Pomalé PC/boot/zamrzávaní PC/sekání videí

Zpráva

cloudstrife · #1 Příspěvek od **cloudstrife** » 24 úno 2014 23:43

Ahoj milí přátelé, posledních pár dní mi připadá, že mi pomalu ale jistě odchází PC. Boot pomalu trvá 3 až 5 minut (úvodní znělka Windows zahraje až jsou načtené ikony). PC si někdy zamane, že zamrzne a nepomůže nic jiného než restart (nereaguje myš ani klávesnice). U videí trvá zásek 3 sekundy, až poté běží video plynule a je jedno, zda li se jedná o YT či videa na disku. PC je pravidelně aktualizován, proti malwarům jsem použil Spybot Search & Destroy a poté ESET Smart Security.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2014-02-24 23:19:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 201 GB (42%) free of 477 GB
Total RAM: 4079 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:19:06, on 24.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Users\Martin\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (file missing)
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Snap] C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect Firefox Software Updater Service (WCUService_STC_FF) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14144 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1313995858-941051601-403820073-1690244845-14651321269385495562065207431492261982
"C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe"
adb fork-server server
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
WLIDSvcM.exe 2268
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Users\Martin\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe"
"C:\Users\Martin\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3012.0.1660981525\129529853" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x0e22 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3489 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3012.2.446739342\835359855" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3012.3.313089995\925031157" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3012.4.361883353\1446834769" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3012.5.149341796\976253245" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3012.7.1712419559\795577583" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3012.8.311231677\1119259335" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3012.11.1622138489\228513212" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3012.12.1385587537\470693351" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3012.17.407048677\239922863" /prefetch:673131151
"C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R3_Stable_Experiment/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group9 pct:10i stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3012.21.1336332117\280899592" /prefetch:673131151
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Martin\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2757e742bbf3.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4106746080-1543361611-121868080-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4106746080-1543361611-121868080-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}]
Splashtop Connect VisualBookmark - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2011-01-21 345968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-05-10 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-04 11772520]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-11-05 2320752]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-02-05 1179576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=~C:\Program Files\ICQ6.5\ICQ.exe silent []
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Google Update"=C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"STCAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [2011-01-21 776064]
"ZyngaGamesAgent"=C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [2010-11-15 841544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []
"Snap"=C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe [2011-07-13 163840]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-24 23:19:01 ----D---- C:\rsit
2014-02-24 23:19:01 ----D---- C:\Program Files\trend micro
2014-02-24 23:01:59 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-02-24 23:01:59 ----A---- C:\Windows\system32\nvspcap64.dll
2014-02-24 23:00:50 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-02-24 23:00:25 ----A---- C:\Windows\system32\nvvsvc.exe
2014-02-24 23:00:25 ----A---- C:\Windows\system32\nvsvcr.dll
2014-02-24 23:00:25 ----A---- C:\Windows\system32\nvsvc64.dll
2014-02-24 23:00:25 ----A---- C:\Windows\system32\nvshext.dll
2014-02-24 23:00:25 ----A---- C:\Windows\system32\nvmctray.dll
2014-02-24 23:00:25 ----A---- C:\Windows\system32\nvcpl.dll
2014-02-24 23:00:01 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-02-24 23:00:01 ----A---- C:\Windows\system32\OpenCL.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-24 22:53:39 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvhdap64.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvdispco6433489.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-02-24 22:53:39 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-02-24 22:53:39 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-24 22:53:39 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-02-24 22:53:38 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-24 22:53:38 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-24 22:53:38 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-24 22:53:38 ----A---- C:\Windows\system32\nvapi64.dll
2014-02-24 22:42:40 ----N---- C:\bootsqm.dat
2014-02-24 19:42:04 ----D---- C:\Users\Martin\AppData\Roaming\AC3Filter
2014-02-14 00:41:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-14 00:41:21 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 00:40:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-14 00:40:43 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 00:40:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-14 00:40:42 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 00:40:42 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 00:40:42 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 00:40:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 00:40:42 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-14 00:40:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-14 00:40:41 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 00:40:41 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 00:40:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 00:40:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 00:40:41 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 00:40:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 00:40:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 00:40:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-14 00:40:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-14 00:40:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-14 00:40:40 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 00:40:40 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 00:40:40 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 00:40:40 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 00:40:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-14 00:40:39 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 00:40:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-14 00:40:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-14 00:40:38 ----A---- C:\Windows\system32\jscript9.dll
2014-02-13 08:49:20 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-13 08:49:20 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-13 08:49:20 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-13 08:49:20 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-13 08:49:16 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-13 08:49:16 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 08:49:16 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-13 08:49:16 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-13 08:49:16 ----A---- C:\Windows\system32\secproc.dll
2014-02-13 08:49:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 08:49:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 08:49:16 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 08:49:16 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-13 08:49:16 ----A---- C:\Windows\system32\msdrm.dll
2014-02-13 08:49:12 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-13 08:49:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-13 08:49:12 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-13 08:49:12 ----A---- C:\Windows\system32\d2d1.dll
2014-02-04 19:17:36 ----D---- C:\Users\Martin\AppData\Roaming\ESET
2014-02-04 19:16:17 ----D---- C:\ProgramData\ESET
2014-02-04 19:16:17 ----D---- C:\Program Files\ESET
2014-01-27 19:17:03 ----D---- C:\ProgramData\HP

