Pomaly vykon notebooku

[Antrac1t]

Dobry den
chtel bych Vas pozadat o kontrolu meho notebooku, posledni dobou je znacne nizsi vykon.
Děkuji


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Martina29 (administrator) on MARTINA (15-03-2017 21:11:11)
Running from C:\Users\Martina29\Downloads
Loaded Profiles: Martina29 (Available Profiles: Martina29)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Pokki) C:\Users\Martina29\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-12-10] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\Run: [WebcamMaxAutoRun] => C:\Program Files (x86)\WebcamMax\WebcamMax.exe [6043888 2010-08-03] (CoolwareMax)
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\RunOnce: [Application Restart #1] => C:\Users\Martina29\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7873512 2016-11-16] (Pokki)
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {158f9314-a434-11e4-825b-806e6f6e6963} - "D:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {3760c612-04f7-11e7-82a8-acb57dd693f1} - "E:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {98655876-50af-11e5-8275-acb57dd693f1} - "F:\Startme.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-01-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CB1D572-C6BE-44D3-8B8A-43AF3AB516AE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A2E7C903-8835-4F13-B0F6-42561A6B2C4C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BF169AC17-8EBC-498C-AD54-B4B2A0E49F66%7D&mid=d7d7db192c9447cda1e5213f5a9c4b2f-4074fa0a4b2327f8d1ee18e84d0ba683229080d4&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-18%2017:55:32&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
URLSearchHook: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F169AC17-8EBC-498C-AD54-B4B2A0E49F66}&mid=d7d7db192c9447cda1e5213f5a9c4b2f-4074fa0a4b2327f8d1ee18e84d0ba683229080d4&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-18 17:55:32&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=CLM&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=114F3B35-E864-4698-848C-234649041770&apn_sauid=92170442-0F65-4F50-B8A0-E7F1318B10E6
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F169AC17-8EBC-498C-AD54-B4B2A0E49F66}&mid=d7d7db192c9447cda1e5213f5a9c4b2f-4074fa0a4b2327f8d1ee18e84d0ba683229080d4&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-18 17:55:32&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-10] (AVG)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-10] (AVG)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll => No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File

