VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-01-2016
Ran by Tom (administrator) on TOM-THINK (21-01-2016 18:32:29)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Devguru Co., Ltd.) C:\Windows\System32\dgdersvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Vodafone Group) C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor)
HKLM\...\Run: [LENOVO.TPFNF6R] => C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [62752 2009-08-20] (Lenovo Group Limited)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [337256 2010-07-01] (Lenovo.)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [Message Center Plus] => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-28] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo)
HKLM\...\Run: [NokiaMServer] => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-12-08] (UPEK Inc.)
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe [3404600 2010-01-28] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [] => [X]
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {7662cef2-b9cf-11df-b1ab-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {8e469940-4f34-11e0-bb59-806e6f6e6963} - E:\SETUP.EXE
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {fadcceb3-7c35-11e0-8965-60eb6938aad7} - E:\VTP_Manager.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-09-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0975C4DE-74F4-4554-A7B3-B752EDA1EED8}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{83E61A11-201A-49DA-9291-E39A055F22E5}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {BFA3FC34-B864-427A-8461-596196FF4C50} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-17] (Oracle Corporation)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2010-08-06] (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-17] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-941990748-441640365-1117249700-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\mCC8rcqP.default
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-941990748-441640365-1117249700-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-941990748-441640365-1117249700-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\mCC8rcqP.default\Extensions\abs@avira.com [2014-08-19] [not signed]
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-10-13] [not signed]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-10-13] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://aktualne.centrum.cz/"
CHR Plugin: (Shockwave Flash) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Google Update) - C:\Users\Tom\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Jmeniny) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\acanokghadamaghkbbiclbleblhndfig [2013-07-20]
CHR Extension: (Air Sniper) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\adchihfghjejdnblggcajgclmhajgbgp [2015-05-25]
CHR Extension: (Just a Clock - the Hours) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\agglgohcegmeeaccikjfmehncfomccpg [2015-12-05]
CHR Extension: (Gun Cars) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainpghfkenelflgmnnlhfenknfkhjibd [2013-02-18]
CHR Extension: (geniální paměť) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkoinfmlfndmileeeldconamokemeck [2014-12-26]
CHR Extension: (Actual Date) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokomghjcfmiofmackdbpjleianepgih [2013-08-31]
CHR Extension: (\r\n Air Hockey) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apodhfipkokiikmebaaeppbphbjeiakn [2014-09-13]
CHR Extension: (Link All) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbplhdcnpcenkdciibplnkgmiffjfnni [2015-06-22]
CHR Extension: (Přehled zpráv (od společnosti Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhcdlggicnjoobiphdkdgmblbknkjjp [2012-05-31]
CHR Extension: (Pouliční závod) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpbdphmdlpcahlaepbenmelkjeihbdn [2013-02-20]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Pro Racing GT) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cakjnkffnmgeibednpjkdmaeallapipm [2014-09-13]
CHR Extension: (TypingWeb Typing Tutor) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk [2015-05-18]
CHR Extension: (Gun Blood) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-06-07]
CHR Extension: (Play.cz) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2012-06-10]
CHR Extension: (Search by Image (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-12-29]
CHR Extension: (Extreme Heli Combat) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmihkeilieoimchodbiiiebaceghlfbi [2015-05-30]
CHR Extension: (IELTS 3600 Words) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmjibbiloicpoebmoeilmijlfehabfdm [2015-05-18]
CHR Extension: (YoWindow Počasí Zdarma) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2016-01-15]
CHR Extension: (Type Scout - Better Typing!

) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2015-06-22]
CHR Extension: (Lukostřelba Shoot) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fondfnnamdablnfcbnmajhcapbgbpgfp [2015-06-07]
CHR Extension: (Střelba) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclefnfkbfgjfebngankojbbcebipnbk [2015-06-07]
CHR Extension: (Advanced Memories) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjnpcjofgpgheomppapajdophgpdceb [2013-07-26]
CHR Extension: (slovo vyhledávání) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm [2015-04-23]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2015-10-07]
CHR Extension: (Go) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpennelbajgblbpjjgblhdlenchfjkdh [2015-05-25]
CHR Extension: (Jobs) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgeepnjgafalmpkbjahdppbjhinaelcc [2012-07-02]
CHR Extension: (Hextris) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpbfhahpcpomklijepdpcdkhagogojnh [2015-05-25]
CHR Extension: (Pool Mania) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icojacdaddlajldkicfacgcjncbkieen [2013-02-20]
CHR Extension: (Šílené střelby) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2015-06-07]
CHR Extension: (Děti Paměť) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifhmggjnilpcbebdfejnelilcmkjjap [2014-09-13]
CHR Extension: (TOEFL 1200 Words in 30 Days) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jedheaebdffklhgodepimamapjcjhgfl [2015-05-18]
CHR Extension: (Převod měn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2014-07-09]
CHR Extension: (Apple Shooting Archery Game) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljfkjdckjkhfcangidnphgbjoiigclo [2015-06-07]
CHR Extension: (Photo Pairs - Memory with Personal Themes) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgodkhbbiaiacfbddfgccplhnceibic [2012-06-01]
CHR Extension: (Dora paměťová hra) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\llhdcbbohgolnjbijdnllpgbeoaapbin [2014-12-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-04-27]
CHR Extension: (Chain Rxn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkdlfmoglbdpomddljgapccmlognoaf [2015-05-20]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Memory Game) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmnajgbacoodkhagegioakgkbdijfhbe [2013-01-30]
CHR Extension: (TypingClub) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2015-05-18]
CHR Extension: (3D Racing) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\offcjdnhmmknnjbcfbgkimglajcfjibo [2015-05-30]
CHR Extension: (Inca Challenge: pexeso) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ologmmifheggjbiikcoabhdcdjcghjed [2014-12-26]
CHR Extension: (TV program - právě běží) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\oneckfddlpeapgcokdhjhbncomdlodec [2012-05-31]
CHR Extension: (Minesweeper Classic) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\paicmkpdgdggnkbobnmmdghbkbfjacje [2016-01-17]
CHR Extension: (Just a Clock - the Minutes) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmgkfgcnigcopcjhilfabbdgmjmkogj [2015-12-05]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Typing Tutor) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppodolbmofkadjlohmiofjladlpfked [2015-05-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124264 2011-04-14] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [263528 2011-04-14] (Lenovo)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2009-12-22] (Devguru Co., Ltd.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed]
R2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45424 2009-07-03] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-02-18] (Lenovo Group Limited) [File not signed]
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [99328 2010-12-03] (Lenovo Group Limited) [File not signed]
R2 VodafoneConnectorService; C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe [233472 2010-01-12] (Vodafone Group) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55456 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [431672 2011-03-15] () [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-21 18:32 - 2016-01-21 18:33 - 00025733 _____ C:\Users\Tom\Desktop\FRST.txt
