Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomalený ntb + Log z Rsitu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

zpomalený ntb + Log z Rsitu

#1 Příspěvek od TheSeven »

Zdravím dnes se mi dostal do ruky ntb známé která mě prosila o pomoc protože je údajně velmi zasekaný provedl sem jen tak hrubou obhlídku a hned mě do oka bouchly 2 antiviry :D mcfree půjde do kytek já preferuji avast ale prvně vám sem hodím log z rsitu nechci vám komplikovat práci vlastní "akčností" tedy vymazal sem registry a cookies a catche přes CCleaner log z rsitu se na poprvé nepovedl ... při čemž využití procesoru vyskočilo na 100% a rsit se nechtěl ani nechat vypnout na 2 pokus vše ok plánuji odinstalovat nepotřebné programy/toolbary a potom udělat kompletní test mbamem až skončím o log se podělím s mazaním počkám na vás vím že má falešné detekce díky mnohokrát za váš čas :) log zde

Logfile of random's system information tool 1.09 (written by random/random)
Run by okay at 2013-10-20 21:02:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 197 GB (43%) free of 461 GB
Total RAM: 3818 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:02:12, on 20.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\okay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13645 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {56FFCB78-CBCE-42BB-AD45-DDE31765F127}
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2740
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7b245bb0-1f8f-48df-8b01-c1cbe55bb1e8 -SystemEventPortName:HostProcess-fd7aa7f6-c6e8-4d54-8589-738986474234 -IoCancelEventPortName:HostProcess-8216a0f6-fb21-46fd-a2b7-ed6a60c2b74e -NonStateChangingEventPortName:HostProcess-ab9b7561-7d61-42f8-9f17-d30771455022 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:30eef24d-d9e3-4802-a2c0-c984f6d8e2a3 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {DE40B781-4A95-4BE6-BC3A-39EA46990434}
"C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe"
taskeng.exe {5A85608D-4A38-4B4B-8CCA-0C801A44A839}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6092.0.1126013051\961528162" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,24,26 --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x9802 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.822.5.1000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control1 pct:5 stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6092.4.364974059\910324154" /prefetch:673131151
{DBED0581-0776-4F62-BA2D-B58CFF7B2CCA}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control1 pct:5 stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6092.6.1325026882\263408032" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /uac
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\okay\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-10 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23 1451680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-01-24 1521800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-02-19 1337648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-03-27 792864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-10 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-01-24 1521800]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-02-19 1337648]
{98889811-442D-49dd-99D7-DC866BE87DBC}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23 1451680]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-28 2723624]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-22 11831400]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-05-16 1084840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-03-09 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-31 1092688]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-07 336384]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-02-19 177448]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-10-17 1645256]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-02-16 114992]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-02-26 295728]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-20 20:54:32 ----D---- C:\Program Files\trend micro
2013-10-20 20:54:31 ----D---- C:\rsit
2013-10-20 20:27:12 ----D---- C:\Program Files\CCleaner
2013-10-17 17:45:47 ----D---- C:\Program Files\McAfee Security Scan
2013-10-17 16:40:51 ----D---- C:\Program Files (x86)\PowerPoint to Flash
2013-10-10 03:39:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-10 03:39:05 ----A---- C:\Windows\system32\ieui.dll
2013-10-10 03:39:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-10 03:39:00 ----A---- C:\Windows\system32\iesetup.dll
2013-10-10 03:39:00 ----A---- C:\Windows\system32\iernonce.dll
