VIRY.CZ

Dobrý den,
Poslední dobou si můj notebook osvojil několik zlozvyků, mimo jiné i změny času ve windows. Když dám aktualizovat podle webu tak se dočasně aktualizuje, (mam tu volbu zatrhlou pořád) ale to je jediné. Zkoušel jsem projet PC antivirem AVG a CC cleanerem ale evidentně se havěť nějak usídlila, v dalších příspěvcích pošlu logy

prikladam FRST v priloze protoze tam bylo moc znaku

RSIT, opět se nevešel do zprávy tak přikládám

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18666 BrowserJavaVersion: 11.131.2
Run by Dellinka at 1:42:57 on 2017-05-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.8070.2938 [GMT 2:00]
.
AV: AVG Antivirus *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Antivirus *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Nemetschek\AllplanUpdateLauncher 2016\AllplanUpdateLauncher.exe
C:\Program Files\Allplan\AllplanUpdateLauncher 2017\AllplanUpdateLauncher.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Dell\Dell Location and GPS\Dell Location Utility\xpscontrolpanel.exe
C:\Windows\system32\taskeng.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Dellinka\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Dellinka\AppData\Local\Akamai\netsession_win.exe
C:\Users\Dellinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Dellinka\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Users\Dellinka\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
C:\Users\Dellinka\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\SysWOW64\irstrtsv.exe
c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Dell\Dell Location and GPS\Dell Location Utility\xpssvc.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\TEMP\AdAppMgrUpdater.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
uRun: [BitTorrent] "C:\Users\Dellinka\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [AdobeBridge] <no file>
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
mRun: [Gaming Keyboard Driver] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
mRun: [APSDaemon] "c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Dellinka\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} -
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Trusted Zone: dell.com
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
TCP: NameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{6CD50F5B-EDCD-4731-A769-D3E47F77ABFB} : DHCPNameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{A602D0DE-1295-4270-A9D4-0ECEA788C8CA} : DHCPNameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{A602D0DE-1295-4270-A9D4-0ECEA788C8CA}\14C494741445F425022585530303024457F6 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{A602D0DE-1295-4270-A9D4-0ECEA788C8CA}\55053423537363637383 : DHCPNameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{A602D0DE-1295-4270-A9D4-0ECEA788C8CA}\56465727F616D6 : DHCPNameServer = 10.9.0.1
TCP: Interfaces\{BF1F1611-73B6-423D-B839-18788E477491} : DHCPNameServer = 192.168.42.129
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} -
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Dell Location Utility] c:\Program Files\Dell\Dell Location and GPS\Dell Location Utility\xpscontrolpanel.exe --no-info
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
x64-Run: [AVGUI.exe] "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-7-9 32896]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-8-7 28008]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-8-15 20024]
R1 avgbdisk;avgbdisk;C:\Windows\System32\drivers\avgbdiska.sys [2017-4-5 166624]
R1 avgbidsdriver;avgbidsdriver;C:\Windows\System32\drivers\avgbidsdrivera.sys [2017-4-5 314128]
R1 avgRdr;avgRdr;C:\Windows\System32\drivers\avgRdr2.sys [2017-4-5 102280]
R1 avgSnx;avgSnx;C:\Windows\System32\drivers\avgSnx.sys [2017-4-5 1008288]
R1 avgSP;avgSP;C:\Windows\System32\drivers\avgSP.sys [2017-4-5 570320]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-8-1 283064]
R2 AdAppMgrSvc;Autodesk Desktop App Service;C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-5-10 1295376]
R2 AllplanUpdateLauncher 2016;Nemetschek Allplan Updatelauncher Service 2016;C:\Program Files\Nemetschek\AllplanUpdateLauncher 2016\AllplanUpdateLauncher.exe [2016-2-15 16280]
R2 AllplanUpdateLauncher 2017;Allplan Updatelauncher Service 2017;C:\Program Files\Allplan\AllplanUpdateLauncher 2017\AllplanUpdateLauncher.exe [2017-2-18 15768]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2015-8-4 235520]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2012-3-9 107648]
R2 AVG Antivirus;AVG Antivirus;C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-5-13 264432]
R2 avgMonFlt;avgMonFlt;C:\Windows\System32\drivers\avgMonFlt.sys [2017-4-5 129776]
R2 avgsvc;AVG Service;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-5-23 1428656]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-3-5 3705544]
R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2016-12-22 4817384]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-10-15 9216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-7-9 193576]
R2 McNeelUpdate;McNeel Update Service 5.0;C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2015-8-10 67944]
R2 NovaPdfServer;novaPDF Server;C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-3-3 50600]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-19 5426448]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2017-2-21 5906704]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-9 363800]
R2 vToolbarUpdater40.3.7;vToolbarUpdater40.3.7;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [2017-2-6 1354312]