2016-01-21 18:31 - 2016-01-21 18:32 - 00000000 ____D C:\FRST
2016-01-21 18:25 - 2016-01-21 18:25 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2016-01-21 18:12 - 2016-01-21 18:12 - 01721856 _____ (Farbar) C:\Users\Tom\Desktop\FRST.exe
2016-01-21 06:35 - 2016-01-21 06:35 - 00110928 _____ C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-21 06:30 - 2016-01-21 06:30 - 00415728 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-20 23:42 - 2016-01-20 23:42 - 00000976 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-20 23:42 - 2016-01-20 23:42 - 00000000 ____D C:\Program Files\CCleaner
2016-01-20 19:52 - 2016-01-20 19:52 - 00006397 _____ C:\Users\Tom\Downloads\C2DF5305FA6BDE83D1FA71572F0B7B2AFD755178.torrent
2016-01-20 19:50 - 2016-01-20 19:50 - 00040121 _____ C:\Users\Tom\Downloads\4E90A7098300E8B3F4056C06B5DC86533A9C9B6C (1).torrent
2016-01-20 19:47 - 2016-01-20 19:47 - 00021171 _____ C:\Users\Tom\Downloads\62A41724AE97EB548576B6598D7C7923DC2101D7 (1).torrent
2016-01-20 19:46 - 2016-01-20 19:46 - 00014915 _____ C:\Users\Tom\Downloads\A29756321D2AF336DFF35D826CD77824E85F6A97 [2729453].torrent
2016-01-20 19:45 - 2016-01-20 19:45 - 00040113 _____ C:\Users\Tom\Downloads\4E90A7098300E8B3F4056C06B5DC86533A9C9B6C.torrent
2016-01-20 19:44 - 2016-01-20 19:44 - 00021171 _____ C:\Users\Tom\Downloads\62A41724AE97EB548576B6598D7C7923DC2101D7.torrent
2016-01-20 19:05 - 2016-01-20 19:05 - 00011009 _____ C:\Users\Tom\Downloads\E641488AE6E2EA99714AF56576B588CC23FB245F (3).torrent
2016-01-20 19:05 - 2016-01-20 19:05 - 00011009 _____ C:\Users\Tom\Downloads\E641488AE6E2EA99714AF56576B588CC23FB245F (2).torrent
2016-01-20 19:04 - 2016-01-20 19:04 - 00011009 _____ C:\Users\Tom\Downloads\E641488AE6E2EA99714AF56576B588CC23FB245F.torrent
2016-01-20 19:04 - 2016-01-20 19:04 - 00011009 _____ C:\Users\Tom\Downloads\E641488AE6E2EA99714AF56576B588CC23FB245F (1).torrent
2016-01-19 22:16 - 2016-01-19 22:16 - 00000023 _____ C:\Users\Tom\Downloads\viry.txt
2016-01-16 14:28 - 2016-01-16 14:28 - 00048025 _____ C:\Users\Tom\Downloads\F9DB89B6D1498DCEF341C77C7FD4F4C9FA3C4934 (1).torrent
2016-01-14 21:04 - 2016-01-14 21:04 - 02914457 _____ C:\Users\Tom\Downloads\stazista_vnitro_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 02718599 _____ C:\Users\Tom\Downloads\stazista_ekonomicke_otazky_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 02672131 _____ C:\Users\Tom\Downloads\EH_stazista_korektor-ka_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 01950522 _____ C:\Users\Tom\Downloads\EH_stazista_prekladatel-ka_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 00501268 _____ C:\Users\Tom\Downloads\stazista_fundraising_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 00496371 _____ C:\Users\Tom\Downloads\stazista_provozni.sekce_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 00495141 _____ C:\Users\Tom\Downloads\stazista_videar_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 00434926 _____ C:\Users\Tom\Downloads\stazista_AT_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 00417641 _____ C:\Users\Tom\Downloads\stazista_grafik_2016.pdf
2016-01-14 21:04 - 2016-01-14 21:04 - 00102929 _____ C:\Users\Tom\Downloads\inzerát 01_2016 - asistentka advokáta (4).pdf
2016-01-11 23:48 - 2016-01-11 23:50 - 00000000 ____D C:\Users\Tom\Downloads\byt
2016-01-11 22:47 - 2016-01-11 22:47 - 00645948 _____ C:\Users\Tom\Downloads\ZOZtesty.pdf
2016-01-11 22:42 - 2016-01-11 22:42 - 00372224 _____ C:\Users\Tom\Downloads\ZOZ testy.xls
2016-01-11 22:13 - 2016-01-11 22:13 - 00245648 _____ C:\Users\Tom\Downloads\9223818.pdf
2015-12-30 21:07 - 2010-10-14 17:33 - 00153865 _____ C:\Users\Tom\Downloads\SOSB_STING.pdf
2015-12-30 21:07 - 2010-10-14 17:33 - 00133694 _____ C:\Users\Tom\Downloads\realityRSSTING.pdf
2015-12-30 21:06 - 2011-01-13 22:33 - 00004394 _____ C:\Users\Tom\Downloads\prace.txt
2015-12-29 22:44 - 2015-12-29 22:44 - 00000000 ___HD C:\Users\Tom\Documents\Freemake_do_not_remove_this_folder635870258953181135