======List of files/folders modified in the last 1 month======

2014-02-24 23:19:03 ----D---- C:\Windows\Temp
2014-02-24 23:19:01 ----RD---- C:\Program Files
2014-02-24 23:10:02 ----D---- C:\Windows\system32\config
2014-02-24 23:08:12 ----A---- C:\Windows\SYSWOW64\log.txt
2014-02-24 23:06:34 ----D---- C:\Windows\Prefetch
2014-02-24 23:04:52 ----D---- C:\ProgramData\NVIDIA
2014-02-24 23:02:37 ----SHD---- C:\System Volume Information
2014-02-24 23:01:59 ----D---- C:\Windows\SysWOW64
2014-02-24 23:01:59 ----D---- C:\Windows\System32
2014-02-24 23:01:59 ----D---- C:\Program Files\NVIDIA Corporation
2014-02-24 23:01:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-24 23:01:47 ----D---- C:\ProgramData\NVIDIA Corporation
2014-02-24 23:01:45 ----RSD---- C:\Windows\assembly
2014-02-24 23:01:13 ----D---- C:\Windows\system32\DriverStore
2014-02-24 23:01:13 ----D---- C:\Windows\system32\drivers
2014-02-24 23:01:13 ----D---- C:\Windows\system32\catroot
2014-02-24 23:01:13 ----D---- C:\Windows\inf
2014-02-24 23:00:54 ----SHD---- C:\Windows\Installer
2014-02-24 23:00:50 ----RD---- C:\Program Files (x86)
2014-02-24 23:00:24 ----D---- C:\Windows\Help
2014-02-24 22:59:48 ----D---- C:\Windows\system32\catroot2
2014-02-24 22:55:12 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-24 22:51:15 ----A---- C:\Windows\wininit.ini
2014-02-24 22:51:08 ----SD---- C:\ProgramData\Microsoft
2014-02-24 22:51:08 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-02-24 22:46:26 ----D---- C:\Windows
2014-02-24 15:04:47 ----D---- C:\Users
2014-02-21 18:37:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-17 19:22:29 ----D---- C:\Program Files (x86)\Steam
2014-02-17 00:41:20 ----D---- C:\Windows\system32\MRT
2014-02-17 00:39:33 ----A---- C:\Windows\system32\MRT.exe
2014-02-15 15:27:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-14 16:30:35 ----D---- C:\Windows\rescache
2014-02-14 15:20:28 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2014-02-14 12:29:40 ----D---- C:\ProgramData\Skype
2014-02-14 12:29:36 ----RD---- C:\Program Files (x86)\Skype
2014-02-14 08:50:56 ----D---- C:\Windows\Microsoft.NET
2014-02-14 08:32:47 ----D---- C:\Windows\winsxs
2014-02-14 08:30:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 08:30:47 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 08:30:46 ----D---- C:\Program Files\Internet Explorer
2014-02-14 08:30:46 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 00:52:18 ----D---- C:\ProgramData\Microsoft Help
2014-02-14 00:51:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-14 00:42:09 ----A---- C:\Windows\win.ini
2014-02-13 21:32:35 ----D---- C:\Program Files (x86)\Battle.net
2014-02-11 19:34:31 ----D---- C:\Windows\Tasks
2014-02-11 19:34:31 ----D---- C:\Windows\system32\Tasks
2014-02-04 19:16:17 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-28 526392]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-28 271424]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-04 2697448]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-11-05 34160]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
R3 usbcamcl;Driver for usbcamcl Device; C:\Windows\system32\DRIVERS\usbcamcl.sys [2011-12-08 62184]
S3 anttphrn;anttphrn; C:\Windows\system32\drivers\anttphrn.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\Martin\AppData\Local\Temp\EverestDriver.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-09-25 36928]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-10-26 87368]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-10-08 166912]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-08 76888]
R2 SCBackService;Splashtop Connect Service; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-03-24 493384]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-29 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-29 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 25 úno 2014 10:03

