VIRY.CZ

Dobry den, notebook reaguje velice pomalu, pamet je vyuzita casto na 75-80% a to je pusten pouze prohlizec s 1 oknem (napr. ted) a Live Mail. Pokud mam v prohlizeci otevrana 4 okna, uz je vyuziti pameti 90%.

Nevim si s tim moc rady, muzete mi pomoct? Snad neni nijak postizen. Pouzival jsem Windows Defender, ten jsem ale vypnul a nyni chci stahnout antivir, uvazuji o Avastu, je v pohode? Jaky pripadny dalsi program doporucite, abych byl chranen pred utoky zvenci?

Pocitac slouzi pouze ke kancelarske praci, zadne hry nebo narocne aplikace.

Nize prikladam log.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2015 01
Ran by John (administrator) on PC11 on 23-04-2015 17:12:21
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available profiles: John)
Platform: Windows 8.1 Connected (X64) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\John\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-08-28] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-08-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880291f5-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880293e1-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802941f-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802949c-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880294c2-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802952c-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {88029556-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880295ef-a869-11e4-825a-303a648bf37f} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {88029660-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {d07c9815-bf38-11e4-8262-28d244da9df7} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2147245942-72280793-3608416090-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
SearchScopes: HKU\S-1-5-21-2147245942-72280793-3608416090-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
SearchScopes: HKU\S-1-5-21-2147245942-72280793-3608416090-1001 -> {422B7024-4DFD-4537-B286-CCF8090AE806} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3816BD9A-8CC3-450B-8A53-ED92BA0E1D2B}: [NameServer]
Tcpip\..\Interfaces\{6181D59B-962E-4F2B-88A0-2D05DBF430BE}: [NameServer]
Tcpip\..\Interfaces\{FF851CB7-DC11-4831-9DE9-5AEC0FD0BBC4}: [NameServer] 160.218.161.60 194.228.211.33

FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\yln1kpjh.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-01]
CHR Extension: (Google Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01]
CHR Extension: (High Contrast) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2015-02-01]
CHR Extension: (Google Sheets) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-01]
CHR Extension: (Bookmark Manager) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Cryptocat) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij [2015-02-01]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-01]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-28] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-07] ()
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\MbnExt.dll [311216 2012-07-14] (Gemfor s.r.o.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-08-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-08-28] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-08-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 17:12 - 2015-04-23 17:14 - 00018034 _____ () C:\Users\John\Desktop\FRST.txt
2015-04-23 17:12 - 2015-04-23 17:12 - 00000000 ____D () C:\FRST
2015-04-23 17:09 - 2015-04-23 17:10 - 00000000 ____D () C:\Users\John\Desktop\ost
2015-04-23 17:09 - 2015-04-23 17:09 - 02099712 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2015-04-23 17:09 - 2015-04-23 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\John\Desktop\FRSTLauncher.exe
2015-04-23 17:08 - 2015-04-23 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\John\Downloads\FRSTLauncher.exe
2015-04-22 10:38 - 2015-04-23 16:42 - 00016735 _____ () C:\Users\John\Desktop\info pelety.xlsx
2015-04-21 18:16 - 2015-04-21 18:16 - 00044544 _____ () C:\Users\John\Desktop\Pohledávky_Závazky_Pilea.xls
2015-04-21 16:43 - 2015-04-21 18:35 - 00011316 _____ () C:\Users\John\Desktop\FFF.xlsx
2015-04-20 09:54 - 2015-04-20 09:54 - 00030208 ____H () C:\Users\John\Downloads\~WRL3383.tmp
2015-04-17 12:54 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-17 12:54 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-17 12:54 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-17 12:54 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-17 12:54 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-17 12:54 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-17 12:54 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-17 12:54 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-04-17 12:54 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-04-15 16:22 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 16:22 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 16:22 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-04-15 16:22 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 16:22 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-04-15 16:22 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2015-04-15 16:22 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-04-15 16:22 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-04-15 16:22 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-04-15 16:22 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-04-15 16:22 - 2014-10-29 04:17 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-04-15 16:22 - 2014-10-29 03:38 - 00087552 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-04-15 16:22 - 2014-10-29 03:04 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-04-15 16:22 - 2014-10-29 03:04 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-04-15 16:21 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 16:21 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 16:21 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 16:21 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 16:21 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 16:21 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 16:21 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 16:21 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 16:21 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 16:21 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 16:21 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 16:21 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2015-04-15 16:21 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-04-15 16:21 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 16:21 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 16:21 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 16:21 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 16:21 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 16:21 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 16:21 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 16:21 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 16:21 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 16:21 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 16:21 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-04-15 16:21 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 16:21 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 16:21 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 16:21 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 16:21 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 16:21 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-04-15 16:21 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-04-15 16:21 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 16:21 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 16:21 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 16:21 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2015-04-15 16:21 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-04-15 16:21 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 16:21 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 16:21 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 16:21 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2015-04-15 16:21 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 16:21 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 16:21 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 16:21 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 16:21 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 16:21 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 16:21 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2015-04-15 16:21 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 16:21 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-15 16:21 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 16:21 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2015-04-15 16:21 - 2014-10-29 04:48 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2015-04-15 16:21 - 2014-10-29 04:43 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-04-15 16:21 - 2014-10-29 03:58 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-04-15 16:21 - 2014-10-29 03:26 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-04-15 16:21 - 2014-10-29 03:26 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-04-15 16:21 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2015-04-10 12:54 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-04-10 11:07 - 2015-04-21 18:15 - 00014378 _____ () C:\Users\John\Desktop\rozpr.xlsx
2015-04-09 15:45 - 2015-04-10 12:39 - 00000334 _____ () C:\Users\John\Desktop\info-fap.txt
2015-04-09 13:57 - 2015-04-09 14:22 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-09 13:55 - 2015-04-09 13:55 - 38624400 _____ (Adobe Systems Incorporated) C:\Users\John\Downloads\AdbeRdr11000_cs_CZ.exe
2015-04-08 16:09 - 2015-04-22 15:32 - 00000000 ____D () C:\Users\John\Desktop\Pelety
2015-04-08 14:37 - 2015-04-08 14:37 - 00000000 ____D () C:\Users\John\Desktop\ucetni 1Q 2015
2015-04-08 13:24 - 2015-04-08 13:24 - 00000791 _____ () C:\Users\Public\Desktop\Barvy.lnk
2015-04-08 13:24 - 2015-04-08 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barvy
2015-04-08 13:24 - 2015-04-08 13:24 - 00000000 ____D () C:\Program Files\Barvy
2015-04-08 13:23 - 2015-04-08 13:23 - 02616407 _____ () C:\Users\John\Downloads\barvy.zip
2015-04-08 13:20 - 2015-04-08 13:20 - 01898640 _____ (Irfan Skiljan) C:\Users\John\Downloads\iview438_setup (1).exe
2015-04-01 10:49 - 2015-04-01 10:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-04-01 10:49 - 2015-04-01 10:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\IrfanView
2015-04-01 10:49 - 2015-04-01 10:49 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2015-04-01 10:45 - 2015-04-01 10:45 - 01898640 _____ (Irfan Skiljan) C:\Users\John\Downloads\iview438_setup.exe
2015-03-30 12:06 - 2015-03-30 12:06 - 00032768 _____ () C:\Users\John\Downloads\prijmovy_pokladni_doklad2012.xls
2015-03-27 13:18 - 2015-03-27 13:18 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-26 11:52 - 2015-03-26 11:52 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\sru
2015-04-23 16:56 - 2015-02-01 13:43 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-23 16:43 - 2014-08-27 22:31 - 01960681 _____ () C:\windows\WindowsUpdate.log
2015-04-23 16:14 - 2015-01-30 13:11 - 00003950 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{51D04997-EBCD-4385-BA43-21A176F8DF61}
2015-04-23 09:47 - 2013-08-22 16:46 - 00058246 _____ () C:\windows\setupact.log
2015-04-22 15:06 - 2013-08-22 17:20 - 00000000 ____D () C:\windows\CbsTemp
2015-04-22 10:38 - 2015-01-31 12:55 - 00000000 ____D () C:\Pracovní složka
2015-04-22 08:54 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\AppCompat
2015-04-21 17:16 - 2014-08-27 23:11 - 00739908 _____ () C:\windows\system32\perfh005.dat
2015-04-21 17:16 - 2014-08-27 23:11 - 00151614 _____ () C:\windows\system32\perfc005.dat
2015-04-21 17:16 - 2014-03-18 11:53 - 01745984 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-21 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\rescache
2015-04-21 10:08 - 2015-01-30 12:29 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2147245942-72280793-3608416090-1001
2015-04-21 09:28 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\AppReadiness
2015-04-21 09:16 - 2015-02-01 13:43 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-21 09:16 - 2013-08-22 16:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-21 09:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-04-21 09:14 - 2014-08-28 00:26 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-04-21 09:12 - 2015-03-08 13:13 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-21 09:12 - 2015-03-08 13:13 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-21 09:12 - 2015-02-05 11:23 - 00000000 ____D () C:\windows\system32\MRT
2015-04-21 09:06 - 2015-02-05 11:23 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-21 09:04 - 2014-08-27 23:24 - 02787578 _____ () C:\Users\Public\CAFADEBUG.log
2015-04-17 13:08 - 2015-02-01 17:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-17 13:03 - 2013-08-22 15:25 - 00000167 _____ () C:\windows\win.ini
2015-04-14 01:24 - 2015-03-22 22:45 - 00792056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-22 22:45 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 14:45 - 2014-08-28 00:12 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-10 14:44 - 2014-03-18 11:44 - 00014358 _____ () C:\windows\PFRO.log
2015-04-10 12:56 - 2013-08-22 17:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2015-04-10 12:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-04-09 14:13 - 2014-08-28 00:20 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-09 14:11 - 2015-01-30 12:31 - 00000000 ____D () C:\Users\John\AppData\Local\Adobe
2015-04-09 14:11 - 2015-01-30 12:22 - 00000000 ____D () C:\Users\John\AppData\Roaming\Adobe
2015-04-09 13:57 - 2014-08-28 00:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-08 16:16 - 2014-08-28 00:25 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-30 11:22 - 2015-01-30 12:21 - 00000000 ____D () C:\Users\John
2015-03-30 08:53 - 2015-02-01 13:28 - 00000000 ____D () C:\Users\John\AppData\Roaming\.dsgui