R2 WtuSystemSupport;WtuSystemSupport;C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2016-7-27 981576]
R2 xpssvc;Dell Location Utility;C:\Program Files\Dell\Dell Location and GPS\Dell Location Utility\xpssvc.exe [2010-2-27 908104]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2012-3-9 159360]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2012-7-9 77824]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-3-9 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-3-9 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-3-9 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-3-9 281472]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-7-9 551552]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-7-9 176096]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-11-17 1473216]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2016-11-7 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\Windows\System32\drivers\dtliteusbbus.sys [2016-11-7 47672]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-3-19 14745600]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2015-8-15 43800]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-8-15 358456]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-8-15 791608]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-7-9 104048]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-10-12 50072]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-8-16 25816]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-7-9 21264]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2017-2-21 32304]
R3 XPSVCOM;XPSVCOM;C:\Windows\System32\drivers\XPSVCOM.sys [2010-2-1 16896]
S2 avgStm;avgStm;C:\Windows\System32\drivers\avgstm.sys [2017-4-5 160008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-26 125064]
S2 DellDigitalDelivery;Dell Digital Delivery Service;"C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" --> C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [?]
S2 MBAMService;MBAMService;"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" --> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-2-27 317400]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\adusbser.sys [2014-4-27 154112]
S3 avgbIDSAgent;avgbIDSAgent;C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-5-13 7396872]
S3 avgHwid;avgHwid;C:\Windows\System32\drivers\avgHwid.sys [2017-4-5 39424]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-10-7 1591264]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-5-10 116224]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-9 331264]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-8-16 63704]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-1-29 257216]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-14 25072]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;C:\Windows\System32\drivers\Rockey4USB.sys [2016-10-6 23592]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-7-9 314472]
S3 SwitchBoard;Adobe SwitchBoard;"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" --> C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-25 1255736]
S3 wdm_usb;wdm_usb;C:\Windows\System32\drivers\usb2ser.sys [2016-8-16 159936]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\Windows\System32\drivers\ymidusbx64.sys [2011-11-1 51016]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2017-05-30 23:29:09 -------- d-----w- C:\FRST
2017-05-29 22:44:06 53008 ----a-w- C:\Windows\System32\TURegOpt.exe
2017-05-29 22:44:05 44304 ----a-w- C:\Windows\System32\authuitu.dll
2017-05-29 22:44:05 42256 ----a-w- C:\Windows\SysWow64\authuitu.dll
2017-05-13 07:24:33 401584 ----a-w- C:\Windows\System32\avgBoot.exe
2017-05-10 23:13:36 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2017-05-10 19:12:59 876544 ----a-w- C:\Windows\System32\oleaut32.dll
2017-05-09 20:06:58 -------- d-----w- C:\Users\Dellinka\AppData\Roaming\Ubisoft
2017-05-09 19:35:09 -------- d-----w- C:\Program Files (x86)ANNO 2070
.
==================== Find3M ====================
.
2017-05-13 07:25:11 160008 ----a-w- C:\Windows\System32\drivers\avgstm.sys
2017-05-13 07:24:09 340824 ----a-w- C:\Windows\System32\drivers\avgVmm.sys
2017-05-13 07:24:08 570320 ----a-w- C:\Windows\System32\drivers\avgSP.sys
2017-05-13 07:24:07 76832 ----a-w- C:\Windows\System32\drivers\avgRvrt.sys
2017-05-13 07:24:07 39424 ----a-w- C:\Windows\System32\drivers\avgHwid.sys
2017-05-13 07:24:07 129776 ----a-w- C:\Windows\System32\drivers\avgMonFlt.sys
2017-05-13 07:24:05 102280 ----a-w- C:\Windows\System32\drivers\avgRdr2.sys
2017-05-13 07:23:17 1008288 ----a-w- C:\Windows\System32\drivers\avgSnx.sys
2017-05-13 07:22:19 51336 ----a-w- C:\Windows\System32\drivers\avgbuniva.sys
2017-05-13 07:22:18 336896 ----a-w- C:\Windows\System32\drivers\avgbloga.sys
2017-05-13 07:22:17 192584 ----a-w- C:\Windows\System32\drivers\avgbidsha.sys
2017-05-13 07:22:15 314128 ----a-w- C:\Windows\System32\drivers\avgbidsdrivera.sys
2017-05-13 07:22:15 166624 ----a-w- C:\Windows\System32\drivers\avgbdiska.sys
2017-04-29 13:19:16 97856 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2017-04-28 01:14:59 631176 ----a-w- C:\Windows\System32\winresume.efi
2017-04-28 01:14:09 706792 ----a-w- C:\Windows\System32\winload.efi
