Pomalý náběh IE, zpomalený PC prosím o kontrolu logu.....stav se co týden horší, děkuji za pomoc.
(CCleanerem vyčištěno)
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kirchner at 2015-06-26 10:35:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 434 GB (91%) free of 477 GB
Total RAM: 3328 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:35:11, on 26.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_160_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kirchner\Desktop\RSIT.exe
C:\Program Files\trend micro\Kirchner.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Nezapomen] C:\Program Files\Pamatuj\nezapomen.exe 42181
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\system32\xmesrv.exe
--
End of file - 4941 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-10-09 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-10-09 7741440]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-10-09 81920]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Nezapomen"=C:\Program Files\Pamatuj\nezapomen.exe [2000-12-11 458240]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-26 10:35:06 ----D---- C:\rsit
2015-06-10 08:38:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:38:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 08:38:36 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 08:38:36 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 08:38:35 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 08:38:34 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 08:38:34 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:38:32 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 08:38:31 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 08:38:31 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 08:38:29 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 08:38:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:38:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:38:27 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 08:38:26 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 08:38:25 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 08:33:01 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 08:33:00 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 08:32:59 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 08:30:43 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 08:30:24 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 08:30:22 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 08:26:21 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 08:26:20 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 08:26:20 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 08:26:20 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:19:27 ----A---- C:\Windows\system32\comctl32.dll
======List of files/folders modified in the last 1 month======
2015-06-26 10:35:11 ----D---- C:\Windows\Prefetch
2015-06-26 10:35:09 ----D---- C:\Windows\Temp
2015-06-26 10:35:08 ----D---- C:\Program Files\trend micro
2015-06-26 07:39:45 ----D---- C:\Windows\system32\config
2015-06-25 12:02:37 ----SHD---- C:\Windows\Installer
2015-06-25 12:02:37 ----SHD---- C:\Config.Msi
2015-06-25 12:02:37 ----D---- C:\Windows\system32\Tasks
2015-06-25 08:32:40 ----D---- C:\Users\Kirchner\AppData\Roaming\PrimoPDF
2015-06-23 07:55:18 ----SHD---- C:\System Volume Information
2015-06-23 07:50:55 ----D---- C:\Windows
2015-06-22 16:04:19 ----D---- C:\Users\Kirchner\AppData\Roaming\Skype
2015-06-22 12:11:00 ----D---- C:\Users\Kirchner\AppData\Roaming\uTorrent
2015-06-22 12:10:55 ----D---- C:\Windows\inf
2015-06-22 12:10:54 ----D---- C:\Windows\debug
2015-06-17 16:01:37 ----D---- C:\Windows\system32\NDF
2015-06-16 07:57:58 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-06-12 07:57:59 ----SD---- C:\Users\Kirchner\AppData\Roaming\Microsoft
2015-06-11 10:05:06 ----D---- C:\Windows\rescache
2015-06-11 07:51:55 ----D---- C:\Windows\winsxs
2015-06-11 07:49:16 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 07:49:16 ----D---- C:\Windows\system32\appraiser
2015-06-11 07:49:16 ----D---- C:\Windows\System32
2015-06-11 07:49:16 ----D---- C:\Windows\AppPatch
2015-06-11 07:49:15 ----D---- C:\Windows\system32\drivers
2015-06-11 07:49:15 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 07:49:15 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 07:49:14 ----D---- C:\Windows\system32\en-US
2015-06-11 07:49:13 ----D---- C:\Program Files\Internet Explorer
2015-06-11 07:49:11 ----D---- C:\Program Files\Windows Media Player
2015-06-10 16:36:52 ----D---- C:\Windows\system32\MRT
2015-06-10 16:31:50 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 08:25:54 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-10-30 441760]
R0 viamraid;viamraid; C:\Windows\system32\DRIVERS\viamraid.sys [2014-10-30 142448]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2014-10-30 44384]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2014-04-07 412952]
R3 cmudax;C-Media High Definition Audio Interface; C:\Windows\system32\drivers\cmudax.sys [2004-10-21 1275584]
R3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2014-03-14 99840]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2006-11-02 20992]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 23256]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 14856]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 51928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2014-10-30 55920]
R2 xmengine service;CryptoPlus XME Engine Service; C:\Windows\system32\xmesrv.exe [2014-10-31 34696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-31 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-30 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý náběh IE, zpomalený PC prosím o kontrolu logu.....
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Zdravim 
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Děkuji moc za ochotu :
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/06/26 11:13:38
-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801FB v režimu Ultra ATA - 2651 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000AAKS-00YGA0 ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVDRAM GSA-4167B ATA Device
+ VIA RAID Controller - 3164 [SCSI]
- Maxtor 6 L160P0 SCSI Disk Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKS-00YGA0 : 500,1 GB [0/0/0, pd1]
(2) Maxtor 6L160P0 : 163,9 GB [1/2/3, sm]
----------------------------------------------------------------------------
(1) WDC WD5000AAKS-00YGA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKS-00YGA0
Firmware : 12.01C02
Serial Number : WD-WCAS86088084
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 11708 hod.