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-21 18:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-21 18:16 - 2009-07-14 05:34 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-21 18:16 - 2009-07-14 05:34 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-21 18:06 - 2015-02-07 19:25 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004UA.job
2016-01-21 18:04 - 2011-03-06 08:56 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Media Player Classic
2016-01-21 18:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-21 17:35 - 2011-05-04 12:14 - 00000466 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-01-21 17:13 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-21 07:07 - 2012-11-01 10:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent
2016-01-21 00:06 - 2015-02-07 19:25 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004Core.job
2016-01-20 23:50 - 2011-04-02 15:40 - 00000000 ____D C:\Users\Tom\AppData\Roaming\avidemux
2016-01-20 16:10 - 2010-09-06 17:49 - 00715840 _____ C:\Windows\system32\perfh005.dat
2016-01-20 16:10 - 2010-09-06 17:49 - 00159282 _____ C:\Windows\system32\perfc005.dat
2016-01-20 16:10 - 2009-07-21 06:30 - 01715864 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-18 17:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-17 11:34 - 2012-07-22 09:55 - 00000000 ____D C:\Users\Tom\Downloads\ok
2016-01-17 01:13 - 2012-12-30 23:43 - 00000000 ____D C:\Users\Tom\Downloads\video
2016-01-16 17:17 - 2011-05-28 12:29 - 00094208 _____ C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-15 14:19 - 2011-02-24 13:06 - 00002367 _____ C:\Users\Tom\Desktop\Google Chrome.lnk
2016-01-11 23:46 - 2011-09-15 17:04 - 00000000 ____D C:\Users\Tom\Downloads\skola
2016-01-10 12:43 - 2012-03-21 16:03 - 00011794 _____ C:\Users\Tom\Downloads\čd.txt
2016-01-07 19:30 - 2009-07-14 05:53 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-07 14:33 - 2010-09-06 17:27 - 00000000 ____D C:\ProgramData\PCDr
2016-01-02 13:32 - 2011-11-13 17:39 - 00000000 ____D C:\Users\Tom\Downloads\backup
2016-01-01 19:50 - 2011-05-04 12:14 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-12-30 19:54 - 2011-02-24 21:45 - 00000000 ____D C:\Users\Tom\AppData\Local\GHISLER
2015-12-26 23:55 - 2012-11-03 22:09 - 00000000 ____D C:\Users\Tom\Downloads\DCIM
2015-12-25 11:38 - 2013-02-11 20:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2011-05-28 12:29 - 2016-01-16 17:17 - 0094208 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-01 14:43 - 2014-01-01 14:43 - 0006801 _____ () C:\Users\Tom\AppData\Local\recently-used.xbel
2011-05-09 11:59 - 2016-01-21 07:09 - 0001039 _____ () C:\ProgramData\VodafoneConnectorService.log