2013-10-10 03:38:59 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-10 03:38:59 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-10 03:38:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-10 03:38:59 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-10 03:38:58 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 03:38:58 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-10 03:38:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-10 03:38:55 ----A---- C:\Windows\system32\iertutil.dll
2013-10-10 03:38:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-10 03:38:50 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-10 03:38:49 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-10 03:38:49 ----A---- C:\Windows\system32\jscript.dll
2013-10-10 03:38:46 ----A---- C:\Windows\system32\jscript9.dll
2013-10-10 03:38:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-10 03:38:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-10 03:38:41 ----A---- C:\Windows\system32\urlmon.dll
2013-10-10 03:38:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-10 03:38:37 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-10 03:38:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-10 03:38:33 ----A---- C:\Windows\system32\wininet.dll
2013-10-10 03:38:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 03:38:25 ----A---- C:\Windows\system32\ieframe.dll
2013-10-10 03:38:19 ----A---- C:\Windows\system32\mshtml.dll
2013-10-10 03:38:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 09:53:30 ----A---- C:\Windows\system32\comctl32.dll
2013-10-09 09:53:29 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 09:53:25 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-09 09:53:22 ----A---- C:\Windows\system32\atmfd.dll
2013-10-09 09:53:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 09:53:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 09:53:21 ----A---- C:\Windows\system32\lpk.dll
2013-10-09 09:53:21 ----A---- C:\Windows\system32\dciman32.dll
2013-10-09 09:53:20 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 09:53:20 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 09:53:20 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 09:53:19 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 09:53:19 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 09:53:17 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 09:53:14 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 09:53:13 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 09:53:10 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 09:53:10 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 09:53:06 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-09 09:53:05 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 09:53:05 ----A---- C:\Windows\system32\davclnt.dll
2013-10-09 09:53:04 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-09 09:53:04 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 09:53:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-09 09:52:59 ----A---- C:\Windows\system32\mswsock.dll
2013-10-09 09:52:58 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-09 09:52:57 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-09 09:52:54 ----A---- C:\Windows\system32\win32k.sys
2013-10-09 09:52:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-09 09:52:14 ----A---- C:\Windows\system32\advapi32.dll
2013-10-09 09:52:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-09 09:52:10 ----A---- C:\Windows\system32\tdh.dll
2013-10-09 09:52:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-09 09:52:07 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-09 09:52:06 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-09 09:52:05 ----A---- C:\Windows\system32\ntdll.dll
2013-10-09 09:52:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-09 09:52:01 ----A---- C:\Windows\system32\wow64.dll
2013-10-09 09:51:47 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-09 09:51:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-09 09:51:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-09 09:51:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-09 09:51:43 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-09 09:51:34 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:51:33 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:51:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-09 09:51:17 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-09 09:50:01 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-09 09:50:01 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-09 09:50:01 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-09 09:50:01 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-09 09:50:00 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-09 09:50:00 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-09 09:50:00 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-09-27 16:11:02 ----D---- C:\Program Files (x86)\Bytescout XLS Viewer