Power On Count : 3110 krát
Temparature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Počet chyb čtení
03 182 179 _21 0000000016FB Čas na roztočení ploten
04 _97 _97 __0 000000000EDA Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _84 _84 __0 000000002DBC Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C26 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000014B Počet vypnutí disku
C1 199 199 __0 000000000F48 Počet cyklů načítání/vymazání
C2 110 _92 __0 000000000028 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 00000001ADF0 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 3836 3836 3038 3830 3834
020: 0000 8000 0032 3132 2E30 3032 3032 5744 4320 5744
030: 3530 3030 4141 4B53 2D30 4741 4741 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 BC41 BC41 4123 207F 0040
090: 0040 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 57EF 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 567B 3A40 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 1695 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 28A5
----------------------------------------------------------------------------
(2) Maxtor 6L160P0
----------------------------------------------------------------------------
Model : Maxtor 6L160P0
Firmware : BAH41G10
Serial Number : L40A8V4G
Disk Size : 163,9 GB (8,4/137,4/163,9)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 320170943
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/133
Power On Hours : 901 hod. (?)
Power On Count : 3732 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 206 204 _63 000000004C1F Čas na roztočení ploten
04 252 252 __0 000000000C7F Počet spuštění/zastavení
05 253 253 _63 000000000000 Počet přemapovaných sektorů
06 253 253 100 000000000000 Počet dosáhnutí konce při čtení
07 253 252 __0 000000000000 Počet chybných hledání
08 249 245 187 000000008726 Čas potřebný na vyhledání
09 210 210 __0 00000000D347 Hodin v činnosti
0A 253 252 157 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 252 223 000000000000 Počet pokusů o překalibrování
0C 244 244 __0 000000000E94 Počet cyklů zapnutí zařízení
C0 253 253 __0 000000000000 Počet vypnutí disku
C1 253 253 __0 000000000000 Počet cyklů načítání/vymazání
C2 _39 253 __0 00000000002A Teplota
C3 253 252 __0 0000000036BE Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 __1 __1 __0 0000000010E1 Počet chyb v kontrolním součtu UltraDMA
C8 253 252 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 252 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 252 __0 000000000000 Počet chyb při směrování údajů
CB 253 252 180 000000000000 Počet chyb v kódech na opravu chyb
CC 253 252 __0 000000000000 Počet softvérově opravených chyb v opravných kódech
CD 253 252 __0 000000000000 Počet chyb způsobených vysokou teplotou
CF 253 252 __0 000000000000 Množství napětí potřebného na roztočení disku
D0 253 252 __0 000000000000 Počet vyslaných impulzů na roztočení disku při nedostatečném napájení
D1 241 241 __0 00000000009B Výkon při vyhledávaní na disku při interních testech disku
D2 253 252 __0 000000000000 Neznámý
D3 253 252 __0 000000000000 Počet vibrací při čtení
D4 253 252 __0 000000000000 Počet otřesů při zápisu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4C34 3041 3856 3447 2020 2020 2020 2020 2020 2020
020: 0003 4000 0039 4241 4834 3130 3130 4D61 7874 6F72
030: 2036 4C31 3630 5030 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 7C6B 7F09 4673 3E01 3E01 4663 407F 0000
090: 0000 0000 FFFE 6D00 C0FE 0029 0029 00D5 C350 0000
100: 6BBF 1315 0000 0000 0029 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0001 0000 FFFF FFFF 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0021 0021 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CBA5
# AdwCleaner v4.207 - Log vytvořen 26/06/2015 v 11:19:10
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Kirchner - MK-PC
# Spuštěno z : C:\Users\Kirchner\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.130
*************************
AdwCleaner[R3].txt - [897 bytů] - [26/06/2015 11:16:50]
AdwCleaner[S2].txt - [821 bytů] - [26/06/2015 11:19:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [878 bytů] ##########
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/06/26 11:13:38
-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801FB v režimu Ultra ATA - 2651 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000AAKS-00YGA0 ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVDRAM GSA-4167B ATA Device
+ VIA RAID Controller - 3164 [SCSI]
- Maxtor 6 L160P0 SCSI Disk Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKS-00YGA0 : 500,1 GB [0/0/0, pd1]
(2) Maxtor 6L160P0 : 163,9 GB [1/2/3, sm]
----------------------------------------------------------------------------
(1) WDC WD5000AAKS-00YGA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKS-00YGA0
Firmware : 12.01C02
Serial Number : WD-WCAS86088084
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 11708 hod.
Power On Count : 3110 krát
Temparature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Počet chyb čtení
03 182 179 _21 0000000016FB Čas na roztočení ploten
04 _97 _97 __0 000000000EDA Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _84 _84 __0 000000002DBC Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C26 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000014B Počet vypnutí disku
C1 199 199 __0 000000000F48 Počet cyklů načítání/vymazání
C2 110 _92 __0 000000000028 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 00000001ADF0 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 3836 3836 3038 3830 3834
020: 0000 8000 0032 3132 2E30 3032 3032 5744 4320 5744
030: 3530 3030 4141 4B53 2D30 4741 4741 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 BC41 BC41 4123 207F 0040
090: 0040 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 57EF 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 567B 3A40 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 1695 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 28A5
----------------------------------------------------------------------------
(2) Maxtor 6L160P0
----------------------------------------------------------------------------
Model : Maxtor 6L160P0
Firmware : BAH41G10
Serial Number : L40A8V4G
Disk Size : 163,9 GB (8,4/137,4/163,9)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 320170943
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/133
Power On Hours : 901 hod. (?)