Zdravim

Spybota odinstalujte, program je zastaraly a tedy k nicemu.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

cloudstrife · #3 Příspěvek od **cloudstrife** » 01 bře 2014 15:28

Omlouvám se za zpoždění, dříve to holt nešlo. Spybot úspešně odinstalován. Zde jsou logy.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/03/01 15:26:02

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- ASUS DRW-24B3ST ATA Device
+ ATA Channel 1 (1) [ATA]
- WDC WD2500KS-00MJB0 ATA Device
+ Intel(R) 6 Series/C200 Series Chipset Family 4 port Serial ATA Storage Controller - 1C00 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) 6 Series/C200 Series Chipset Family 2 port Serial ATA Storage Controller - 1C08 [ATA]
+ ATA Channel 0 (0)
- SAMSUNG HD502HJ ATA Device
- ATA Channel 1 (1)
+ AJPF9XL0 IDE Controller [SCSI]
- PULCBEN 5MFGDEN SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502HJ : 500,1 GB [0/0/0, pd1]
(2) WDC WD2500KS-00MJB0 : 250,0 GB [1/3/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD502HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502HJ
Firmware : 1AJ10001
Serial Number : S20BJ9BB401593
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 12701 hod.
Power On Count : 2563 krát
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000529 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _83 _82 _25 000000001524 Čas na roztočení ploten
04 _98 _98 __0 000000000A14 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 00000000319D Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 252 252 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A03 Počet cyklů zapnutí zařízení
BF _72 _72 __0 000000046D34 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _62 _56 __0 002C00100026 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000003246 Počet chyb při zápisu sektorů
DF 252 252 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 000000000A15 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 5332 3042 4A39 4242 3430 3933 3933 2020 2020 2020
020: 0000 8000 0004 3141 4A31 3031 3031 5341 4D53 554E
030: 4720 4844 3530 3248 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 004C 0040
080: 01FF 0028 746B 7F69 4123 BC41 BC41 4123 207F 0026
090: 0026 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 4000 4000 0000 5002 4E92
110: 04DE C989 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F8A5