======List of files/folders modified in the last 1 month======

2013-10-20 21:02:09 ----D---- C:\Windows\Temp
2013-10-20 20:54:32 ----RD---- C:\Program Files
2013-10-20 20:36:00 ----D---- C:\Windows\system32\config
2013-10-20 20:35:34 ----D---- C:\Users\okay\AppData\Roaming\Skype
2013-10-20 20:35:25 ----D---- C:\Windows\Panther
2013-10-20 20:35:25 ----D---- C:\Windows\ModemLogs
2013-10-20 20:35:25 ----D---- C:\Windows\inf
2013-10-20 20:35:23 ----D---- C:\Windows\Minidump
2013-10-20 20:35:23 ----D---- C:\Windows\Logs
2013-10-20 20:35:23 ----D---- C:\Windows\debug
2013-10-20 20:35:23 ----D---- C:\Windows
2013-10-20 20:27:23 ----D---- C:\Windows\system32\Tasks
2013-10-20 20:22:46 ----D---- C:\Windows\tracing
2013-10-20 20:17:59 ----D---- C:\ProgramData\clear.fi
2013-10-20 13:57:05 ----D---- C:\Windows\System32
2013-10-20 13:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-20 12:24:46 ----D---- C:\Windows\system32\NDF
2013-10-18 15:12:08 ----SHD---- C:\System Volume Information
2013-10-17 18:11:51 ----SD---- C:\Users\okay\AppData\Roaming\Microsoft
2013-10-17 17:45:47 ----RD---- C:\Program Files (x86)
2013-10-11 15:29:31 ----D---- C:\Windows\Microsoft.NET
2013-10-11 15:29:30 ----RSD---- C:\Windows\assembly
2013-10-10 04:08:31 ----D---- C:\Windows\winsxs
2013-10-10 04:05:21 ----D---- C:\Windows\Prefetch
2013-10-10 04:04:00 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-10 04:03:58 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 04:01:46 ----D---- C:\Windows\SysWOW64
2013-10-10 04:01:44 ----D---- C:\Program Files\Internet Explorer
2013-10-10 04:01:44 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-10 04:01:42 ----D---- C:\Windows\system32\drivers
2013-10-10 04:01:40 ----D---- C:\Windows\AppPatch
2013-10-10 04:01:39 ----D---- C:\Windows\system32\cs-CZ
2013-10-10 04:01:37 ----D---- C:\Windows\system32\DriverStore
2013-10-10 03:43:34 ----SHD---- C:\Windows\Installer
2013-10-10 03:39:55 ----D---- C:\Windows\system32\catroot
2013-10-10 03:39:54 ----D---- C:\Windows\system32\catroot2
2013-10-10 03:21:10 ----D---- C:\Windows\system32\MRT
2013-10-10 03:09:31 ----A---- C:\Windows\system32\MRT.exe
2013-10-09 12:56:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-05 19:41:55 ----D---- C:\ProgramData\CanonIJPLM
2013-10-04 10:49:30 ----D---- C:\Windows\rescache
2013-09-27 22:35:24 ----D---- C:\Users\okay\AppData\Roaming\SoftGrid Client
2013-09-27 14:33:48 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-05-05 22912]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-05-05 20328]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-05-05 62584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-07 9078784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-07 299520]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-03-17 2712064]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-26 2852200]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-28 1417776]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-04-22 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-07 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-31 352848]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-03-09 257344]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe [2013-07-23 240288]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe [2013-07-23 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-08 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-07-26 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-08 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-08 1255736]
S4 Browser Manager;Browser Manager; C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#2 Příspěvek od TheSeven »

Omlouvám se ale celá zpráva se nezobrazila tak jen pro přehlednost " Zdravím dnes se mi dostal do ruky ntb známé která mě prosila o pomoc protože je údajně velmi zasekaný provedl sem jen tak hrubou obhlídku a hned mě do oka bouchly 2 antiviry :D mcfree půjde do kytek já preferuji avast ale prvně vám sem hodím log z rsitu nechci vám komplikovat práci vlastní "akčností" tedy vymazal sem registry a cookies a catche přes CCleaner log z rsitu se na poprvé nepovedl ... při čemž využití procesoru vyskočilo na 100% a rsit se nechtěl ani nechat vypnout na 2 pokus vše ok plánuji odinstalovat nepotřebné programy/toolbary a potom udělat kompletní test mbamem až skončím o log se podělím s mazaním počkám na vás vím že má falešné detekce díky mnohokrát za váš čas :) log zde " btw mě neznámým důvodům mě to cenzuruje různé slova ... :D
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zpomalený ntb + Log z Rsitu

#3 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#4 Příspěvek od TheSeven »

bohužel první log z JRT se nepovedl adwc se povedl JRT zkusím znovu # AdwCleaner v3.009 - Report created 20/10/2013 at 21:23:08
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : okay - OKAY-PC
# Running from : C:\Users\okay\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Browser Manager

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~Browser Manager
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\~BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\okay\AppData\Local\AskToolbar
Folder Deleted : C:\Users\okay\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\okay\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\okay\AppData\Roaming\Babylon
Folder Deleted : C:\Users\okay\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\System32\Tasks\Browser Manager
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\f57d8d1b368be49
Key Deleted : HKLM\SOFTWARE\f57d8d1b368be49
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-earth_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-earth_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
Key Deleted : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [19491 octets] - [20/10/2013 21:19:10]
AdwCleaner[S0].txt - [18983 octets] - [20/10/2013 21:23:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19044 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zpomalený ntb + Log z Rsitu

