp\154a65f9-c42b-4d48-8050-71f2cb644bc5.exe
C:\Users\Filip\AppData\Local\Temp\AAMHelper.exe
C:\Users\Filip\AppData\Local\Temp\AcDeltree.exe
C:\Users\Filip\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Filip\AppData\Local\Temp\bassmod.dll
C:\Users\Filip\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqanrzq.dll
C:\Users\Filip\AppData\Local\Temp\GUR1E3C.exe
C:\Users\Filip\AppData\Local\Temp\MSN600C.exe
C:\Users\Filip\AppData\Local\Temp\setup.exe
C:\Users\Filip\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Filip\AppData\Local\Temp\sfextra.dll
C:\Users\Filip\AppData\Local\Temp\SIntf16.dll
C:\Users\Filip\AppData\Local\Temp\SIntf32.dll
C:\Users\Filip\AppData\Local\Temp\SIntfNT.dll
C:\Users\Filip\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Filip\AppData\Local\Temp\vcredist.exe
C:\Users\Filip\AppData\Local\Temp\ydzjvizu.exe
C:\Users\Filip\AppData\Local\Temp\yxwn.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000Core.job => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job => C:\Users\Filip\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job => C:\Users\Filip\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f08c423e655e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Filip\Desktop" je 169 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Rudy** » 21 čer 2016 19:50

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

CcervV · #5 Příspěvek od **CcervV** » 21 čer 2016 20:01

# AdwCleaner v5.200 - Log vytvořen 21/06/2016 v 20:53:54
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-21.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Filip - FILIP-PC
# Spuštěno z : C:\Users\Filip\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : Partner Service

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\Partner
[-] Složka Smazáno : C:\ProgramData\Tbccint
[#] Složka Smazáno : C:\ProgramData\tbccint
[#] Složka Smazáno : C:\ProgramData\Application Data\Partner
[#] Složka Smazáno : C:\ProgramData\Application Data\Tbccint
[#] Složka Smazáno : C:\ProgramData\Application Data\tbccint
[-] Složka Smazáno : C:\Program Files (x86)\Tbccint
[#] Složka Smazáno : C:\Program Files (x86)\tbccint
[-] Složka Smazáno : C:\Users\Filip\AppData\Local\Temp\BS_Player_ControlBar_B
[-] Složka Smazáno : C:\Users\Filip\AppData\Local\Tbccint
[#] Složka Smazáno : C:\Users\Filip\AppData\Local\tbccint
[-] Složka Smazáno : C:\Users\Filip\AppData\LocalLow\BS_Player_ControlBar_B
[-] Složka Smazáno : C:\Users\Filip\AppData\LocalLow\Tbccint
[#] Složka Smazáno : C:\Users\Filip\AppData\LocalLow\tbccint

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\END
[-] Soubor Smazáno : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\Tbccint
[-] Klíč Smazáno : HKCU\Software\Tbccint_HKLM
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Toolbar
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\adawarebp
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\Tbccint
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5212 bytů] - [21/06/2016 20:53:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [5799 bytů] - [21/06/2016 20:51:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5358 bytů] ##########

CcervV · #6 Příspěvek od **CcervV** » 21 čer 2016 20:11

Situace stále stejná... cca 50% procesoru a 150 MB paměti...

#7 Příspěvek od **Rudy** » 21 čer 2016 20:46

Dejte nový log FRST.