FireFox:
========
FF ProfilePath: C:\Users\Martina29\AppData\Roaming\Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 [2017-03-15]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 ->
FF Homepage: Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 -> hxxp://search.seznam.cz/?sourceid=Quicksearch_16194&q=
FF Extension: (AVG Web TuneUp) - C:\Users\Martina29\AppData\Roaming\Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250\Extensions\avg@toolbar.xpi [2016-12-10]
FF SearchPlugin: C:\Users\Martina29\AppData\Roaming\Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250\searchplugins\avg-secure-search.xml [2017-03-15]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-12-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-02-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-02-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-02-22] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-12-10] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-15 21:11 - 2017-03-15 21:12 - 00017128 _____ C:\Users\Martina29\Downloads\FRST.txt
2017-03-15 21:11 - 2017-03-15 21:11 - 00000000 ____D C:\FRST
2017-03-15 21:08 - 2017-03-15 21:09 - 02424832 _____ (Farbar) C:\Users\Martina29\Downloads\FRST64.exe
2017-03-14 20:08 - 2017-03-14 20:08 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-14 20:08 - 2017-03-14 20:08 - 00000000 ____D C:\Users\Martina29\Documents\EA Games
2017-03-14 20:03 - 2017-03-14 20:03 - 00000000 __RHD C:\Users\Martina29\AppData\Roaming\SecuROM
2017-03-11 14:28 - 2017-03-11 14:28 - 00002215 _____ C:\Users\Public\Desktop\The Sims™ 2 Mazlíčci.lnk
2017-03-11 14:20 - 2017-03-11 14:20 - 00000000 ____D C:\Users\Martina29\Desktop\The Sims 2 Pets+Serial+Crack
2017-02-20 13:14 - 2017-02-20 13:14 - 00313088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2017-02-16 00:45 - 2017-03-15 12:11 - 00000000 ____D C:\Users\Martina29\AppData\Local\Facebook
2017-02-16 00:44 - 2017-02-16 00:44 - 00252144 _____ (Facebook) C:\Users\Martina29\Downloads\FacebookGameroom.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-15 21:02 - 2016-11-16 14:47 - 00000000 ____D C:\Users\Martina29\AppData\LocalLow\Mozilla
2017-03-15 20:56 - 2015-05-14 18:23 - 00003838 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{91FDB128-0FC4-4C85-B7D4-8B5AE6537CEA}
2017-03-15 20:53 - 2015-07-18 16:26 - 00000000 ____D C:\ProgramData\MFAData
2017-03-15 13:36 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 13:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-15 12:38 - 2015-05-14 17:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2480400429-1243005188-3195127987-1001
2017-03-15 12:34 - 2015-05-17 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2017-03-15 12:15 - 2015-05-14 17:59 - 00000000 ____D C:\Users\Martina29\AppData\Local\CrashDumps
2017-03-15 12:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-15 09:15 - 2015-05-14 23:43 - 00004236 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 09:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-15 09:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 08:44 - 2015-10-24 10:10 - 00000916 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-03-15 08:44 - 2015-07-18 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-03-15 08:36 - 2016-10-03 20:05 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-03-15 08:36 - 2015-05-14 17:42 - 00000000 ____D C:\Users\Martina29\AppData\Local\SweetLabs App Platform
2017-03-14 20:37 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-14 20:22 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-14 20:21 - 2016-11-15 22:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 20:21 - 2015-05-14 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-14 20:21 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-14 20:17 - 2015-05-17 02:42 - 00000000 ____D C:\Windows\system32\MRT
2017-03-14 20:12 - 2015-05-17 02:42 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-14 20:06 - 2016-06-11 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2017-03-14 20:06 - 2016-06-11 14:41 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2017-03-11 14:20 - 2015-01-25 01:58 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-03-11 14:20 - 2015-01-25 01:58 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-03-11 14:20 - 2014-03-18 10:47 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-11 13:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-10 08:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-09 07:57 - 2015-05-15 16:02 - 00000000 ____D C:\Users\Martina29\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-08-30 08:30 - 2015-08-30 08:30 - 0032038 _____ () C:\Users\Martina29\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2015-01-25 02:08 - 2015-01-25 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-06-11 14:41 - 2007-08-04 16:54 - 0700416 _____ (Electronic Arts Inc.) C:\Users\Martina29\AppData\Local\Temp\AutoRun.exe
2016-06-11 14:41 - 2007-08-04 15:09 - 0659456 _____ (Electronic Arts Inc.) C:\Users\Martina29\AppData\Local\Temp\AutoRunGUI.dll
2017-03-14 20:03 - 2017-03-14 20:04 - 0065536 _____ (Sony DADC Austria AG) C:\Users\Martina29\AppData\Local\Temp\drm_dialogs.dll
2017-03-14 20:03 - 2017-03-14 20:03 - 0212992 _____ (Sony DADC Austria AG) C:\Users\Martina29\AppData\Local\Temp\drm_dyndata_7330014.dll
2017-03-11 14:32 - 2017-03-11 14:33 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Martina29\AppData\Local\Temp\drm_dyndata_7400006.dll
2017-03-14 20:05 - 2007-08-04 16:54 - 0356352 _____ (Electronic Arts Inc.) C:\Users\Martina29\AppData\Local\Temp\eauninstall.exe
2017-03-14 20:06 - 2007-08-04 13:23 - 0094208 _____ (Electronic Arts) C:\Users\Martina29\AppData\Local\Temp\The Sims 2 Bon Voyage_uninst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-21 20:53

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Antrac1t]

Děkuji, tady je log

# AdwCleaner v6.044 - Log vytvořen 16/03/2017 v 19:20:16
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-15.2 [Server]
# Operační systém : Windows 8.1 Connected (X64)
# Uživatelské jméno : Martina29 - MARTINA
# Spuštěno z : C:\Users\Martina29\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: WtuSystemSupport