2017-04-28 01:14:08 5547240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2017-04-28 01:14:05 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-04-28 01:14:05 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-04-28 01:11:49 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2017-04-28 01:09:59 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2017-04-28 00:36:36 4000488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2017-04-28 00:36:36 3945192 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2017-04-28 00:34:21 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2017-04-28 00:19:29 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2017-04-28 00:19:26 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2017-04-28 00:19:25 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2017-04-28 00:18:44 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-04-28 00:15:46 338432 ----a-w- C:\Windows\System32\conhost.exe
2017-04-28 00:14:54 296960 ----a-w- C:\Windows\System32\rstrui.exe
2017-04-28 00:12:14 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2017-04-28 00:11:40 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2017-04-28 00:11:38 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2017-04-28 00:11:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2017-04-28 00:10:56 30720 ----a-w- C:\Windows\System32\lsass.exe
2017-04-28 00:10:53 112640 ----a-w- C:\Windows\System32\smss.exe
2017-04-28 00:08:07 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2017-04-28 00:08:06 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2017-04-28 00:08:06 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2017-04-28 00:08:05 2048 ----a-w- C:\Windows\SysWow64\user.exe
2017-04-28 00:07:21 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2017-04-28 00:07:13 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2017-04-28 00:07:13 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-28 00:07:13 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-28 00:07:13 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2017-04-26 14:59:15 3220992 ----a-w- C:\Windows\System32\win32k.sys
2017-04-21 15:34:00 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2017-04-21 15:15:28 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2017-04-17 15:37:31 512000 ----a-w- C:\Windows\System32\rpcss.dll
2017-04-17 15:37:29 26112 ----a-w- C:\Windows\System32\oleres.dll
2017-04-17 15:37:29 2065408 ----a-w- C:\Windows\System32\ole32.dll
2017-04-17 15:37:20 8704 ----a-w- C:\Windows\System32\comcat.dll
2017-04-17 15:12:24 581632 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2017-04-17 15:12:24 26112 ----a-w- C:\Windows\SysWow64\oleres.dll
2017-04-17 15:12:24 1417728 ----a-w- C:\Windows\SysWow64\ole32.dll
2017-04-17 14:54:48 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2017-04-16 09:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-04-16 09:16:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-04-16 08:57:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-04-16 08:55:41 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-04-16 08:55:24 417792 ----a-w- C:\Windows\System32\html.iec
2017-04-16 08:54:52 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-04-16 08:54:39 576512 ----a-w- C:\Windows\System32\vbscript.dll
2017-04-16 08:37:33 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-04-16 08:37:32 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-04-16 08:36:53 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-04-16 08:25:51 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-04-16 08:19:51 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-04-16 08:18:59 5977600 ----a-w- C:\Windows\System32\jscript9.dll
2017-04-16 08:11:22 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-04-16 08:10:56 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-04-16 08:02:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-04-16 08:01:42 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-04-16 08:01:40 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-04-16 08:01:20 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-04-16 08:00:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-04-16 07:47:30 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-04-16 07:46:56 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-04-16 07:37:51 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-04-16 07:37:40 2132992 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-04-16 07:30:01 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-04-16 07:29:28 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2017-04-16 07:08:57 2057216 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-04-16 07:08:30 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-04-16 07:08:11 4548608 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-04-16 07:04:52 3241472 ----a-w- C:\Windows\System32\wininet.dll
2017-04-16 06:37:47 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-04-12 15:32:24 229376 ----a-w- C:\Windows\System32\wintrust.dll
2017-04-12 15:32:10 190976 ----a-w- C:\Windows\System32\cryptsvc.dll
2017-04-12 15:32:10 1483776 ----a-w- C:\Windows\System32\crypt32.dll
2017-04-12 15:32:10 141824 ----a-w- C:\Windows\System32\cryptnet.dll
2017-04-12 15:26:12 179200 ----a-w- C:\Windows\SysWow64\wintrust.dll
2017-04-12 15:25:04 145920 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2017-04-12 15:25:04 1176064 ----a-w- C:\Windows\SysWow64\crypt32.dll
2017-04-12 15:25:04 106496 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2017-04-07 15:34:43 986856 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2017-04-07 15:34:43 265448 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2017-04-07 15:30:55 405504 ----a-w- C:\Windows\System32\gdi32.dll
2017-04-07 15:30:53 144384 ----a-w- C:\Windows\System32\cdd.dll
2017-04-07 15:22:12 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
.
============= FINISH: 1:43:49,52 ===============