CcervV · #8 Příspěvek od **CcervV** » 21 čer 2016 20:59

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Filip (administrator) on FILIP-PC (21-06-2016 21:54:30)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Akamai Technologies, Inc.) C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(PTC Inc.) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(Akamai Technologies, Inc.) C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe
(X-Formation) C:\Program Files (x86)\VI-grade\VI-Licensing\lmx-serv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2014-06-20] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1289296 2010-02-26] (Dritek System Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-25] (Google Inc.)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [Dropbox Update] => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-02] (Dropbox, Inc.)
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1208712 2014-05-14] (Autodesk, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-06-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-07-02]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive pro firmy.lnk [2014-09-10]
ShortcutTarget: OneDrive pro firmy.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A542AE47-3103-4307-B83B-8032E9DB61C7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_7741&r=27360614l116l04e8z105v46m18221
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_7741&r=27360614l116l04e8z105v46m18221
URLSearchHook: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ593
SearchScopes: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ593
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll => No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\0ql3utaj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2278198626-3794590262-4264707233-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Filip\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-19] (Citrix Online)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\0ql3utaj.default\extensions\artur.dubovoy@gmail.com [2016-05-08]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-06-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-13] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-14]
CHR Extension: (SiteAdvisor) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Readline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbkmfadmomgaokjodomncmbgmmodona [2016-01-29]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-01-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-07-02] (Adobe Systems) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-12] (Autodesk, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [676864 2014-09-07] (PTC Inc.) [File not signed]
R2 VI-grade-LMX; C:\Program Files (x86)\VI-grade\VI-Licensing\lmx-serv.exe [12902952 2015-07-10] (X-Formation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 LfNtSp50; C:\Windows\System32\Drivers\LfNtSp50.sys [46712 2015-08-15] (Life Racing Limited)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-10-11] (Oracle Corporation)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-21 21:54 - 2016-06-21 21:54 - 00027864 _____ C:\Users\Filip\Desktop\FRST.txt
2016-06-21 20:50 - 2016-06-21 20:53 - 00000000 ____D C:\AdwCleaner
2016-06-21 20:49 - 2016-06-21 20:50 - 03703360 _____ C:\Users\Filip\Desktop\adwcleaner_5.200.exe
2016-06-21 20:35 - 2016-06-21 20:47 - 00047525 _____ C:\Users\Filip\Desktop\FRST-uprava.txt
2016-06-21 20:29 - 2016-06-21 21:54 - 00000000 ____D C:\FRST
2016-06-21 20:25 - 2016-06-21 20:26 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2016-06-21 20:14 - 2016-06-21 20:14 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\Nepotvrzeno 653360.crdownload
2016-06-21 20:13 - 2016-06-21 20:14 - 02387456 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2016-06-20 21:55 - 2016-06-20 21:55 - 00203082 _____ C:\Users\Filip\Desktop\Prukaz.pdf
2016-06-20 21:55 - 2016-06-20 21:55 - 00122071 _____ C:\Users\Filip\Desktop\smlouva.pdf
2016-06-19 20:17 - 2016-06-19 20:17 - 00030317 _____ C:\Users\Filip\Desktop\Ordinacni_hodiny_3_1_2014.pdf
2016-06-19 10:26 - 2016-06-19 10:26 - 00003008 _____ C:\Users\Filip\Desktop\auto – zástupce.lnk
2016-06-19 10:11 - 2016-06-19 10:11 - 00001875 _____ C:\Users\Filip\Desktop\0-PRACE – zástupce.lnk
2016-06-19 10:00 - 2016-06-19 10:00 - 00001887 _____ C:\Users\Filip\Desktop\Hudba-flash – zástupce.lnk
2016-06-19 10:00 - 2016-06-19 10:00 - 00001793 _____ C:\Users\Filip\Desktop\Hudba – zástupce.lnk
2016-06-18 00:34 - 2016-06-18 22:36 - 00000000 ____D C:\Users\Filip\Desktop\ProcessExplorer
2016-06-18 00:32 - 2016-06-18 00:33 - 01270466 _____ C:\Users\Filip\Desktop\ProcessExplorer.zip
2016-06-17 21:00 - 2016-06-17 21:01 - 16790116 _____ C:\Users\Filip\Desktop\app-release.apk
2016-06-16 22:21 - 2016-06-19 01:10 - 00011671 _____ C:\Users\Filip\Desktop\testprotokol.xlsx
2016-06-16 21:22 - 2016-06-16 21:22 - 00012422 _____ C:\Users\Filip\Desktop\Tomas.rar
2016-06-16 21:19 - 2016-06-16 21:20 - 00000000 ____D C:\Users\Filip\Desktop\Tomas
2016-06-13 01:10 - 2016-06-13 01:10 - 00000967 _____ C:\Users\Filip\Desktop\Z-Prezentace – zástupce.lnk
2016-06-11 21:53 - 2016-06-12 10:30 - 00000506 _____ C:\Users\Public\Documents\pglclock_trl.txt.2
2016-06-09 17:33 - 2016-06-09 17:33 - 00005749 _____ C:\Users\Filip\Desktop\YMDv30.rar
2016-06-08 13:55 - 2016-06-08 13:55 - 00910234 _____ C:\Users\Filip\Documents\Scan0006.pdf
2016-06-08 13:53 - 2016-06-08 13:53 - 00941916 _____ C:\Users\Filip\Documents\Scan0005.pdf
2016-06-08 00:33 - 2016-06-18 22:36 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-27 00:20 - 2016-05-27 00:20 - 00000110 _____ C:\Users\Filip\AppData\Roaming\BDLPro.ini
2016-05-27 00:20 - 2016-05-27 00:20 - 00000102 _____ C:\Users\Filip\AppData\Roaming\BDLView.ini