Power On Count : 3732 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 206 204 _63 000000004C1F Čas na roztočení ploten
04 252 252 __0 000000000C7F Počet spuštění/zastavení
05 253 253 _63 000000000000 Počet přemapovaných sektorů
06 253 253 100 000000000000 Počet dosáhnutí konce při čtení
07 253 252 __0 000000000000 Počet chybných hledání
08 249 245 187 000000008726 Čas potřebný na vyhledání
09 210 210 __0 00000000D347 Hodin v činnosti
0A 253 252 157 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 252 223 000000000000 Počet pokusů o překalibrování
0C 244 244 __0 000000000E94 Počet cyklů zapnutí zařízení
C0 253 253 __0 000000000000 Počet vypnutí disku
C1 253 253 __0 000000000000 Počet cyklů načítání/vymazání
C2 _39 253 __0 00000000002A Teplota
C3 253 252 __0 0000000036BE Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 __1 __1 __0 0000000010E1 Počet chyb v kontrolním součtu UltraDMA
C8 253 252 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 252 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 252 __0 000000000000 Počet chyb při směrování údajů
CB 253 252 180 000000000000 Počet chyb v kódech na opravu chyb
CC 253 252 __0 000000000000 Počet softvérově opravených chyb v opravných kódech
CD 253 252 __0 000000000000 Počet chyb způsobených vysokou teplotou
CF 253 252 __0 000000000000 Množství napětí potřebného na roztočení disku
D0 253 252 __0 000000000000 Počet vyslaných impulzů na roztočení disku při nedostatečném napájení
D1 241 241 __0 00000000009B Výkon při vyhledávaní na disku při interních testech disku
D2 253 252 __0 000000000000 Neznámý
D3 253 252 __0 000000000000 Počet vibrací při čtení
D4 253 252 __0 000000000000 Počet otřesů při zápisu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4C34 3041 3856 3447 2020 2020 2020 2020 2020 2020
020: 0003 4000 0039 4241 4834 3130 3130 4D61 7874 6F72
030: 2036 4C31 3630 5030 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 7C6B 7F09 4673 3E01 3E01 4663 407F 0000
090: 0000 0000 FFFE 6D00 C0FE 0029 0029 00D5 C350 0000
100: 6BBF 1315 0000 0000 0029 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0001 0000 FFFF FFFF 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0021 0021 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CBA5
# AdwCleaner v4.207 - Log vytvořen 26/06/2015 v 11:19:10
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Kirchner - MK-PC
# Spuštěno z : C:\Users\Kirchner\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.130
*************************
AdwCleaner[R3].txt - [897 bytů] - [26/06/2015 11:16:50]
AdwCleaner[S2].txt - [821 bytů] - [26/06/2015 11:19:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [878 bytů] ##########
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Vidim tam stopy MBAM. Udelejte novou kontrolu. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Vkládám výsledek a děkuji za váš čas :
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 29.6.2015
Čas skenování: 7:53:42
Protokol: 01.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.06.28.04
Databáze rootkitů: v2015.06.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Kirchner
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 409687
Uplynulý čas: 1 hod, 13 min, 41 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.MaintainerSvc.A, C:\ProgramData\685d26dc-c30a-434b-bda2-3004e8743669, , [b75d3f815b2f16206d7bb33109fa21df],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 29.6.2015
Čas skenování: 7:53:42
Protokol: 01.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.06.28.04
Databáze rootkitů: v2015.06.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Kirchner
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 409687
Uplynulý čas: 1 hod, 13 min, 41 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.MaintainerSvc.A, C:\ProgramData\685d26dc-c30a-434b-bda2-3004e8743669, , [b75d3f815b2f16206d7bb33109fa21df],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Nalez nechte odstranit, pak muzete MBAM odinstalovat. Dejte novy log z RSITa k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Děkuji vkládám logy :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kirchner at 2015-06-30 12:13:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 435 GB (91%) free of 477 GB
Total RAM: 3328 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:32, on 30.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kirchner\Desktop\Čištění PC 6-2015\RSIT.exe
C:\Program Files\trend micro\Kirchner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Nezapomen] C:\Program Files\Pamatuj\nezapomen.exe 42185
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\system32\xmesrv.exe
--
End of file - 5008 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-10-09 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-10-09 7741440]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-10-09 81920]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Nezapomen"=C:\Program Files\Pamatuj\nezapomen.exe [2000-12-11 458240]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-26 11:16:47 ----D---- C:\AdwCleaner
2015-06-26 10:35:06 ----D---- C:\rsit
2015-06-10 08:38:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:38:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 08:38:36 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 08:38:36 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 08:38:35 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 08:38:34 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 08:38:34 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:38:32 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 08:38:31 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 08:38:31 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 08:38:29 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 08:38:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:38:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:38:27 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 08:38:26 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 08:38:25 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 08:33:01 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 08:33:00 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 08:32:59 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 08:30:43 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 08:30:24 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 08:30:22 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 08:26:21 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 08:26:20 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 08:26:20 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 08:26:20 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:19:27 ----A---- C:\Windows\system32\comctl32.dll
======List of files/folders modified in the last 1 month======
2015-06-30 12:13:33 ----D---- C:\Windows\Prefetch
2015-06-30 12:13:31 ----D---- C:\Program Files\trend micro
2015-06-30 12:13:30 ----D---- C:\Windows\Temp
2015-06-30 10:08:31 ----SHD---- C:\System Volume Information
2015-06-30 08:18:16 ----D---- C:\Windows\system32\config