Zdravím!
Pokud zadáte dotaz a budete si na něj sám odpovídat, nemusíte se dočkat odpovědi. Prohlížíme pouze ty thready, které nemají žádnou odpověď, nebo max. jednu. Kdybychom měli vše otevírat, neudělali bychom nic.

K věci: Děje se vám změna času po vypnití PC? Pokud ano, problém má zálohovací baterie biosu. Baterii je třeba vyměnit. Obvykle je typu CR2032, ovšem některé NB mají baterii speciální.

Pardon, chtěl jsem rovnou vložit logy.
Ne, není to jen po vypnutí PC je to i během práce na PC

OK. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.047 - Logfile created 31/05/2017 at 17:57:31
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-02.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dellinka - DELLINKA-PC
# Running from : C:\Users\Dellinka\Desktop\adwcleaner_6.047.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found: vToolbarUpdater40.3.7
Service Found: WtuSystemSupport


***** [ Folders ] *****

Folder Found: C:\Users\Dellinka\AppData\Local\avg web tuneup
Folder Found: C:\Program Files\Common Files\AVG Secure Search
Folder Found: C:\ProgramData\AVG Security Toolbar
Folder Found: C:\ProgramData\Trymedia
Folder Found: C:\ProgramData\avg web tuneup
Folder Found: C:\ProgramData\Application Data\AVG Security Toolbar
Folder Found: C:\ProgramData\Application Data\Trymedia
Folder Found: C:\ProgramData\Application Data\avg web tuneup
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot
Folder Found: C:\Program Files (x86)\avg web tuneup
Folder Found: C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup


***** [ Files ] *****

File Found: C:\Windows\chromebrowser.exe
File Found: C:\prefs.js


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKCU\Software\005b6e06637e6a5cc09fd954e7d89c2f
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Conduit
Key Found: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\PRODUCTSETUP
Key Found: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\csastats
Key Found: HKCU\Software\Conduit
Key Found: HKCU\Software\PRODUCTSETUP
Key Found: HKCU\Software\csastats
Key Found: HKLM\SOFTWARE\Conduit
Key Found: HKLM\SOFTWARE\Trymedia Systems
Key Found: HKLM\SOFTWARE\AVG Tuneup
Key Found: [x64] HKCU\Software\Conduit
Key Found: [x64] HKCU\Software\PRODUCTSETUP
Key Found: [x64] HKCU\Software\csastats
Key Found: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Dellinka\AppData\Local\Google\Chrome\User Data\Default\Web data] - mufin-player.en.softonic.com
Chrome pref Found: [C:\Users\Dellinka\AppData\Local\Google\Chrome\User Data\Default\Web data] - free-5kplayer.en.softonic.com
Chrome pref Found: [C:\Users\Dellinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]


*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [5683 Bytes] - [31/05/2017 17:57:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5756 Bytes] ##########

ADW nemazal, neklikl jste na mazání. Zkuste ještě jednou.

# AdwCleaner v6.047 - Logfile created 03/06/2017 at 10:06:04
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-02.2 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dellinka - DELLINKA-PC
# Running from : C:\Users\Dellinka\Desktop\adwcleaner_6.047.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.7
[-] Service deleted: WtuSystemSupport


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Dellinka\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Security Toolbar
[-] Folder deleted: C:\ProgramData\Trymedia
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Trymedia
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup


***** [ Files ] *****

[-] File deleted: C:\Windows\chromebrowser.exe
[-] File deleted: C:\prefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKCU\Software\005b6e06637e6a5cc09fd954e7d89c2f
[-] Key deleted: HKLM\SOFTWARE\Classes\Codejock.SkinFramework.11.2.0
[-] Key deleted: HKLM\SOFTWARE\Classes\Codejock.SkinFrameworkGlobalSettings.11.2.0
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Codejock.SkinFramework.11.2.0
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Codejock.SkinFrameworkGlobalSettings.11.2.0
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{40217CB8-4463-4030-B324-AC6A8075FEC8}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\csastats
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\csastats
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\Trymedia Systems
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Key deleted: HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

[-] [C:\Users\Dellinka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mufin-player.en.softonic.com
[-] [C:\Users\Dellinka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: free-5kplayer.en.softonic.com
[-] [C:\Users\Dellinka\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6590 Bytes] - [03/06/2017 10:06:04]
C:\AdwCleaner\AdwCleaner[S0].txt - [5887 Bytes] - [31/05/2017 17:57:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [6594 Bytes] - [03/06/2017 10:04:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6809 Bytes] ##########