2016-05-27 00:19 - 2016-05-27 00:19 - 00000000 ____D C:\Users\Filip\Desktop\BDL1.5
2016-05-27 00:17 - 2016-05-27 00:18 - 08145131 _____ C:\Users\Filip\Desktop\BDL1.5.zip
2016-05-25 08:16 - 2016-05-25 08:16 - 00167319 _____ C:\Users\Filip\Documents\Scan0004.pdf
2016-05-24 01:14 - 2016-05-24 01:15 - 00349184 _____ C:\Users\Filip\Desktop\Lecture 1.ppt
2016-05-23 22:30 - 2016-05-23 22:30 - 00100247 _____ C:\Users\Filip\Documents\Scan0003.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-21 21:48 - 2015-03-19 17:12 - 00000562 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job
2016-06-21 21:45 - 2015-05-31 14:35 - 00000658 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job
2016-06-21 21:43 - 2016-05-11 20:38 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job
2016-06-21 21:43 - 2016-02-02 19:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job
2016-06-21 21:36 - 2015-02-07 20:31 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job
2016-06-21 21:36 - 2014-10-20 14:24 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job
2016-06-21 21:35 - 2015-09-16 16:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job
2016-06-21 21:35 - 2015-07-12 21:59 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job
2016-06-21 21:29 - 2014-06-22 15:18 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-21 21:05 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-21 21:05 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-21 21:04 - 2015-07-19 09:59 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job
2016-06-21 21:04 - 2015-05-16 10:31 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job
2016-06-21 21:01 - 2014-08-04 22:48 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 20:56 - 2016-05-11 20:38 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job
2016-06-21 20:56 - 2015-07-12 21:59 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job
2016-06-21 20:56 - 2015-05-16 10:31 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job
2016-06-21 20:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 20:08 - 2009-07-14 07:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-21 19:13 - 2015-12-14 22:09 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-06-21 18:06 - 2014-10-07 21:29 - 00000000 ____D C:\Users\Filip\AppData\Local\Akamai
2016-06-21 18:05 - 2014-08-05 23:34 - 00000000 ____D C:\Users\Filip\AppData\Local\Adobe
2016-06-21 07:05 - 2014-07-02 12:03 - 00000000 ____D C:\Users\Filip\Downloads\Install
2016-06-19 22:30 - 2016-03-25 21:34 - 00012686 _____ C:\Users\Filip\Desktop\TO DO.xlsx
2016-06-19 10:50 - 2015-04-06 13:42 - 00000000 ____D C:\Users\Filip\Documents\5-Podklady
2016-06-19 10:48 - 2014-12-29 01:34 - 00000000 ____D C:\Users\Filip\Documents\1-SKOLA
2016-06-19 10:38 - 2014-09-02 15:23 - 00000000 ____D C:\Users\Filip\Documents\0-Bruno
2016-06-19 10:02 - 2014-12-16 16:46 - 00000000 ____D C:\Users\Filip\Documents\3-PLOCHA
2016-06-18 22:37 - 2014-10-08 00:50 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Autodesk
2016-06-18 22:37 - 2014-10-08 00:50 - 00000000 ____D C:\ProgramData\Autodesk
2016-06-18 22:36 - 2015-11-06 00:07 - 00000000 ____D C:\Users\Filip\AppData\Roaming\vlc
2016-06-18 22:36 - 2015-06-14 23:50 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-06-18 22:36 - 2014-11-21 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-06-18 22:36 - 2014-08-04 22:48 - 00000000 ____D C:\Windows\system32\Macromed
2016-06-18 22:36 - 2014-07-01 13:09 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Dropbox
2016-06-18 22:36 - 2014-06-20 09:14 - 00000000 ____D C:\Users\Filip
2016-06-18 22:36 - 2010-03-25 06:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-18 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-06-18 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-18 21:56 - 2014-11-28 13:58 - 00000000 ____D C:\Users\Filip\.VirtualBox
2016-06-18 21:55 - 2014-12-18 13:14 - 00000000 ____D C:\Program Files\ANSYS Inc
2016-06-18 21:45 - 2014-07-02 12:04 - 00000000 ____D C:\Games
2016-06-17 21:02 - 2014-08-04 22:48 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 21:02 - 2014-08-04 22:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 21:02 - 2014-08-04 22:48 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 21:53 - 2015-05-31 14:35 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2278198626-3794590262-4264707233-1000
2016-06-16 21:53 - 2015-03-19 17:12 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2278198626-3794590262-4264707233-1000
2016-06-16 21:18 - 2014-07-22 19:38 - 00000116 _____ C:\Windows\NeroDigital.ini
2016-06-16 21:18 - 2014-06-22 15:23 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 21:18 - 2014-06-22 15:23 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-16 20:45 - 2014-07-01 13:13 - 00000000 ___RD C:\Users\Filip\Dropbox
2016-06-15 22:37 - 2014-06-20 18:06 - 00668792 _____ C:\Windows\system32\perfh005.dat
2016-06-15 22:37 - 2014-06-20 18:06 - 00141420 _____ C:\Windows\system32\perfc005.dat
2016-06-15 22:37 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-13 00:38 - 2014-12-18 13:13 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Ansys
2016-06-13 00:18 - 2015-05-05 13:01 - 00000112 _____ C:\Users\Public\Documents\std.err
2016-06-12 10:39 - 2015-07-02 00:46 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000Core.job
2016-06-11 15:22 - 2015-07-02 00:46 - 00000000 ____D C:\Users\Filip\AppData\Local\Dropbox
2016-06-09 22:13 - 2015-11-01 11:30 - 00000000 ____D C:\ProgramData\Origin
2016-06-09 22:13 - 2015-11-01 11:27 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-09 18:22 - 2014-07-01 21:37 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Skype
2016-05-25 22:56 - 2015-02-09 20:53 - 00000000 ____D C:\Users\Filip\Documents\2-KNIHY
2016-05-25 07:35 - 2014-06-29 21:50 - 00000000 ____D C:\ProgramData\boost_interprocess