----------------------------------------------------------------------------
(2) WDC WD2500KS-00MJB0
----------------------------------------------------------------------------
Model : WDC WD2500KS-00MJB0
Firmware : 02.01C03
Serial Number : WD-WCANK4215963
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 16384 KB
Queue Depth : 1
# of Sectors : 488395055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 32267 hod.
Power On Count : 4885 krát
Temparature : 46 C (114 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 237 191 _21 000000000C45 Čas na roztočení ploten
04 _96 _96 __0 00000000137A Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _56 _56 __0 000000007E0B Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 000000001315 Počet cyklů zapnutí zařízení
BE _54 _33 _45 00000000002E Teplota toku vzduchu
C2 104 _83 __0 00000000002E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 0000000006DF Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4B34 4B34 3231 3539 3633
020: 0000 8000 0032 3032 2E30 3033 3033 5744 4320 5744
030: 3235 3030 4B53 2D30 304D 3020 3020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0606 0606 0000 0040 0040
080: 00FE 0000 746B 7F01 4023 3C01 3C01 4023 207F 0000
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 512F 1D1C 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1663 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 39A5

cloudstrife · #4 Příspěvek od **cloudstrife** » 01 bře 2014 15:32

# AdwCleaner v3.020 - Report created 01/03/2014 at 15:30:19
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Documents\Images\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : SCBackService

***** [ Files / Folders ] *****

File Found : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.triple-search.com_0.localstorage
File Found : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.triple-search.com_0.localstorage-journal
File Found : C:\Users\Martin\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\Extensions\gophoto@gophoto.it.xpi
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\Extensions\hdvc3@hdvidcodec.com.xpi
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\Askcom.xml
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\daemon-search.xml
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\icqplugin.xml
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\qip-search.xml
File Found : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\user.js
Folder Found : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Found C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found C:\Program Files (x86)\FreeHDSport.TV
Folder Found C:\Program Files (x86)\Gophoto.it
Folder Found C:\Program Files (x86)\HDvidCodec.com
Folder Found C:\Program Files (x86)\ICQ6Toolbar
Folder Found C:\Program Files (x86)\Splashtop
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found C:\ProgramData\Splashtop
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Martin\AppData\Local\thinstall
Folder Found C:\Users\Martin\AppData\Roaming\Media Finder
Folder Found C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found C:\Users\Martin\AppData\Roaming\Splashtop
Folder Found C:\Users\Martin\AppData\Roaming\Systweak
Folder Found C:\Users\Martin\AppData\Roaming\thinstall

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Found : HKCU\Software\Splashtop Inc.
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dt soft\daemon tools toolbar
Key Found : [x64] HKCU\Software\MediaFinder
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : [x64] HKCU\Software\Splashtop Inc.
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Key Found : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Key Found : HKLM\SOFTWARE\Classes\STC.OptionMenu
Key Found : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Key Found : HKLM\SOFTWARE\Classes\STC.Protocol
Key Found : HKLM\SOFTWARE\Classes\STC.Protocol.1
Key Found : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Key Found : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Key Found : HKLM\SOFTWARE\Classes\STC.WebObject
Key Found : HKLM\SOFTWARE\Classes\STC.WebObject.1
Key Found : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Key Found : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Key Found : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Key Found : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Key Found : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Key Found : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\Software\Splashtop Inc.
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\prefs.js ]

Line Found : user_pref("browser.search.defaultengine", "Ask.com");
Line Found : user_pref("browser.search.defaultenginename", "Ask.com");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("extensions.BabylonToolbar.admin", false);
Line Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Found : user_pref("extensions.BabylonToolbar.babExt", "");
Line Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=111015");
Line Found : user_pref("extensions.BabylonToolbar.bbDpng", 28);
Line Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Found : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Line Found : user_pref("extensions.BabylonToolbar.hmpg", true);
Line Found : user_pref("extensions.BabylonToolbar.id", "a42669810000000000001c6f65deed6c");
Line Found : user_pref("extensions.BabylonToolbar.instlDay", "15426");
Line Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Found : user_pref("extensions.BabylonToolbar.lastDP", 28);
Line Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1722:50:24");
Line Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0");
Line Found : user_pref("extensions.BabylonToolbar.newTab", true);
Line Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Line Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Line Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Found : user_pref("extensions.BabylonToolbar.propectorlck", 71448084);
Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Line Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Found : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Found : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Line Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Line Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1722:50:24");
Line Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Line Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111015");
Line Found : user_pref("extensions.BabylonToolbar_i.hardId", "a42669810000000000001c6f65deed6c");
Line Found : user_pref("extensions.BabylonToolbar_i.id", "a42669810000000000001c6f65deed6c");
Line Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15426");
Line Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:50:24");
Line Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Found : user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,");
Line Found : user_pref("extentions.y2layers.installId", "5efd40e1-d599-427f-859d-839e6ad2427d");
Line Found : user_pref("extentions.y2layers.lastDnsTest", 371940);
Line Found : user_pref("icqtoolbar.installsource", "1");
Line Found : user_pref("icqtoolbar.showPc", true);
Line Found : user_pref("icqtoolbar.skip_default_search", "yes");