2015-06-30 08:11:02 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-06-29 15:35:35 ----D---- C:\Users\Kirchner\AppData\Roaming\Skype
2015-06-29 15:08:48 ----HD---- C:\ProgramData
2015-06-26 14:39:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-06-26 14:39:24 ----D---- C:\Windows\system32\drivers
2015-06-25 12:02:37 ----SHD---- C:\Windows\Installer
2015-06-25 12:02:37 ----SHD---- C:\Config.Msi
2015-06-25 12:02:37 ----D---- C:\Windows\system32\Tasks
2015-06-25 08:32:40 ----D---- C:\Users\Kirchner\AppData\Roaming\PrimoPDF
2015-06-23 07:50:55 ----D---- C:\Windows
2015-06-22 12:11:00 ----D---- C:\Users\Kirchner\AppData\Roaming\uTorrent
2015-06-22 12:10:55 ----D---- C:\Windows\inf
2015-06-22 12:10:54 ----D---- C:\Windows\debug
2015-06-17 16:01:37 ----D---- C:\Windows\system32\NDF
2015-06-12 07:57:59 ----SD---- C:\Users\Kirchner\AppData\Roaming\Microsoft
2015-06-11 10:05:06 ----D---- C:\Windows\rescache
2015-06-11 07:51:55 ----D---- C:\Windows\winsxs
2015-06-11 07:49:16 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 07:49:16 ----D---- C:\Windows\system32\appraiser
2015-06-11 07:49:16 ----D---- C:\Windows\System32
2015-06-11 07:49:16 ----D---- C:\Windows\AppPatch
2015-06-11 07:49:15 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 07:49:15 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 07:49:14 ----D---- C:\Windows\system32\en-US
2015-06-11 07:49:13 ----D---- C:\Program Files\Internet Explorer
2015-06-11 07:49:11 ----D---- C:\Program Files\Windows Media Player
2015-06-10 16:36:52 ----D---- C:\Windows\system32\MRT
2015-06-10 16:31:50 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 08:25:54 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-10-30 441760]
R0 viamraid;viamraid; C:\Windows\system32\DRIVERS\viamraid.sys [2014-10-30 142448]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2014-10-30 44384]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2014-04-07 412952]
R3 cmudax;C-Media High Definition Audio Interface; C:\Windows\system32\drivers\cmudax.sys [2004-10-21 1275584]
R3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2014-03-14 99840]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2006-11-02 20992]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 14856]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 51928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2014-10-30 55920]
R2 xmengine service;CryptoPlus XME Engine Service; C:\Windows\system32\xmesrv.exe [2014-10-31 34696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-31 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-30 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01
Ran by Kirchner (administrator) on MK-PC on 30-06-2015 12:18:20
Running from C:\Users\Kirchner\Desktop
Loaded Profiles: Kirchner (Available Profiles: Kirchner)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\VIA\RAID\vialogsv.exe
(Monet+, a.s.) C:\Windows\System32\xmesrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Kirchner\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKU\S-1-5-21-3565674240-4036518550-1107183558-1000\...\Run: [Nezapomen] => C:\Program Files\Pamatuj\nezapomen.exe [458240 2000-12-11] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-31] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={search ... EB_csCZ612
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B302B7EC-FDDC-4853-9D58-6A3514C89B86}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{D4364ADA-4982-4922-B11C-5CAE1FCBC4D3}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3565674240-4036518550-1107183558-1000: @servis24.cz/PKIComponent -> C:\Users\Kirchner\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2015-02-16] (Česká spořitelna, a.s.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-11-03]
Chrome:
=======
CHR Profile: C:\Users\Kirchner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Kirchner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-03]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [55920 2014-10-30] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 xmengine service; C:\Windows\system32\xmesrv.exe [34696 2014-10-31] (Monet+, a.s.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cmudax; C:\Windows\System32\drivers\cmudax.sys [1275584 2004-10-21] (C-Media Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [99840 2014-03-14] (Gemalto)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Corporation)
S3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [4428160 2006-10-09] (NVIDIA Corporation) [File not signed]
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2014-10-30] (Acronis)
R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [142448 2014-10-30] (VIA Technologies Inc.,Ltd)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 12:18 - 2015-06-30 12:18 - 00008058 _____ C:\Users\Kirchner\Desktop\FRST.txt
2015-06-30 12:14 - 2015-06-30 12:18 - 00000000 ____D C:\FRST
2015-06-30 12:02 - 2015-06-30 12:02 - 00112640 _____ (forum.viry.cz) C:\Users\Kirchner\Desktop\FRSTLauncher.exe
2015-06-30 12:01 - 2015-06-30 12:01 - 01636352 _____ (Farbar) C:\Users\Kirchner\Desktop\FRST.exe
2015-06-29 09:09 - 2015-06-29 09:09 - 00001461 _____ C:\Users\Kirchner\Desktop\01.txt
2015-06-26 14:39 - 2015-06-26 14:39 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-26 11:22 - 2015-06-26 14:38 - 00000000 ____D C:\Users\Kirchner\Desktop\Čištění PC 6-2015
2015-06-26 11:16 - 2015-06-26 11:19 - 00000000 ____D C:\AdwCleaner
2015-06-26 10:35 - 2015-06-26 10:35 - 00000000 ____D C:\rsit
2015-06-26 09:58 - 2015-06-26 09:59 - 00000000 ____D C:\Users\Kirchner\Desktop\RIANO Europe
2015-06-23 07:50 - 2015-06-30 08:14 - 00000448 _____ C:\Windows\setupact.log
2015-06-23 07:50 - 2015-06-23 07:50 - 00000000 _____ C:\Windows\setuperr.log
2015-06-19 10:10 - 2015-06-19 11:05 - 00000227 _____ C:\Users\Kirchner\Desktop\DS.txt
2015-06-16 08:44 - 2015-06-18 07:58 - 00000000 ____D C:\Users\Kirchner\Desktop\MŠ Partyzánká
2015-06-15 08:21 - 2015-06-19 11:42 - 00000000 ____D C:\Users\Kirchner\Desktop\Rekonstrukce budovy v Drahanech