#5 Příspěvek od vyosek »

Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#6 Příspěvek od TheSeven »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2013
Ran by okay (administrator) on OKAY-PC on 20-10-2013 21:55:44
Running from C:\Users\okay\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11831400 2011-04-22] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKCU\...\Run: [Facebook Update] - C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [WebcamMaxAutoRun] - C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
MountPoints2: {93842661-f128-11e0-8e0a-3860770ceff6} - E:\AutoRun.exe
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1092688 2011-03-31] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-19] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs-x32: [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - {145F3097-4A84-4662-93AA-9DAFDBE4A192} URL = http://websearch.ask.com/redirect?clien ... 1F9FC27B09
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Seznam) - http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: (Seznam) - http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! WebRep) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (Skype Click to Call) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-20 21:55 - 2013-10-20 21:55 - 00000000 ____D C:\FRST
2013-10-20 21:54 - 2013-10-20 21:54 - 00112128 _____ (forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe
2013-10-20 21:53 - 2013-10-20 21:53 - 01954624 _____ (Farbar) C:\Users\okay\Desktop\FRST64.exe
2013-10-20 21:51 - 2013-10-20 21:51 - 00000000 ____D C:\Users\okay\Desktop\Nová složka
2013-10-20 21:49 - 2013-10-20 21:51 - 00000000 ___RD C:\Users\okay\Desktop\Fotky
2013-10-20 21:25 - 2013-10-20 21:25 - 00000056 _____ C:\Windows\setupact.log
2013-10-20 21:25 - 2013-10-20 21:25 - 00000000 _____ C:\Windows\setuperr.log
2013-10-20 21:24 - 2013-10-20 21:24 - 00000580 _____ C:\Windows\PFRO.log
2013-10-20 21:18 - 2013-10-20 21:23 - 00000000 ____D C:\AdwCleaner
2013-10-20 21:18 - 2013-10-20 21:18 - 01056666 _____ C:\Users\okay\Desktop\adwcleaner.exe
2013-10-20 21:13 - 2013-10-20 21:13 - 01033335 _____ (Thisisu) C:\Users\okay\Desktop\JRT.exe
2013-10-20 21:13 - 2013-10-20 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-10-20 20:54 - 2013-10-20 21:02 - 00000000 ____D C:\Program Files\trend micro
2013-10-20 20:54 - 2013-10-20 20:54 - 00000000 ____D C:\rsit
2013-10-20 20:53 - 2013-10-20 20:53 - 00935175 _____ C:\Users\okay\Desktop\RSITx64.exe
2013-10-20 20:27 - 2013-10-20 20:27 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 20:27 - 2013-10-20 20:27 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 20:27 - 2013-10-20 20:27 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 12:58 - 2013-10-20 13:49 - 940130304 _____ C:\Users\okay\Desktop\Muži v naději 2011 CZ film DVDRip.avi
2013-10-17 18:16 - 2012-11-29 21:07 - 00000000 ____D C:\Users\okay\Desktop\09.Kultura v raněstředověké Evropě
2013-10-17 18:15 - 2013-10-17 18:16 - 00944776 _____ C:\Users\okay\Desktop\Kultura_v_ranestredoveke_Evrope.zip
2013-10-17 17:45 - 2013-10-17 17:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 16:41 - 2013-10-17 16:41 - 00000000 ____D C:\Users\okay\Documents\My Converted Files
2013-10-17 16:40 - 2013-10-17 16:40 - 00001093 _____ C:\Users\okay\Desktop\PowerPoint to Flash.lnk
2013-10-17 16:40 - 2013-10-17 16:40 - 00000000 ____D C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint to Flash
2013-10-17 16:40 - 2013-10-17 16:40 - 00000000 ____D C:\Program Files (x86)\PowerPoint to Flash
2013-10-17 16:39 - 2013-10-17 16:39 - 00989824 _____ (Dreamingsoft, Inc.) C:\Users\okay\Desktop\pfsetup.exe
2013-10-10 03:39 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 03:39 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 03:39 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 03:39 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 03:39 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 03:39 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 03:39 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 03:38 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 03:38 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 03:38 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 03:38 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 03:38 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 03:38 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 03:38 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 03:38 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 03:38 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 03:38 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 14:32 - 2013-10-09 14:38 - 741692882 _____ C:\Users\okay\Desktop\Sanitka-2---5.-díl-(2013)-MONTY-698.avi
2013-10-09 09:53 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 09:53 - 2013-08-29 03:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-09 09:53 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 09:53 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 09:53 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 09:53 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 09:53 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 09:53 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 09:53 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 09:53 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 09:53 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 09:53 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 09:53 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 09:53 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 09:53 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 09:53 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 09:53 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 09:53 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 09:53 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 09:53 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 09:53 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 09:53 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 09:53 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 09:53 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 09:52 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 09:52 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 09:52 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 09:52 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 09:52 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 09:52 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 09:52 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 09:52 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 09:52 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 09:52 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 09:52 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 09:52 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 09:52 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 09:52 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 09:51 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 09:51 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 09:51 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 09:51 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 09:51 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 09:51 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 09:51 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 09:51 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:51 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 09:50 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 09:50 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 09:50 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 09:50 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 09:50 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 09:50 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 09:50 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-09-27 16:11 - 2013-09-27 16:13 - 00001012 _____ C:\Users\okay\Desktop\Bytescout XLS Viewer.lnk
2013-09-27 16:11 - 2013-09-27 16:13 - 00000000 ____D C:\Program Files (x86)\Bytescout XLS Viewer
2013-09-27 16:09 - 2013-09-27 16:10 - 00339904 _____ (Bytescout Software ) C:\Users\okay\Desktop\XLSViewer (1).exe
2013-09-27 16:08 - 2013-09-27 16:08 - 00339904 _____ (Bytescout Software ) C:\Users\okay\Desktop\XLSViewer.exe