Some files in TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004Core.job => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004UA.job => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom\Desktop" je 2423 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Avira free antivirus mi nepovolí spuštění. Dole v pravo pravým tlačítkem na ikoně AV je napsáno, že firewall a real time protection je "inactive", tak nevím, co s tím víc, protože když pak chci stáhnout FRST Launcher z http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe tak mi to dole na liště napíše, že soubor je škodlivý a Chrome jej zablokoval. Musel bych ten antivir odinstalovat? Nebo to jde i jinak?

Stačí ho vypnout (rez. štíty). Utilit se nemusíte bát, jsou vyzkoušené a běžně je tu užíváme.

Log FRST jsem už dal. Zprávu o tom, že mi to nejde, se mi asi nepodařilo smazat, každopádně ten log jsem už poslal i s Addition v příloze.

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.030 - Logfile created 23/01/2016 at 13:13:42
# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Tom - TOM-THINK
# Running from : C:\Users\Tom\Desktop\adwcleaner_5.030.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1058 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-01-2016
Ran by Tom (administrator) on TOM-THINK (23-01-2016 19:11:13)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Devguru Co., Ltd.) C:\Windows\System32\dgdersvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Vodafone Group) C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor)
HKLM\...\Run: [LENOVO.TPFNF6R] => C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [62752 2009-08-20] (Lenovo Group Limited)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [337256 2010-07-01] (Lenovo.)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [Message Center Plus] => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-28] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo)
HKLM\...\Run: [NokiaMServer] => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-12-08] (UPEK Inc.)
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe [3404600 2010-01-28] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [] => [X]
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {7662cef2-b9cf-11df-b1ab-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {8e469940-4f34-11e0-bb59-806e6f6e6963} - E:\SETUP.EXE
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {fadcceb3-7c35-11e0-8965-60eb6938aad7} - E:\VTP_Manager.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-09-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0975C4DE-74F4-4554-A7B3-B752EDA1EED8}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{83E61A11-201A-49DA-9291-E39A055F22E5}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {BFA3FC34-B864-427A-8461-596196FF4C50} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-17] (Oracle Corporation)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2010-08-06] (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-17] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\mCC8rcqP.default
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-941990748-441640365-1117249700-1004: @tools.google.com/Google Update;version=3 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-941990748-441640365-1117249700-1004: @tools.google.com/Google Update;version=9 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\mCC8rcqP.default\Extensions\abs@avira.com [2014-08-19] [not signed]
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-10-13] [not signed]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-10-13] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://aktualne.centrum.cz/"
CHR Plugin: (Shockwave Flash) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\47.0.2526.111\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Tom\AppData\Local\Google\Chrome\Application\47.0.2526.111\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Google Update) - C:\Users\Tom\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Jmeniny) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\acanokghadamaghkbbiclbleblhndfig [2013-07-20]
CHR Extension: (Air Sniper) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\adchihfghjejdnblggcajgclmhajgbgp [2015-05-25]
CHR Extension: (Just a Clock - the Hours) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\agglgohcegmeeaccikjfmehncfomccpg [2015-12-05]
CHR Extension: (Gun Cars) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainpghfkenelflgmnnlhfenknfkhjibd [2013-02-18]
CHR Extension: (geniální paměť) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkoinfmlfndmileeeldconamokemeck [2014-12-26]
CHR Extension: (Actual Date) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokomghjcfmiofmackdbpjleianepgih [2013-08-31]
CHR Extension: (\r\n Air Hockey) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apodhfipkokiikmebaaeppbphbjeiakn [2014-09-13]
CHR Extension: (Link All) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbplhdcnpcenkdciibplnkgmiffjfnni [2015-06-22]
CHR Extension: (Přehled zpráv (od společnosti Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhcdlggicnjoobiphdkdgmblbknkjjp [2012-05-31]
CHR Extension: (Pouliční závod) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpbdphmdlpcahlaepbenmelkjeihbdn [2013-02-20]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Pro Racing GT) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cakjnkffnmgeibednpjkdmaeallapipm [2014-09-13]
CHR Extension: (TypingWeb Typing Tutor) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk [2015-05-18]
CHR Extension: (Gun Blood) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-06-07]
CHR Extension: (Play.cz) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2012-06-10]
CHR Extension: (Search by Image (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-12-29]
CHR Extension: (Extreme Heli Combat) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmihkeilieoimchodbiiiebaceghlfbi [2015-05-30]
CHR Extension: (IELTS 3600 Words) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmjibbiloicpoebmoeilmijlfehabfdm [2015-05-18]
CHR Extension: (YoWindow Počasí Zdarma) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2016-01-15]
CHR Extension: (Type Scout - Better Typing!

) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2015-06-22]
CHR Extension: (Lukostřelba Shoot) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fondfnnamdablnfcbnmajhcapbgbpgfp [2015-06-07]
CHR Extension: (Střelba) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclefnfkbfgjfebngankojbbcebipnbk [2015-06-07]
CHR Extension: (Advanced Memories) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjnpcjofgpgheomppapajdophgpdceb [2013-07-26]
CHR Extension: (slovo vyhledávání) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm [2015-04-23]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2015-10-07]
CHR Extension: (Go) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpennelbajgblbpjjgblhdlenchfjkdh [2015-05-25]
CHR Extension: (Jobs) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgeepnjgafalmpkbjahdppbjhinaelcc [2012-07-02]
CHR Extension: (Hextris) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpbfhahpcpomklijepdpcdkhagogojnh [2015-05-25]
CHR Extension: (Pool Mania) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icojacdaddlajldkicfacgcjncbkieen [2013-02-20]
CHR Extension: (Šílené střelby) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2015-06-07]
CHR Extension: (Děti Paměť) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifhmggjnilpcbebdfejnelilcmkjjap [2014-09-13]
CHR Extension: (TOEFL 1200 Words in 30 Days) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jedheaebdffklhgodepimamapjcjhgfl [2015-05-18]
CHR Extension: (Převod měn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2014-07-09]
CHR Extension: (Apple Shooting Archery Game) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljfkjdckjkhfcangidnphgbjoiigclo [2015-06-07]
CHR Extension: (Photo Pairs - Memory with Personal Themes) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgodkhbbiaiacfbddfgccplhnceibic [2012-06-01]
CHR Extension: (Dora paměťová hra) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\llhdcbbohgolnjbijdnllpgbeoaapbin [2014-12-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-04-27]
CHR Extension: (Chain Rxn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkdlfmoglbdpomddljgapccmlognoaf [2015-05-20]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Memory Game) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmnajgbacoodkhagegioakgkbdijfhbe [2013-01-30]
CHR Extension: (TypingClub) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2015-05-18]
CHR Extension: (3D Racing) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\offcjdnhmmknnjbcfbgkimglajcfjibo [2015-05-30]
CHR Extension: (Inca Challenge: pexeso) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ologmmifheggjbiikcoabhdcdjcghjed [2014-12-26]
CHR Extension: (TV program - právě běží) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\oneckfddlpeapgcokdhjhbncomdlodec [2012-05-31]
CHR Extension: (Minesweeper Classic) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\paicmkpdgdggnkbobnmmdghbkbfjacje [2016-01-17]
CHR Extension: (Just a Clock - the Minutes) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmgkfgcnigcopcjhilfabbdgmjmkogj [2015-12-05]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Typing Tutor) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppodolbmofkadjlohmiofjladlpfked [2015-05-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Tom\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124264 2011-04-14] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [263528 2011-04-14] (Lenovo)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2009-12-22] (Devguru Co., Ltd.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed]
R2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45424 2009-07-03] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-02-18] (Lenovo Group Limited) [File not signed]
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [99328 2010-12-03] (Lenovo Group Limited) [File not signed]
R2 VodafoneConnectorService; C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe [233472 2010-01-12] (Vodafone Group) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55456 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [431672 2011-03-15] () [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-09] (Avira Operations GmbH & Co. KG)
S3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-23 19:11 - 2016-01-23 19:11 - 00024613 _____ C:\Users\Tom\Desktop\FRST.txt
2015-12-26 22:50 - 2015-12-26 22:50 - 00260040 _____ C:\Users\Tom\Downloads\9083719.pdf
2015-12-26 21:20 - 2015-12-26 21:20 - 00170717 _____ C:\Users\Tom\Downloads\eshop_op.pdf
2015-12-25 18:30 - 2015-12-25 18:30 - 00000000 ___HD C:\Users\Tom\Documents\Freemake_do_not_remove_this_folder635866650372290510