2015-06-10 08:38 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 08:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 08:38 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 08:38 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:38 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 08:38 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 08:38 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:38 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 08:38 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:38 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 08:38 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 08:38 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 08:38 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 08:38 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 08:38 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 08:38 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:38 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 08:38 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:38 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 08:38 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:38 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 08:38 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 08:38 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 08:38 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 08:38 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 08:38 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 08:38 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 08:38 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:38 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 08:38 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 08:38 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 08:38 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 08:33 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 08:33 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:33 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 08:33 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 08:33 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 08:33 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 08:32 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 08:32 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 08:32 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 08:32 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 08:32 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 08:32 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 08:30 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 08:30 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 08:30 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 08:30 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 08:30 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 08:26 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 08:26 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 08:26 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 08:26 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 08:26 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 08:24 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 08:24 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 08:24 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 08:24 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 08:24 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:19 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-08 11:42 - 2015-06-15 09:32 - 00000000 ____D C:\Users\Kirchner\Desktop\ZS Drahanovice
2015-06-04 15:03 - 2015-06-05 09:25 - 00000000 ____D C:\Users\Kirchner\Desktop\Cukrovar Prosenice
2015-06-03 11:04 - 2015-06-19 11:35 - 00000000 ____D C:\Users\Kirchner\Desktop\RD Drahanovice
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 12:13 - 2014-11-03 18:09 - 00000000 ____D C:\Program Files\trend micro
2015-06-30 12:06 - 2015-05-19 08:01 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job
2015-06-30 12:06 - 2015-02-06 08:55 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job
2015-06-30 12:00 - 2015-02-06 08:55 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 08:48 - 2014-10-30 15:05 - 01446441 _____ C:\Windows\WindowsUpdate.log
2015-06-30 08:22 - 2014-11-10 10:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-30 08:22 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-30 08:22 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-30 08:14 - 2015-05-19 08:01 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job
2015-06-30 08:14 - 2015-02-06 08:55 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 08:14 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 08:11 - 2014-11-24 11:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-30 08:11 - 2014-11-24 11:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-30 08:10 - 2014-10-31 12:06 - 00000000 ____D C:\Users\Kirchner\AppData\Local\Adobe
2015-06-29 15:35 - 2014-11-03 13:01 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Skype
2015-06-29 14:36 - 2014-10-31 12:12 - 00014788 _____ C:\Users\Kirchner\intlname.ols
2015-06-26 14:39 - 2014-11-10 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-26 14:39 - 2014-11-10 10:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-25 08:32 - 2014-11-03 11:41 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\PrimoPDF
2015-06-24 12:52 - 2014-11-04 09:22 - 00007637 _____ C:\Users\Kirchner\AppData\Local\Resmon.ResmonCfg
2015-06-24 12:22 - 2015-04-08 08:54 - 00000000 ____D C:\Users\Kirchner\Desktop\PU RD Dolany
2015-06-22 12:12 - 2014-11-04 13:32 - 00000000 ____D C:\Users\Kirchner\Documents\CCleaner záloha
2015-06-22 12:11 - 2014-11-03 11:53 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\uTorrent
2015-06-17 16:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 10:52 - 2014-10-30 17:45 - 00000000 ____D C:\Users\Kirchner\Desktop\MyFiles
2015-06-15 15:24 - 2015-04-10 08:07 - 00000000 ____D C:\Users\Kirchner\Desktop\WH výrobní hala
2015-06-11 15:59 - 2015-05-14 09:16 - 00000000 ____D C:\Users\Kirchner\Desktop\Kotelna Svobody
2015-06-11 10:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-11 07:56 - 2014-11-12 12:24 - 00000000 __SHD C:\Users\Kirchner\AppData\Local\EmieBrowserModeList
2015-06-11 07:56 - 2014-10-31 13:26 - 00000000 __SHD C:\Users\Kirchner\AppData\Local\EmieUserList
2015-06-11 07:56 - 2014-10-31 13:26 - 00000000 __SHD C:\Users\Kirchner\AppData\Local\EmieSiteList
2015-06-11 07:51 - 2009-07-14 06:33 - 03751080 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 07:49 - 2014-12-11 08:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 07:49 - 2014-10-30 15:21 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 16:36 - 2014-10-30 15:19 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 16:31 - 2014-10-30 15:19 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-01 08:28 - 2015-04-22 08:23 - 00000000 ____D C:\Users\Kirchner\Desktop\ZŠ Horáka
==================== Files in the root of some directories =======
2014-11-04 09:22 - 2015-06-24 12:52 - 0007637 _____ () C:\Users\Kirchner\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Kirchner\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-23 08:24
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Disk 500 GB) (Fixed) (Total:465.66 GB) (Free:424.66 GB) NTFS
Drive e: (Kikos 160) (Fixed) (Total:152.66 GB) (Free:99.74 GB) NTFS
Available physical RAM: 1989.5 MB
Total physical RAM: 3327.55 MB
Percentage of memory in use: 40%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F510F510)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: C5F42EA5)
Partition 1: (Not Active) - (Size=152.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kirchner\Desktop" je 300 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kirchner at 2015-06-30 12:13:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 435 GB (91%) free of 477 GB
Total RAM: 3328 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:32, on 30.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kirchner\Desktop\Čištění PC 6-2015\RSIT.exe