***** [ Složky ] *****

[-] Složka smazána: C:\ProgramData\Avg_Update_0116av
[-] Složka smazána: C:\ProgramData\Avg_Update_1015av
[-] Složka smazána: C:\ProgramData\Avg_Update_1215av
[-] Složka smazána: C:\Users\Martina29\AppData\Local\SweetLabs App Platform
[-] Složka smazána: C:\Users\Martina29\AppData\Local\avg web tuneup
[-] Složka smazána: C:\Users\Martina29\AppData\Roaming\OpenCandy
[-] Složka smazána: C:\Users\Martina29\AppData\Roaming\SSN
[#] Složka smazána po restartu: C:\Users\Martina29\AppData\Roaming\ssn
[-] Složka smazána: C:\Program Files\avg web tuneup
[-] Složka smazána: C:\Program Files\Booking.com
[-] Složka smazána: C:\Program Files\Common Files\AVG Secure Search
[-] Složka smazána: C:\ProgramData\AVG Secure Search
[-] Složka smazána: C:\ProgramData\AVG Security Toolbar
[-] Složka smazána: C:\ProgramData\avg web tuneup
[-] Složka smazána: C:\ProgramData\Pokki
[#] Složka smazána po restartu: C:\ProgramData\Application Data\AVG Secure Search
[#] Složka smazána po restartu: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Složka smazána po restartu: C:\ProgramData\Application Data\avg web tuneup
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Pokki
[-] Složka smazána: C:\Program Files (x86)\avg web tuneup
[-] Složka smazána: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Složka smazána: C:\Users\Default User\AppData\Local\Pokki
[#] Složka smazána po restartu: C:\Users\Default\AppData\Local\Pokki
[-] Složka smazána: C:\Users\Martina29\AppData\Local\Geckofx
[#] Složka smazána po restartu: C:\Users\Martina29\AppData\Roaming\ssn
[-] Složka smazána: C:\Users\Public\Pokki


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Martina29\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor smazán: C:\Users\Martina29\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] Soubor smazán: C:\Users\Martina29\AppData\Roaming\Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250\extensions\Avg@toolbar.xpi
[-] Soubor smazán: C:\Users\Martina29\AppData\Roaming\Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250\searchplugins\avg-secure-search.xml
[-] Soubor smazán: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] Soubor smazán: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] Soubor smazán: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: amiupdaterExd
[-] Úloha smazána: amiupdaterExi
[-] Úloha smazána: SweetLabs App Platform
[-] Úloha smazána: Software Update Application


***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Classes\pokki
[#] Klíč smazán po restartu: HKCU\Software\Classes\pokki
[-] Klíč smazán: HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\pokki
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\ssn
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\SweetLabs App Platform
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Serp Now
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Klíč smazán po restartu: HKCU\Software\ssn
[#] Klíč smazán po restartu: HKCU\Software\SweetLabs App Platform
[-] Klíč smazán: HKLM\SOFTWARE\AVG Tuneup
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Serp Now
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Klíč smazán po restartu: [x64] HKCU\Software\ssn
[#] Klíč smazán po restartu: [x64] HKCU\Software\SweetLabs App Platform
[-] Klíč smazán: [x64] HKLM\SOFTWARE\AVG Secure Search
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Save Serp Now
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Data obnovena: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Klíč smazán: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
[-] Hodnota smazána: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Application Restart #1]
[#] Hodnota smazána po restartu: [x64] HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Application Restart #1]
[-] Hodnota smazána: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Klíč smazán: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Klíč smazán: HKCU\Software\Classes\Directory\shell\pokki
[-] Klíč smazán: HKCU\Software\Classes\Drive\shell\pokki
[-] Klíč smazán: HKCU\Software\Classes\lnkfile\shell\pokki
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klíč smazán: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [12463 Bajty] - [16/03/2017 19:20:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [12268 Bajty] - [16/03/2017 19:15:27]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12611 Bajty] ##########

[Rudy]

Dejte nový log FRST.

[Antrac1t]