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-23 19:11 - 2012-11-01 10:42 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent
2016-01-23 19:06 - 2015-02-07 19:25 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004UA.job
2016-01-23 15:40 - 2011-03-06 08:56 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Media Player Classic
2016-01-23 14:57 - 2009-07-14 05:34 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-23 14:57 - 2009-07-14 05:34 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-23 14:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-23 14:49 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-23 14:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-23 13:15 - 2011-05-04 12:14 - 00000466 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-01-23 13:13 - 2014-12-21 11:59 - 00000000 ____D C:\AdwCleaner
2016-01-23 12:12 - 2011-04-02 15:40 - 00000000 ____D C:\Users\Tom\AppData\Roaming\avidemux
2016-01-23 11:17 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-23 10:53 - 2012-07-22 09:55 - 00000000 ____D C:\Users\Tom\Downloads\ok
2016-01-23 10:17 - 2010-09-06 17:49 - 00715840 _____ C:\Windows\system32\perfh005.dat
2016-01-23 10:17 - 2010-09-06 17:49 - 00159282 _____ C:\Windows\system32\perfc005.dat
2016-01-23 10:17 - 2009-07-21 06:30 - 01715864 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-21 00:06 - 2015-02-07 19:25 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004Core.job
2016-01-17 01:13 - 2012-12-30 23:43 - 00000000 ____D C:\Users\Tom\Downloads\video
2016-01-16 17:17 - 2011-05-28 12:29 - 00094208 _____ C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-15 14:19 - 2011-02-24 13:06 - 00002367 _____ C:\Users\Tom\Desktop\Google Chrome.lnk
2016-01-11 23:46 - 2011-09-15 17:04 - 00000000 ____D C:\Users\Tom\Downloads\skola
2016-01-10 12:43 - 2012-03-21 16:03 - 00011794 _____ C:\Users\Tom\Downloads\čd.txt
2016-01-07 19:30 - 2009-07-14 05:53 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-07 14:33 - 2010-09-06 17:27 - 00000000 ____D C:\ProgramData\PCDr
2016-01-02 13:32 - 2011-11-13 17:39 - 00000000 ____D C:\Users\Tom\Downloads\backup
2016-01-01 19:50 - 2011-05-04 12:14 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-12-30 19:54 - 2011-02-24 21:45 - 00000000 ____D C:\Users\Tom\AppData\Local\GHISLER
2015-12-26 23:55 - 2012-11-03 22:09 - 00000000 ____D C:\Users\Tom\Downloads\DCIM
2015-12-25 11:38 - 2013-02-11 20:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======

2011-05-28 12:29 - 2016-01-16 17:17 - 0094208 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-01 14:43 - 2014-01-01 14:43 - 0006801 _____ () C:\Users\Tom\AppData\Local\recently-used.xbel
2011-05-09 11:59 - 2016-01-23 13:33 - 0001039 _____ () C:\ProgramData\VodafoneConnectorService.log

Some files in TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\avgnt.exe
C:\Users\Tom\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004Core.job => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004UA.job => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom\Desktop" je 2424 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [] => [X]
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {7662cef2-b9cf-11df-b1ab-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {8e469940-4f34-11e0-bb59-806e6f6e6963} - E:\SETUP.EXE
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\MountPoints2: {fadcceb3-7c35-11e0-8965-60eb6938aad7} - E:\VTP_Manager.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {BFA3FC34-B864-427A-8461-596196FF4C50} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-441640365-1117249700-1004Core.job
C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Tom\AppData\Local\Temp

End[/quote]

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Tom\Desktop" je 2424 MB.

To je příliš mnoho a může to zpomalovat start. Vytvořte v C:\Users\Tom novou složku, do které přesuňte všechna data z plochy (kromě zástupců). Na plochu pak můžete dát pro snazší přístup zástupce té složky.

Díky, jen se chci před tím zeptat, co takový krok způsobí? Neovlivním tím automatický update Chrome, přístup na E: nebo něco podobného?