C:\Program Files\trend micro\Kirchner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Nezapomen] C:\Program Files\Pamatuj\nezapomen.exe 42185
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\system32\xmesrv.exe
--
End of file - 5008 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-10-09 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-10-09 7741440]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-10-09 81920]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Nezapomen"=C:\Program Files\Pamatuj\nezapomen.exe [2000-12-11 458240]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-26 11:16:47 ----D---- C:\AdwCleaner
2015-06-26 10:35:06 ----D---- C:\rsit
2015-06-10 08:38:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:38:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:38:37 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 08:38:36 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 08:38:36 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 08:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 08:38:35 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 08:38:34 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 08:38:34 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 08:38:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:38:32 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 08:38:31 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 08:38:31 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 08:38:29 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 08:38:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:38:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:38:27 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 08:38:26 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 08:38:25 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 08:33:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 08:33:01 ----A---- C:\Windows\system32\logman.exe
2015-06-10 08:33:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 08:33:01 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\smss.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\relog.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 08:33:00 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 08:33:00 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 08:33:00 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 08:32:59 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 08:32:59 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 08:30:44 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 08:30:43 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 08:30:24 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 08:30:22 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 08:26:21 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 08:26:20 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 08:26:20 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 08:26:20 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:24:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 08:24:19 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:24:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:19:27 ----A---- C:\Windows\system32\comctl32.dll
======List of files/folders modified in the last 1 month======
2015-06-30 12:13:33 ----D---- C:\Windows\Prefetch
2015-06-30 12:13:31 ----D---- C:\Program Files\trend micro
2015-06-30 12:13:30 ----D---- C:\Windows\Temp
2015-06-30 10:08:31 ----SHD---- C:\System Volume Information
2015-06-30 08:18:16 ----D---- C:\Windows\system32\config
2015-06-30 08:11:02 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-06-29 15:35:35 ----D---- C:\Users\Kirchner\AppData\Roaming\Skype
2015-06-29 15:08:48 ----HD---- C:\ProgramData
2015-06-26 14:39:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-06-26 14:39:24 ----D---- C:\Windows\system32\drivers
2015-06-25 12:02:37 ----SHD---- C:\Windows\Installer
2015-06-25 12:02:37 ----SHD---- C:\Config.Msi
2015-06-25 12:02:37 ----D---- C:\Windows\system32\Tasks
2015-06-25 08:32:40 ----D---- C:\Users\Kirchner\AppData\Roaming\PrimoPDF
2015-06-23 07:50:55 ----D---- C:\Windows
2015-06-22 12:11:00 ----D---- C:\Users\Kirchner\AppData\Roaming\uTorrent
2015-06-22 12:10:55 ----D---- C:\Windows\inf
2015-06-22 12:10:54 ----D---- C:\Windows\debug
2015-06-17 16:01:37 ----D---- C:\Windows\system32\NDF
2015-06-12 07:57:59 ----SD---- C:\Users\Kirchner\AppData\Roaming\Microsoft
2015-06-11 10:05:06 ----D---- C:\Windows\rescache
2015-06-11 07:51:55 ----D---- C:\Windows\winsxs
2015-06-11 07:49:16 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 07:49:16 ----D---- C:\Windows\system32\appraiser
2015-06-11 07:49:16 ----D---- C:\Windows\System32
2015-06-11 07:49:16 ----D---- C:\Windows\AppPatch
2015-06-11 07:49:15 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 07:49:15 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 07:49:14 ----D---- C:\Windows\system32\en-US
2015-06-11 07:49:13 ----D---- C:\Program Files\Internet Explorer
2015-06-11 07:49:11 ----D---- C:\Program Files\Windows Media Player
2015-06-10 16:36:52 ----D---- C:\Windows\system32\MRT
2015-06-10 16:31:50 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 08:25:54 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-10-30 441760]
R0 viamraid;viamraid; C:\Windows\system32\DRIVERS\viamraid.sys [2014-10-30 142448]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2014-10-30 44384]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2014-04-07 412952]
R3 cmudax;C-Media High Definition Audio Interface; C:\Windows\system32\drivers\cmudax.sys [2004-10-21 1275584]
R3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2014-03-14 99840]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2006-11-02 20992]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 14856]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 51928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2014-10-30 55920]
R2 xmengine service;CryptoPlus XME Engine Service; C:\Windows\system32\xmesrv.exe [2014-10-31 34696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-31 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-30 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01
Ran by Kirchner (administrator) on MK-PC on 30-06-2015 12:18:20
Running from C:\Users\Kirchner\Desktop
Loaded Profiles: Kirchner (Available Profiles: Kirchner)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\VIA\RAID\vialogsv.exe
(Monet+, a.s.) C:\Windows\System32\xmesrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Kirchner\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKU\S-1-5-21-3565674240-4036518550-1107183558-1000\...\Run: [Nezapomen] => C:\Program Files\Pamatuj\nezapomen.exe [458240 2000-12-11] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-31] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={search ... EB_csCZ612