==================== One Month Modified Files and Folders =======

2013-10-20 21:56 - 2012-04-12 17:19 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-20 21:55 - 2013-10-20 21:55 - 00000000 ____D C:\FRST
2013-10-20 21:54 - 2013-10-20 21:54 - 00112128 _____ (forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe
2013-10-20 21:53 - 2013-10-20 21:53 - 01954624 _____ (Farbar) C:\Users\okay\Desktop\FRST64.exe
2013-10-20 21:51 - 2013-10-20 21:51 - 00000000 ____D C:\Users\okay\Desktop\Nová složka
2013-10-20 21:51 - 2013-10-20 21:49 - 00000000 ___RD C:\Users\okay\Desktop\Fotky
2013-10-20 21:43 - 2011-10-08 20:50 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-20 21:33 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-20 21:33 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-20 21:30 - 2011-07-26 19:02 - 01452237 _____ C:\Windows\WindowsUpdate.log
2013-10-20 21:27 - 2012-11-04 22:58 - 05978624 ___SH C:\Users\okay\Desktop\Thumbs.db
2013-10-20 21:27 - 2012-06-10 11:21 - 00000978 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000UA.job
2013-10-20 21:26 - 2011-08-27 19:44 - 00000000 ____D C:\ProgramData\clear.fi
2013-10-20 21:25 - 2013-10-20 21:25 - 00000056 _____ C:\Windows\setupact.log
2013-10-20 21:25 - 2013-10-20 21:25 - 00000000 _____ C:\Windows\setuperr.log
2013-10-20 21:25 - 2012-05-02 23:26 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-20 21:25 - 2011-10-08 20:50 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-20 21:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-20 21:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-10-20 21:24 - 2013-10-20 21:24 - 00000580 _____ C:\Windows\PFRO.log
2013-10-20 21:23 - 2013-10-20 21:18 - 00000000 ____D C:\AdwCleaner
2013-10-20 21:23 - 2012-08-12 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-20 21:18 - 2013-10-20 21:18 - 01056666 _____ C:\Users\okay\Desktop\adwcleaner.exe
2013-10-20 21:13 - 2013-10-20 21:13 - 01033335 _____ (Thisisu) C:\Users\okay\Desktop\JRT.exe
2013-10-20 21:13 - 2013-10-20 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-10-20 21:02 - 2013-10-20 20:54 - 00000000 ____D C:\Program Files\trend micro
2013-10-20 20:54 - 2013-10-20 20:54 - 00000000 ____D C:\rsit
2013-10-20 20:53 - 2013-10-20 20:53 - 00935175 _____ C:\Users\okay\Desktop\RSITx64.exe
2013-10-20 20:35 - 2012-05-26 07:29 - 00000000 ____D C:\Windows\Minidump
2013-10-20 20:35 - 2011-10-22 14:08 - 00000000 ____D C:\Users\okay\AppData\Roaming\Skype
2013-10-20 20:35 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-10-20 20:27 - 2013-10-20 20:27 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 20:27 - 2013-10-20 20:27 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 20:27 - 2013-10-20 20:27 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 13:57 - 2011-07-26 19:46 - 00631970 _____ C:\Windows\system32\perfh005.dat
2013-10-20 13:57 - 2011-07-26 19:46 - 00122334 _____ C:\Windows\system32\perfc005.dat
2013-10-20 13:57 - 2009-07-14 07:13 - 01471810 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-20 13:49 - 2013-10-20 12:58 - 940130304 _____ C:\Users\okay\Desktop\Muži v naději 2011 CZ film DVDRip.avi
2013-10-20 12:27 - 2012-06-10 11:21 - 00000956 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000Core.job
2013-10-20 12:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-18 20:52 - 2011-10-08 20:52 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-17 19:01 - 2013-04-08 12:44 - 00000000 ____D C:\Users\okay\Desktop\londýn
2013-10-17 18:16 - 2013-10-17 18:15 - 00944776 _____ C:\Users\okay\Desktop\Kultura_v_ranestredoveke_Evrope.zip