Dejte nový log FRST.

zde prosím

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\Dellinka\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Dellinka\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\...\Run: [BingSvc] => C:\Users\Dellinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
C:\Users\Dellinka\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll => No File
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Dellinka\AppData\Local\Temp
Task: {09164922-EB30-4AEE-BD6B-5889B266632C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-26] (Google Inc.)
Task: {AACA76D4-4CE4-4D74-A65A-25852D35048A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-26] (Google Inc.)
AlternateDataStreams: C:\Windows:CM_0ba363a7c3f210b189d7a120ca395742515e5835eed2fc4a099dedc58a9d605e [74]
AlternateDataStreams: C:\Windows:CM_b9ee48a27745ac9724b986a521a49fc7d56499597164a4af2a8bcbca1cadcbe4 [74]
AlternateDataStreams: C:\Windows:CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4 [74]
AlternateDataStreams: C:\Windows:CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8 [74]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by Dellinka (04-06-2017 08:08:56) Run:1
Running from C:\Users\Dellinka\Desktop
Loaded Profiles: Dellinka (Available Profiles: Dellinka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Dellinka\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Dellinka\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\...\Run: [BingSvc] => C:\Users\Dellinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (� 2015 Microsoft Corporation)
C:\Users\Dellinka\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll => No File
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Dellinka\AppData\Local\Temp
Task: {09164922-EB30-4AEE-BD6B-5889B266632C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-26] (Google Inc.)
Task: {AACA76D4-4CE4-4D74-A65A-25852D35048A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-26] (Google Inc.)
AlternateDataStreams: C:\Windows:CM_0ba363a7c3f210b189d7a120ca395742515e5835eed2fc4a099dedc58a9d605e [74]
AlternateDataStreams: C:\Windows:CM_b9ee48a27745ac9724b986a521a49fc7d56499597164a4af2a8bcbca1cadcbe4 [74]
AlternateDataStreams: C:\Windows:CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4 [74]
AlternateDataStreams: C:\Windows:CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8 [74]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

EmptyTemp:
End
*****************


"C:\Users\Dellinka\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Dellinka\AppData\Local\Akamai" => Scheduled to move on reboot.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui => key removed successfully
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
C:\Users\Dellinka\AppData\Local\Microsoft\BingSvc => moved successfully
HKU\S-1-5-21-498093251-2287956375-4192493052-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKCR\PROTOCOLS\Handler\livecall => key not found.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
HKCR\PROTOCOLS\Handler\msnim => key not found.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} => key removed successfully
HKCR\Wow6432Node\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKCR\PROTOCOLS\Handler\wlmailhtml => key not found.
HKCR\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0} => key not found.
HKCR\PROTOCOLS\Handler\wlpg => key not found.
HKCR\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully

"C:\Users\Dellinka\AppData\Local\Temp" folder move:

Could not move "C:\Users\Dellinka\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09164922-EB30-4AEE-BD6B-5889B266632C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09164922-EB30-4AEE-BD6B-5889B266632C} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AACA76D4-4CE4-4D74-A65A-25852D35048A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AACA76D4-4CE4-4D74-A65A-25852D35048A} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
C:\Windows => ":CM_0ba363a7c3f210b189d7a120ca395742515e5835eed2fc4a099dedc58a9d605e" ADS removed successfully.
C:\Windows => ":CM_b9ee48a27745ac9724b986a521a49fc7d56499597164a4af2a8bcbca1cadcbe4" ADS removed successfully.
C:\Windows => ":CM_cdfdf49505024624d2decf3e9557d51162be6aba9545d69de4a936f7ba6139f4" ADS removed successfully.
C:\Windows => ":CM_d1cca5b43b23e7a102fa897d892102fdacb2faaf6f5875efce3bd0a2c56874f8" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17003985 B
Java, Flash, Steam htmlcache => 92497481 B
Windows/system/drivers => 122674817 B
Edge => 0 B
Chrome => 624892951 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 7228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 26716 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Dellinka => 58308414 B

RecycleBin => 19866203330 B
EmptyTemp: => 19.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-06-2017 08:11:48)

C:\Users\Dellinka\AppData\Local\Akamai => Is moved successfully
C:\Users\Dellinka\AppData\Local\Temp => moved successfully

==== End of Fixlog 08:11:49 ====

Smazáno. Nastala nějaká změna?