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B302B7EC-FDDC-4853-9D58-6A3514C89B86}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{D4364ADA-4982-4922-B11C-5CAE1FCBC4D3}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3565674240-4036518550-1107183558-1000: @servis24.cz/PKIComponent -> C:\Users\Kirchner\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2015-02-16] (Česká spořitelna, a.s.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-11-03]
Chrome:
=======
CHR Profile: C:\Users\Kirchner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Kirchner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-03]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [55920 2014-10-30] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 xmengine service; C:\Windows\system32\xmesrv.exe [34696 2014-10-31] (Monet+, a.s.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cmudax; C:\Windows\System32\drivers\cmudax.sys [1275584 2004-10-21] (C-Media Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [99840 2014-03-14] (Gemalto)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Corporation)
S3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [4428160 2006-10-09] (NVIDIA Corporation) [File not signed]
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2014-10-30] (Acronis)
R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [142448 2014-10-30] (VIA Technologies Inc.,Ltd)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 12:18 - 2015-06-30 12:18 - 00008058 _____ C:\Users\Kirchner\Desktop\FRST.txt
2015-06-30 12:14 - 2015-06-30 12:18 - 00000000 ____D C:\FRST
2015-06-30 12:02 - 2015-06-30 12:02 - 00112640 _____ (forum.viry.cz) C:\Users\Kirchner\Desktop\FRSTLauncher.exe
2015-06-30 12:01 - 2015-06-30 12:01 - 01636352 _____ (Farbar) C:\Users\Kirchner\Desktop\FRST.exe
2015-06-29 09:09 - 2015-06-29 09:09 - 00001461 _____ C:\Users\Kirchner\Desktop\01.txt
2015-06-26 14:39 - 2015-06-26 14:39 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-26 11:22 - 2015-06-26 14:38 - 00000000 ____D C:\Users\Kirchner\Desktop\Čištění PC 6-2015
2015-06-26 11:16 - 2015-06-26 11:19 - 00000000 ____D C:\AdwCleaner
2015-06-26 10:35 - 2015-06-26 10:35 - 00000000 ____D C:\rsit
2015-06-26 09:58 - 2015-06-26 09:59 - 00000000 ____D C:\Users\Kirchner\Desktop\RIANO Europe
2015-06-23 07:50 - 2015-06-30 08:14 - 00000448 _____ C:\Windows\setupact.log
2015-06-23 07:50 - 2015-06-23 07:50 - 00000000 _____ C:\Windows\setuperr.log
2015-06-19 10:10 - 2015-06-19 11:05 - 00000227 _____ C:\Users\Kirchner\Desktop\DS.txt
2015-06-16 08:44 - 2015-06-18 07:58 - 00000000 ____D C:\Users\Kirchner\Desktop\MŠ Partyzánká
2015-06-15 08:21 - 2015-06-19 11:42 - 00000000 ____D C:\Users\Kirchner\Desktop\Rekonstrukce budovy v Drahanech
2015-06-10 08:38 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 08:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 08:38 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 08:38 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:38 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 08:38 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 08:38 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:38 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 08:38 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:38 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 08:38 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 08:38 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 08:38 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 08:38 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 08:38 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 08:38 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:38 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 08:38 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:38 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 08:38 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:38 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 08:38 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 08:38 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 08:38 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 08:38 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 08:38 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 08:38 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 08:38 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:38 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 08:38 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 08:38 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 08:38 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 08:33 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 08:33 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:33 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 08:33 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 08:33 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 08:33 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 08:33 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 08:33 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 08:32 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 08:32 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 08:32 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 08:32 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 08:32 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 08:32 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 08:30 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 08:30 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 08:30 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 08:30 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 08:30 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 08:30 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 08:26 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 08:26 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 08:26 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 08:26 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 08:26 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 08:24 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 08:24 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 08:24 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 08:24 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 08:24 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:24 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:19 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-08 11:42 - 2015-06-15 09:32 - 00000000 ____D C:\Users\Kirchner\Desktop\ZS Drahanovice
2015-06-04 15:03 - 2015-06-05 09:25 - 00000000 ____D C:\Users\Kirchner\Desktop\Cukrovar Prosenice
2015-06-03 11:04 - 2015-06-19 11:35 - 00000000 ____D C:\Users\Kirchner\Desktop\RD Drahanovice
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-30 12:13 - 2014-11-03 18:09 - 00000000 ____D C:\Program Files\trend micro
2015-06-30 12:06 - 2015-05-19 08:01 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job
2015-06-30 12:06 - 2015-02-06 08:55 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job
2015-06-30 12:00 - 2015-02-06 08:55 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 08:48 - 2014-10-30 15:05 - 01446441 _____ C:\Windows\WindowsUpdate.log