==================== Files in the root of some directories =======

2014-11-21 16:44 - 2015-05-19 18:29 - 0000034 _____ () C:\Users\Filip\AppData\Roaming\AdobeWLCMCache.dat
2016-05-27 00:20 - 2016-05-27 00:20 - 0000110 _____ () C:\Users\Filip\AppData\Roaming\BDLPro.ini
2016-05-27 00:20 - 2016-05-27 00:20 - 0000102 _____ () C:\Users\Filip\AppData\Roaming\BDLView.ini
2015-06-24 11:34 - 2016-03-03 23:19 - 0007168 _____ () C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-19 00:07 - 2016-04-04 20:49 - 0007666 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2015-11-11 21:16 - 2015-11-11 21:16 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-03-25 06:59 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Filip\AppData\Local\Temp\154a65f9-c42b-4d48-8050-71f2cb644bc5.exe
C:\Users\Filip\AppData\Local\Temp\AAMHelper.exe
C:\Users\Filip\AppData\Local\Temp\AcDeltree.exe
C:\Users\Filip\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Filip\AppData\Local\Temp\bassmod.dll
C:\Users\Filip\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqanrzq.dll
C:\Users\Filip\AppData\Local\Temp\GUR1E3C.exe
C:\Users\Filip\AppData\Local\Temp\libeay32.dll
C:\Users\Filip\AppData\Local\Temp\MSN600C.exe
C:\Users\Filip\AppData\Local\Temp\msvcr120.dll
C:\Users\Filip\AppData\Local\Temp\setup.exe
C:\Users\Filip\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Filip\AppData\Local\Temp\sfextra.dll
C:\Users\Filip\AppData\Local\Temp\SIntf16.dll
C:\Users\Filip\AppData\Local\Temp\SIntf32.dll
C:\Users\Filip\AppData\Local\Temp\SIntfNT.dll
C:\Users\Filip\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Filip\AppData\Local\Temp\sqlite3.dll
C:\Users\Filip\AppData\Local\Temp\vcredist.exe
C:\Users\Filip\AppData\Local\Temp\ydzjvizu.exe
C:\Users\Filip\AppData\Local\Temp\yxwn.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000Core.job => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job => C:\Users\Filip\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2278198626-3794590262-4264707233-1000.job => C:\Users\Filip\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f08c423e655e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Filip\Desktop" je 170 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

CcervV · #9 Příspěvek od **CcervV** » 21 čer 2016 21:04

Nechal jsem tam běžet i ten proces v tomto případě. V tom minulém ještě neběžel.