Dobry den, tady je log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Martina29 (administrator) on MARTINA (17-03-2017 07:58:58)
Running from C:\Users\Martina29\Downloads
Loaded Profiles: Martina29 (Available Profiles: Martina29)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\Run: [WebcamMaxAutoRun] => C:\Program Files (x86)\WebcamMax\WebcamMax.exe [6043888 2010-08-03] (CoolwareMax)
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {158f9314-a434-11e4-825b-806e6f6e6963} - "D:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {3760c612-04f7-11e7-82a8-acb57dd693f1} - "E:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {98655876-50af-11e5-8275-acb57dd693f1} - "F:\Startme.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-01-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6CB1D572-C6BE-44D3-8B8A-43AF3AB516AE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A2E7C903-8835-4F13-B0F6-42561A6B2C4C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina29\AppData\Roaming\Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 [2017-03-17]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 ->
FF Homepage: Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\9l3vux6l.default-1442219858250 -> hxxp://search.seznam.cz/?sourceid=Quicksearch_16194&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-02-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-02-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-02-22] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 19:11 - 2017-03-16 19:20 - 00000000 ____D C:\AdwCleaner
2017-03-16 19:11 - 2017-03-16 19:11 - 04031440 _____ C:\Users\Martina29\Downloads\adwcleaner_6.044.exe
2017-03-15 21:17 - 2017-03-15 21:17 - 00011880 _____ C:\Users\Martina29\Downloads\Addition.rar
2017-03-15 21:13 - 2017-03-15 21:15 - 00043612 _____ C:\Users\Martina29\Downloads\Addition.txt
2017-03-15 21:11 - 2017-03-17 07:59 - 00014256 _____ C:\Users\Martina29\Downloads\FRST.txt
2017-03-15 21:11 - 2017-03-17 07:58 - 00000000 ____D C:\FRST
2017-03-15 21:08 - 2017-03-15 21:09 - 02424832 _____ (Farbar) C:\Users\Martina29\Downloads\FRST64.exe
2017-03-14 20:08 - 2017-03-14 20:08 - 00000000 ____D C:\Users\Public\Documents\EA Games
2017-03-14 20:08 - 2017-03-14 20:08 - 00000000 ____D C:\Users\Martina29\Documents\EA Games
2017-03-14 20:03 - 2017-03-14 20:03 - 00000000 __RHD C:\Users\Martina29\AppData\Roaming\SecuROM
2017-03-11 14:28 - 2017-03-11 14:28 - 00002215 _____ C:\Users\Public\Desktop\The Sims™ 2 Mazlíčci.lnk
2017-03-11 14:20 - 2017-03-11 14:20 - 00000000 ____D C:\Users\Martina29\Desktop\The Sims 2 Pets+Serial+Crack
2017-02-20 13:14 - 2017-02-20 13:14 - 00313088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2017-02-16 00:45 - 2017-03-15 12:11 - 00000000 ____D C:\Users\Martina29\AppData\Local\Facebook
2017-02-16 00:44 - 2017-02-16 00:44 - 00252144 _____ (Facebook) C:\Users\Martina29\Downloads\FacebookGameroom.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-17 07:57 - 2016-11-16 14:47 - 00000000 ____D C:\Users\Martina29\AppData\LocalLow\Mozilla
2017-03-17 07:51 - 2015-07-18 16:26 - 00000000 ____D C:\ProgramData\MFAData
2017-03-16 20:38 - 2015-05-14 17:49 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2480400429-1243005188-3195127987-1001
2017-03-16 19:29 - 2015-05-14 18:23 - 00003838 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{91FDB128-0FC4-4C85-B7D4-8B5AE6537CEA}
2017-03-16 19:24 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-16 19:21 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-16 10:14 - 2016-10-03 20:05 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-03-16 08:43 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-16 08:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-03-15 12:34 - 2015-05-17 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2017-03-15 12:15 - 2015-05-14 17:59 - 00000000 ____D C:\Users\Martina29\AppData\Local\CrashDumps
2017-03-15 12:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-15 09:15 - 2015-05-14 23:43 - 00004236 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 09:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-15 09:15 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 08:44 - 2015-10-24 10:10 - 00000916 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-03-15 08:44 - 2015-07-18 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-03-14 20:37 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-14 20:21 - 2016-11-15 22:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 20:21 - 2015-05-14 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-14 20:17 - 2015-05-17 02:42 - 00000000 ____D C:\Windows\system32\MRT
2017-03-14 20:12 - 2015-05-17 02:42 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-14 20:06 - 2016-06-11 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2017-03-14 20:06 - 2016-06-11 14:41 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2017-03-11 14:20 - 2015-01-25 01:58 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-03-11 14:20 - 2015-01-25 01:58 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-03-11 14:20 - 2014-03-18 10:47 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-11 13:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-10 08:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-09 07:57 - 2015-05-15 16:02 - 00000000 ____D C:\Users\Martina29\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-08-30 08:30 - 2015-08-30 08:30 - 0032038 _____ () C:\Users\Martina29\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2015-01-25 02:08 - 2015-01-25 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-06-11 14:41 - 2007-08-04 16:54 - 0700416 _____ (Electronic Arts Inc.) C:\Users\Martina29\AppData\Local\Temp\AutoRun.exe
2016-06-11 14:41 - 2007-08-04 15:09 - 0659456 _____ (Electronic Arts Inc.) C:\Users\Martina29\AppData\Local\Temp\AutoRunGUI.dll
2017-03-14 20:03 - 2017-03-14 20:04 - 0065536 _____ (Sony DADC Austria AG) C:\Users\Martina29\AppData\Local\Temp\drm_dialogs.dll
2017-03-14 20:03 - 2017-03-14 20:03 - 0212992 _____ (Sony DADC Austria AG) C:\Users\Martina29\AppData\Local\Temp\drm_dyndata_7330014.dll
2017-03-11 14:32 - 2017-03-11 14:33 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Martina29\AppData\Local\Temp\drm_dyndata_7400006.dll
2017-03-14 20:05 - 2007-08-04 16:54 - 0356352 _____ (Electronic Arts Inc.) C:\Users\Martina29\AppData\Local\Temp\eauninstall.exe
2017-03-14 20:06 - 2007-08-04 13:23 - 0094208 _____ (Electronic Arts) C:\Users\Martina29\AppData\Local\Temp\The Sims 2 Bon Voyage_uninst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-21 20:53