==================== Files in the root of some directories =======

2015-02-18 18:52 - 2015-02-18 18:52 - 0003988 _____ () C:\Users\John\AppData\Local\recently-used.xbel
2014-08-27 23:24 - 2014-08-27 23:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\LenovoExperienceImprovement.exe
C:\Users\John\AppData\Local\Temp\mccspuninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\John\Desktop" je 55 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.201 - Log vytvořen 23/04/2015 v 18:23:43
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-23.1 [Server]
# Operační system : Windows 8.1 Connected (x64)
# Uživatelské jméno : John - PC11
# Spuštěno z : C:\Users\John\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\pokki
Složka Smazáno : C:\Users\John\AppData\Local\pokki
Složka Smazáno : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Soubor Smazáno : C:\windows\SysWOW64\VisualDiscovery.ini
Soubor Smazáno : C:\windows\SysWOW64\VisualDiscoveryOff.ini
Soubor Smazáno : C:\windows\System32\VisualDiscoveryOff.ini

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Classes\pokki
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Klíč Smazáno : HKCU\Software\Pokki
Klíč Smazáno : HKLM\SOFTWARE\VisualDiscovery
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v35.0.1 (x86 cs)

-\\ Google Chrome v42.0.2311.90

[C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : nmmhkkegccagdldgiimedpiccmgmieda

*************************

AdwCleaner[R0].txt - [3374 bytů] - [23/04/2015 18:16:57]
AdwCleaner[S0].txt - [3189 bytů] - [23/04/2015 18:23:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3247 bytů] ##########

Dejte nový log FRST.

Omylem jsem po spusteni programu klikl na Fix, zobrazila se hlaska, ze addition.txt byl nalezen a program se pote vypl. Snad se tedy nestalo, ze se zpet vratilo neco spatneho. Nicmene dokladam znovu log.

Kvuli velke zprave prikladam log do prilohy. (Vaše zpráva obsahuje 467525 znaků. Maximální povolený počet znaků je 100000.)

FRST.rar: (48.84 KiB) Staženo 28 x

Vzhledem k omezeni vlozeni pouze 1 prilohy, poslu addition.rar na vyzadani.

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880291f5-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880293e1-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802941f-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802949c-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880294c2-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802952c-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {88029556-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880295ef-a869-11e4-825a-303a648bf37f} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {88029660-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {d07c9815-bf38-11e4-8262-28d244da9df7} - "E:\Autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2147245942-72280793-3608416090-1001 -> {422B7024-4DFD-4537-B286-CCF8090AE806} URL =
C:\ProgramData\DP45977C.lfl
C:\Users\John\AppData\Local\Temp
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-04-2015
Ran by John at 2015-04-27 12:39:37 Run:1
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available profiles: John)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880291f5-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880293e1-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802941f-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802949c-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880294c2-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {8802952c-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {88029556-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {880295ef-a869-11e4-825a-303a648bf37f} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {88029660-a869-11e4-825a-303a648bf37f} - "E:\Autorun.exe"
HKU\S-1-5-21-2147245942-72280793-3608416090-1001\...\MountPoints2: {d07c9815-bf38-11e4-8262-28d244da9df7} - "E:\Autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2147245942-72280793-3608416090-1001 -> {422B7024-4DFD-4537-B286-CCF8090AE806} URL =
C:\ProgramData\DP45977C.lfl
C:\Users\John\AppData\Local\Temp
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************

"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{880291f5-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{880291f5-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{880293e1-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{880293e1-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8802941f-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{8802941f-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8802949c-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{8802949c-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{880294c2-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{880294c2-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8802952c-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{8802952c-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88029556-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{88029556-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{880295ef-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{880295ef-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88029660-a869-11e4-825a-303a648bf37f}" => Key deleted successfully.
HKCR\CLSID\{88029660-a869-11e4-825a-303a648bf37f} => Key not found.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d07c9815-bf38-11e4-8262-28d244da9df7}" => Key deleted successfully.
HKCR\CLSID\{d07c9815-bf38-11e4-8262-28d244da9df7} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2147245942-72280793-3608416090-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{422B7024-4DFD-4537-B286-CCF8090AE806}" => Key deleted successfully.
HKCR\CLSID\{422B7024-4DFD-4537-B286-CCF8090AE806} => Key not found.
C:\ProgramData\DP45977C.lfl => Moved successfully.

"C:\Users\John\AppData\Local\Temp" directory move:

Could not move "C:\Users\John\AppData\Local\Temp" directory. => Scheduled to move on reboot.

C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-27 12:42:07)<=

C:\Users\John\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 12:42:08 ====

Smazáno. Nastala nějaká změna?

VIRY.CZ

Prosim o kontrolu logu a pomoc

Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc

Re: Prosim o kontrolu logu a pomoc