#10 Příspěvek od **Rudy** » 21 čer 2016 21:32

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-25] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
C:\Users\Filip\AppData\Local\Akamai
ShortcutTarget: OneDrive pro firmy.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (No File)
SearchScopes: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job
C:\Users\Filip\AppData\Local\Akamai
C:\Users\Filip\AppData\Roaming\BDLPro.ini
C:\Users\Filip\AppData\Roaming\BDLView.ini
C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Filip\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

CcervV · #11 Příspěvek od **CcervV** » 21 čer 2016 21:50

Po restartu hlášení:
- Microsoft Visual C++ Runtime Library: Runtime Error!
- Program Norton Backup Service přestal pracovat

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Filip (2016-06-21 22:36:29) Run:1
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-25] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Filip\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
C:\Users\Filip\AppData\Local\Akamai
ShortcutTarget: OneDrive pro firmy.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (No File)
SearchScopes: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2278198626-3794590262-4264707233-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job
C:\Users\Filip\AppData\Local\Akamai
C:\Users\Filip\AppData\Roaming\BDLPro.ini
C:\Users\Filip\AppData\Roaming\BDLView.ini
C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Filip\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
C:\Program Files (x86)\Google\GoogleToolbarNotifier => moved successfully
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully

"C:\Users\Filip\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Filip\AppData\Local\Akamai" => Scheduled to move on reboot.

C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE => not found.
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" => key removed successfully
"HKCR\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1abb44a687cee.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15ddf5f69a347.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d043045a1e8705.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec60cff04a67.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f08c42a2cdf6.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bcdd3acb015e.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2278198626-3794590262-4264707233-1000UA1d0c1f8c91e2652.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fb2ae0ca61d.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1abb4489f74b9.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bcdd3a6957f0.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fb2adc67557.job => moved successfully

"C:\Users\Filip\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Filip\AppData\Local\Akamai" => Scheduled to move on reboot.

C:\Users\Filip\AppData\Roaming\BDLPro.ini => moved successfully
C:\Users\Filip\AppData\Roaming\BDLView.ini => moved successfully
C:\Users\Filip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Filip\AppData\Local\Temp" folder move:

Could not move "C:\Users\Filip\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-21 22:42:19)

C:\Users\Filip\AppData\Local\Akamai => Is moved successfully
C:\Users\Filip\AppData\Local\Akamai => Is moved successfully
C:\Users\Filip\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:42:19 ====

svchost stále stejné

#12 Příspěvek od **Rudy** » 22 čer 2016 09:33

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

CcervV · #13 Příspěvek od **CcervV** » 22 čer 2016 21:38

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.6.2016
Čas skenování: 17:05
Protokol: Malwarebytes-sken.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.22.03
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Filip

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 856526
Uplynulý čas: 5 hod, 28 min, 48 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4DEF23B9-E659-4FD9-885B-A4ABA1CA1036}, , [768534cbe5b466d08dd03f4d25deb14f],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DAA42771-1247-4847-A494-AA6701335570}, , [c5368b745d3ca096da83612ba1626a96],

Hodnoty registru: 2
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4DEF23B9-E659-4FD9-885B-A4ABA1CA1036}|AppPath, C:\Users\Filip\AppData\Local\Tbccint\CT3329621, , [768534cbe5b466d08dd03f4d25deb14f]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2278198626-3794590262-4264707233-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DAA42771-1247-4847-A494-AA6701335570}|AppPath, C:\Users\Filip\AppData\Local\Tbccint\CT3329621, , [c5368b745d3ca096da83612ba1626a96]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
CrackTool.Agent, C:\Users\Filip\Downloads\Adobe Acrobat XI Pro 11.0.9 Multilanguage [ChingLiu]\patch MPT\adobe.acrobat.xi.pro.patch-MPT.exe, , [b7441ae54f4ab77fb6669118f10f26da],
RiskWare.Tool.HCK, C:\Users\Filip\Downloads\Install\Sony Vegas Pro 10.0a Build 387 (X86-X64)\Patch\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe, , [82791ce36138d264872eaa6ef01212ee],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#14 Příspěvek od **Rudy** » 22 čer 2016 21:50

Všechny nalezené položky smažte.

CcervV · #15 Příspěvek od **CcervV** » 22 čer 2016 22:13

Hotovo...

VIRY.CZ

50% využití procesem svchost.exe (dlouhodobě)

50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)

Re: 50% využití procesem svchost.exe (dlouhodobě)