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {158f9314-a434-11e4-825b-806e6f6e6963} - "D:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {3760c612-04f7-11e7-82a8-acb57dd693f1} - "E:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {98655876-50af-11e5-8275-acb57dd693f1} - "F:\Startme.exe"
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => No File
C:\ProgramData\DP45977C.lfl
C:\Users\Martina29\AppData\Local\Temp

EmptyTemp:
End.

Uložte do C:\Users\Martina29\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Antrac1t]

Dobry den, prikladam log

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Martina29 (17-03-2017 18:48:41) Run:1
Running from C:\Users\Martina29\Downloads
Loaded Profiles: Martina29 (Available Profiles: Martina29)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {158f9314-a434-11e4-825b-806e6f6e6963} - "D:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {3760c612-04f7-11e7-82a8-acb57dd693f1} - "E:\Autorun.exe"
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\...\MountPoints2: {98655876-50af-11e5-8275-acb57dd693f1} - "F:\Startme.exe"
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2480400429-1243005188-3195127987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => No File
C:\ProgramData\DP45977C.lfl
C:\Users\Martina29\AppData\Local\Temp

EmptyTemp:
End.
*****************

HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{158f9314-a434-11e4-825b-806e6f6e6963} => key removed successfully
HKCR\CLSID\{158f9314-a434-11e4-825b-806e6f6e6963} => key not found.
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3760c612-04f7-11e7-82a8-acb57dd693f1} => key removed successfully
HKCR\CLSID\{3760c612-04f7-11e7-82a8-acb57dd693f1} => key not found.
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98655876-50af-11e5-8275-acb57dd693f1} => key removed successfully
HKCR\CLSID\{98655876-50af-11e5-8275-acb57dd693f1} => key not found.
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2480400429-1243005188-3195127987-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Martina29\AppData\Local\Temp" folder move:

Could not move "C:\Users\Martina29\AppData\Local\Temp" => Scheduled to move on reboot.

End. => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18155017 B
Java, Flash, Steam htmlcache => 58208 B
Windows/system/drivers => 2805706 B
Edge => 0 B
Chrome => 0 B
Firefox => 369076543 B
Opera => 23418474 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 689186 B
systemprofile32 => 128 B
LocalService => 332074 B
NetworkService => 14988 B
Martina29 => 102857857 B

RecycleBin => 1833615339 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================

[Rudy]

Smazáno. Nastala nějaká změna?

[Antrac1t]

Dobry den,
ano, vykon se zvysil, dekuji Vam za pomoc

S pozdravem

Antracit

[Rudy]

Rádo se stalo!