2013-10-17 17:46 - 2013-03-03 18:44 - 00001935 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-17 17:45 - 2013-10-17 17:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 16:41 - 2013-10-17 16:41 - 00000000 ____D C:\Users\okay\Documents\My Converted Files
2013-10-17 16:40 - 2013-10-17 16:40 - 00001093 _____ C:\Users\okay\Desktop\PowerPoint to Flash.lnk
2013-10-17 16:40 - 2013-10-17 16:40 - 00000000 ____D C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint to Flash
2013-10-17 16:40 - 2013-10-17 16:40 - 00000000 ____D C:\Program Files (x86)\PowerPoint to Flash
2013-10-17 16:39 - 2013-10-17 16:39 - 00989824 _____ (Dreamingsoft, Inc.) C:\Users\okay\Desktop\pfsetup.exe
2013-10-10 04:04 - 2013-03-13 23:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 04:04 - 2009-07-14 06:45 - 00283376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 04:03 - 2013-03-13 23:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 03:21 - 2013-07-12 15:53 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 03:09 - 2012-04-18 07:31 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 14:38 - 2013-10-09 14:32 - 741692882 _____ C:\Users\okay\Desktop\Sanitka-2---5.-díl-(2013)-MONTY-698.avi
2013-10-09 12:56 - 2012-04-12 17:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 12:56 - 2012-04-12 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 12:56 - 2012-04-12 17:19 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-07 15:38 - 2011-10-08 20:50 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-07 15:38 - 2011-10-08 20:50 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-05 19:41 - 2013-09-10 22:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-10-04 10:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-27 22:35 - 2012-01-31 15:14 - 00000000 ____D C:\Users\okay\AppData\Roaming\SoftGrid Client
2013-09-27 16:13 - 2013-09-27 16:11 - 00001012 _____ C:\Users\okay\Desktop\Bytescout XLS Viewer.lnk
2013-09-27 16:13 - 2013-09-27 16:11 - 00000000 ____D C:\Program Files (x86)\Bytescout XLS Viewer
2013-09-27 16:10 - 2013-09-27 16:09 - 00339904 _____ (Bytescout Software ) C:\Users\okay\Desktop\XLSViewer (1).exe
2013-09-27 16:08 - 2013-09-27 16:08 - 00339904 _____ (Bytescout Software ) C:\Users\okay\Desktop\XLSViewer.exe
2013-09-27 15:04 - 2012-01-31 15:14 - 00000000 ____D C:\Users\okay\Desktop\Microsoft Office Starter (čeština)
2013-09-23 01:28 - 2013-10-10 03:38 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 03:38 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 03:39 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-10 03:39 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-10 03:38 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-10 03:38 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 03:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 03:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 03:39 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-10 03:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-10 03:39 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-10 03:38 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-21 05:38 - 2013-10-10 03:39 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-10 03:39 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-10 03:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-10 03:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Some content of TEMP:
====================
C:\Users\okay\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\okay\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-09-26 15:08