Nemělo by se nic stát, krom toho, že budou smazány položky dané do skriptu. Převážně jde o zbytečnosti.

Fix result of Farbar Recovery Scan Tool (x86) Version:18-01-

2016
Ran by Tom (2016-01-24 08:03:01) Run:1
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...\Run: [] =>

[X]
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...

\MountPoints2: {7662cef2-b9cf-11df-b1ab-806e6f6e6963} - Q:

\LenovoQDrive.exe
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...

\MountPoints2: {8e469940-4f34-11e0-bb59-806e6f6e6963} - E:

\SETUP.EXE
HKU\S-1-5-21-941990748-441640365-1117249700-1004\...

\MountPoints2: {fadcceb3-7c35-11e0-8965-60eb6938aad7} - E:

\VTP_Manager.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-

E1416B8B2E3A} URL =
SearchScopes: HKLM -> {BFA3FC34-B864-427A-8461-596196FF4C50}

URL = hxxp://www.bing.com/search?q={searchTerms}

&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-

472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-

472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-

472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-

441640365-1117249700-1004UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-

441640365-1117249700-1004Core.job
C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-

E0D61DEA3FDF.ini
C:\Users\Tom\AppData\Local\Temp
*****************

HKU\S-1-5-21-941990748-441640365-1117249700-1004\Software

\Microsoft\Windows\CurrentVersion\Run\\ => value removed

successfully.
"HKU\S-1-5-21-941990748-441640365-1117249700-1004\SOFTWARE

\Microsoft\Windows\CurrentVersion\Explorer

\MountPoints2\{7662cef2-b9cf-11df-b1ab-806e6f6e6963}" => key

removed successfully.
HKCR\CLSID\{7662cef2-b9cf-11df-b1ab-806e6f6e6963} => key not

found.
"HKU\S-1-5-21-941990748-441640365-1117249700-1004\SOFTWARE

\Microsoft\Windows\CurrentVersion\Explorer

\MountPoints2\{8e469940-4f34-11e0-bb59-806e6f6e6963}" => key

removed successfully.
HKCR\CLSID\{8e469940-4f34-11e0-bb59-806e6f6e6963} => key not

found.
"HKU\S-1-5-21-941990748-441640365-1117249700-1004\SOFTWARE

\Microsoft\Windows\CurrentVersion\Explorer

\MountPoints2\{fadcceb3-7c35-11e0-8965-60eb6938aad7}" => key

removed successfully.
HKCR\CLSID\{fadcceb3-7c35-11e0-8965-60eb6938aad7} => key not

found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\

\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

\{BFA3FC34-B864-427A-8461-596196FF4C50}" => key removed

successfully.
HKCR\CLSID\{BFA3FC34-B864-427A-8461-596196FF4C50} => key not

found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

\\DefaultScope => value removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key

removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-

441640365-1117249700-1004UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-941990748-

441640365-1117249700-1004Core.job => moved successfully
C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-

E0D61DEA3FDF.ini => moved successfully

"C:\Users\Tom\AppData\Local\Temp" folder move:

Could not move "C:\Users\Tom\AppData\Local\Temp" => Scheduled

to move on reboot.

Result of scheduled files to move (Boot Mode: Normal)

(Date&Time: 2016-01-24 08:06:00)

C:\Users\Tom\AppData\Local\Temp => moved successfully

==== End of Fixlog 08:06:01 ====

Z Plochy jsem odstranil pár věcí.

Log by již měl být OK.

ok, díky. Teď zkusím windows update, protože jsem si všiml, že jsem už dlouho neupdatoval

Takže se možná zase někdy ozvu

Tom

VIRY.CZ

FRST, Addition

FRST, Addition

Re: NB se zasekává, zpomaluje, internet často nenačítá...

Re: NB se zasekává, zpomaluje, internet často nenačítá...

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition

Re: FRST, Addition