2015-06-30 08:22 - 2014-11-10 10:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-30 08:22 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-30 08:22 - 2009-07-14 06:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-30 08:14 - 2015-05-19 08:01 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job
2015-06-30 08:14 - 2015-02-06 08:55 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 08:14 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 08:11 - 2014-11-24 11:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-30 08:11 - 2014-11-24 11:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-30 08:10 - 2014-10-31 12:06 - 00000000 ____D C:\Users\Kirchner\AppData\Local\Adobe
2015-06-29 15:35 - 2014-11-03 13:01 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Skype
2015-06-29 14:36 - 2014-10-31 12:12 - 00014788 _____ C:\Users\Kirchner\intlname.ols
2015-06-26 14:39 - 2014-11-10 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-26 14:39 - 2014-11-10 10:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-25 08:32 - 2014-11-03 11:41 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\PrimoPDF
2015-06-24 12:52 - 2014-11-04 09:22 - 00007637 _____ C:\Users\Kirchner\AppData\Local\Resmon.ResmonCfg
2015-06-24 12:22 - 2015-04-08 08:54 - 00000000 ____D C:\Users\Kirchner\Desktop\PU RD Dolany
2015-06-22 12:12 - 2014-11-04 13:32 - 00000000 ____D C:\Users\Kirchner\Documents\CCleaner záloha
2015-06-22 12:11 - 2014-11-03 11:53 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\uTorrent
2015-06-17 16:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 10:52 - 2014-10-30 17:45 - 00000000 ____D C:\Users\Kirchner\Desktop\MyFiles
2015-06-15 15:24 - 2015-04-10 08:07 - 00000000 ____D C:\Users\Kirchner\Desktop\WH výrobní hala
2015-06-11 15:59 - 2015-05-14 09:16 - 00000000 ____D C:\Users\Kirchner\Desktop\Kotelna Svobody
2015-06-11 10:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-11 07:56 - 2014-11-12 12:24 - 00000000 __SHD C:\Users\Kirchner\AppData\Local\EmieBrowserModeList
2015-06-11 07:56 - 2014-10-31 13:26 - 00000000 __SHD C:\Users\Kirchner\AppData\Local\EmieUserList
2015-06-11 07:56 - 2014-10-31 13:26 - 00000000 __SHD C:\Users\Kirchner\AppData\Local\EmieSiteList
2015-06-11 07:51 - 2009-07-14 06:33 - 03751080 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 07:49 - 2014-12-11 08:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 07:49 - 2014-10-30 15:21 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 16:36 - 2014-10-30 15:19 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 16:31 - 2014-10-30 15:19 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-01 08:28 - 2015-04-22 08:23 - 00000000 ____D C:\Users\Kirchner\Desktop\ZŠ Horáka
==================== Files in the root of some directories =======
2014-11-04 09:22 - 2015-06-24 12:52 - 0007637 _____ () C:\Users\Kirchner\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Kirchner\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-23 08:24
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Disk 500 GB) (Fixed) (Total:465.66 GB) (Free:424.66 GB) NTFS
Drive e: (Kikos 160) (Fixed) (Total:152.66 GB) (Free:99.74 GB) NTFS
Available physical RAM: 1989.5 MB
Total physical RAM: 3327.55 MB
Percentage of memory in use: 40%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F510F510)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: C5F42EA5)
Partition 1: (Not Active) - (Size=152.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kirchner\Desktop" je 300 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Vypnete trvale Windows Defender. Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-31 194032]
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Děkuji vkládám log :
Fix result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by Kirchner at 2015-07-01 08:28:39 Run:1
Running from C:\Users\Kirchner\Desktop
Loaded Profiles: Kirchner & (Available Profiles: Kirchner)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-31 194032]
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully.
HKU\S-1-5-21-3565674240-4036518550-1107183558-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
SwitchBoard => Service removed successfully.
AdobeARMservice => Service removed successfully.
gupdate => Service removed successfully.
SkypeUpdate => Service removed successfully.
gupdatem => Service removed successfully.
gusvc => Service removed successfully.
C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 5.6 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 08:29:06 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by Kirchner at 2015-07-01 08:28:39 Run:1
Running from C:\Users\Kirchner\Desktop
Loaded Profiles: Kirchner & (Available Profiles: Kirchner)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3565674240-4036518550-1107183558-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-31 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-31 194032]
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully.
HKU\S-1-5-21-3565674240-4036518550-1107183558-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
SwitchBoard => Service removed successfully.
AdobeARMservice => Service removed successfully.
gupdate => Service removed successfully.
SkypeUpdate => Service removed successfully.
gupdatem => Service removed successfully.
gusvc => Service removed successfully.
C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091f9452c46bb.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041d9eb89d16b.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091f945a5dea9.job => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 5.6 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 08:29:06 ====
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc. Nastala nejaka zmena?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Děkuji za Váš čas :
1) DellFix stáhnut spuštěn po 15 sec.zhasl a zmizel z plochy další stáhnutí píše že nelze stáhnout, zkoušeno
na více servrech to stejné.
2) CCleaner znám a používám často provedeno kompletní čištění dle popisu.
3) Disk defragmentován.
4) PC budu sledovat a podam info.
1) DellFix stáhnut spuštěn po 15 sec.zhasl a zmizel z plochy další stáhnutí píše že nelze stáhnout, zkoušeno
na více servrech to stejné.
2) CCleaner znám a používám často provedeno kompletní čištění dle popisu.
3) Disk defragmentován.
4) PC budu sledovat a podam info.
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
DelFix ma uklidit po pouzitych programech. Tak to propadne pomazte rucne.
Dejte pak tedy vedet, jak to vypada, a bud tema uzavreme, nebo se podivame hloubeji.
Dejte pak tedy vedet, jak to vypada, a bud tema uzavreme, nebo se podivame hloubeji.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
Tak jsem DelFix zkusil ještě jednou po restaru a naběhl ještě jsem ručně pročistil a zdá se být o moc lepší děkuji moc za pomoc a Váš čas 
Re: Pomalý náběh IE, zpomalený PC prosím o kontrolu logu....
To jsem rad
Nemate zac!
Kdyby neco, staci se ozvat, budem tady
Mejte se a treba zase nekdy
Nemate zac!
Kdyby neco, staci se ozvat, budem tady
Mejte se a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?