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:193.7 GB) NTFS
Drive e: () (Removable) (Total:3.73 GB) (Free:0.22 GB) FAT32

Available physical RAM: 2268.39 MB
Total physical RAM: 3817.9 MB
Percentage of memory in use: 40%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 979D2D98)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5925E400
AlternateDataStreams: C:\ProgramData\Temp:8173A019

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\okay\Desktop" je 193514 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


+ Addition.txt http://leteckaposta.cz/992421318
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zpomalený ntb + Log z Rsitu

#7 Příspěvek od vyosek »

:arrow: Odinstalujte McAfee Security Scan

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKCU\...\Run: [Facebook Update] - C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [WebcamMaxAutoRun] - C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
MountPoints2: {93842661-f128-11e0-8e0a-3860770ceff6} - E:\AutoRun.exe
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs-x32: [ ] ()

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - {145F3097-4A84-4662-93AA-9DAFDBE4A192} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=EW&apn_dtid=YYYYYYYYCZ&apn_uid=3FB78A05-907D-4B75-9D82-1259204C6000&apn_sauid=D1333232-414E-4714-9B81-3C1F9FC27B09
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File

CHR DefaultSearchURL: (Seznam) - http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: (Seznam) - http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5925E400
AlternateDataStreams: C:\ProgramData\Temp:8173A019

Hosts:

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#8 Příspěvek od TheSeven »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-10-2013
Ran by okay at 2013-10-20 22:27:42 Run:1
Running from C:\Users\okay\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Facebook Update] - C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [WebcamMaxAutoRun] - C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
MountPoints2: {93842661-f128-11e0-8e0a-3860770ceff6} - E:\AutoRun.exe
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
AppInit_DLLs-x32: [ ] ()

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKCU - {145F3097-4A84-4662-93AA-9DAFDBE4A192} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=EW&apn_dtid=YYYYYYYYCZ&apn_uid=3FB78A05-907D-4B75-9D82-1259204C6000&apn_sauid=D1333232-414E-4714-9B81-3C1F9FC27B09
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File

CHR DefaultSearchURL: (Seznam) - http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: (Seznam) - http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5925E400
AlternateDataStreams: C:\ProgramData\Temp:8173A019

Hosts:

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WebcamMaxAutoRun => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93842661-f128-11e0-8e0a-3860770ceff6} => Key deleted successfully.
HKCR\CLSID\{93842661-f128-11e0-8e0a-3860770ceff6} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SuiteTray => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisTecPMMUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CanonSolutionMenuEx => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{145F3097-4A84-4662-93AA-9DAFDBE4A192} => Key deleted successfully.
HKCR\CLSID\{145F3097-4A84-4662-93AA-9DAFDBE4A192} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
CHR DefaultSearchURL: (Seznam) - http://search.seznam.cz/?q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Seznam) - http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8 ==> The Chrome "Settings" can be used to fix the entry.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-343912610-2355952214-1931838030-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5925E400" ADS removed successfully.
C:\ProgramData\Temp => ":8173A019" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#9 Příspěvek od TheSeven »

dočistil sem mbamem snad to nevadí zde je log Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.20.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
okay :: OKAY-PC [administrátor]

Ochrana: Povolena

20.10.2013 22:55:46
mbam-log-2013-10-20 (22-55-46).txt

Typ: Kompletní kontrola (C:\|E:\|Q:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 355497
Uplynulý čas: 1 hodin, 36 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 48
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mghooking.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\SweetIM.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir (PUP.Optional.SweetPacks) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.6.4.6\~BabylonToolbarApp.dll.vir (PUP.Optional.BabylonToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.6.4.6\~BabylonToolbarEng.dll.vir (PUP.Optional.BabylonToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.6.4.6\~BabylonToolbarsrv.exe.vir (PUP.Optional.BabylonToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.6.4.6\~BabylonToolbarTlbr.dll.vir (PUP.Optional.BabylonToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.6.4.6\~uninstall.exe.vir (PUP.Optional.BabylonToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\okay\AppData\Local\Temp\~nsu.tmp\Au_.exe (PUP.Adware.Gotclip.ScamLotto) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\Installer\2096af9f.msi (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\Installer\2096afab.msi (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.

(konec)

vše sem smazal snad je to dobře ... :) díky za váš čas
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#10 Příspěvek od TheSeven »

Bohužel musím konstatovat že ntb je stále docela pomalý o proti tomu jak fungoval dříve dnes v 6 hodin ho nesu zpátky vím že to děláte dobrovolně ve svém volném čase ale docela by si mi hodila pomoc jaksi to sám nezvládám díky mnohokrát za váš čas
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zpomalený ntb + Log z Rsitu

#11 Příspěvek od vyosek »

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Doporucuji provest defragmentaci disku
  • Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
    • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
    • prepnete se do zalozky Nastroje
    • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
    • Toto provedte se vsemi disky
  • Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
    • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
    • Kliknete na Analyzovat
    • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
    • Postup provedte se vsemi disky
  • Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
    • Vyhodou programku je, ze se neinstaluje
    • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
    • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
    • Probehne analyza disku a nasledne i defragmentace
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#12 Příspěvek od TheSeven »

ccleaner mám používám,defragmentace disku tam běží právě ted už něco okolo 8 hodin až se dokončí pustím tam T-cleaner,OTC,TFC díky až vše dokončím mám sem hoditlog z rsitu nebo takhle můžu počítač už považovat za odvirovaný pouze zaneřáděný? abych věděl dočistění není problém ale aby byl bez virů
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zpomalený ntb + Log z Rsitu

#13 Příspěvek od vyosek »

:arrow: To poradi pouziti utilit je davano zamerne po sobe, ne jit od konce :?:

:arrow: PC by mel byt cisty, ale az vse dokoncite, tak muzete dat novy log z RSITu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
TheSeven
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 20 říj 2013 19:49

Re: zpomalený ntb + Log z Rsitu

#14 Příspěvek od TheSeven »

chápu že je to postupně ale jak píši ntb vracím za pár hodin tedy defragmentaci sem zapnul už ráno a jede do teď po dokončení se vrhnu na váš návod a defragmentaci znovu zvládne už sama doma :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zpomalený ntb + Log z Rsitu

#15 Příspěvek od vyosek »

Ja si tez myslim ze spustit Defragller a kliknout na Defragmentovat zvladne i prumerne nadany delfin :)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“