-\\ Google Chrome v

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage

*************************

AdwCleaner[R0].txt - [19665 octets] - [01/03/2014 15:28:35]
AdwCleaner[R1].txt - [19512 octets] - [01/03/2014 15:30:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [19573 octets] ##########

#5 Příspěvek od **Márty84** » 01 bře 2014 15:39

Tento disk hlasi nejake chyby (1) SAMSUNG HD502HJ

01 100 100 _51 000000000529 Počet chyb čtení
BF _72 _72 __0 000000046D34 Počet udalostí zaznamenaných otřesovým senzorem
C8 100 100 __0 000000003246 Počet chyb při zápisu sektorů

I to muze byt pricina potizi. Uvidime po procisteni.

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

cloudstrife · #6 Příspěvek od **cloudstrife** » 01 bře 2014 15:57

Log z AdwCleaner

# AdwCleaner v3.020 - Report created 01/03/2014 at 15:48:09
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Documents\Images\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : SCBackService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Splashtop
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\FreeHDSport.TV
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\Splashtop
Folder Deleted : C:\Users\Martin\AppData\Local\thinstall
Folder Deleted : C:\Users\Martin\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Martin\AppData\Roaming\Splashtop
Folder Deleted : C:\Users\Martin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Martin\AppData\Roaming\thinstall
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\Extensions\gophoto@gophoto.it.xpi
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\Extensions\hdvc3@hdvidcodec.com.xpi
File Deleted : C:\Users\Martin\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\searchplugins\qip-search.xml
File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\user.js
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.triple-search.com_0.localstorage
File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.triple-search.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu
Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject
Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\smrh1c5o.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=111015");
Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 28);
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "a42669810000000000001c6f65deed6c");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15426");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 28);
Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1722:50:24");
Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0");
Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 71448084);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1722:50:24");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111015");
Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "a42669810000000000001c6f65deed6c");
Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "a42669810000000000001c6f65deed6c");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15426");
Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:50:24");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,");
Line Deleted : user_pref("extentions.y2layers.installId", "5efd40e1-d599-427f-859d-839e6ad2427d");
Line Deleted : user_pref("extentions.y2layers.lastDnsTest", 371940);
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.showPc", true);
Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");

-\\ Google Chrome v

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [19665 octets] - [01/03/2014 15:28:35]
AdwCleaner[R1].txt - [19726 octets] - [01/03/2014 15:30:19]
AdwCleaner[R2].txt - [19787 octets] - [01/03/2014 15:45:03]
AdwCleaner[R3].txt - [19848 octets] - [01/03/2014 15:45:57]
AdwCleaner[S0].txt - [19352 octets] - [01/03/2014 15:48:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19413 octets] ##########

#7 Příspěvek od **Márty84** » 01 bře 2014 16:00

Fajn, program provedl co mel. Tak ted hura na MBAM.

cloudstrife · #8 Příspěvek od **cloudstrife** » 01 bře 2014 17:40

Omlouvám se převelice, že jsem nepřidal logy pěkně najednou ale nečekal jsem dvou hodinovou kontrolu

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.01.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Martin :: MARTIN-PC [administrátor]

1.3.2014 15:58:12
MBAM-log-2014-03-01 (17-35-13).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 548006
Uplynulý čas: 1 hodin, 36 minut, 49 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {DD334402-72BD-11E1-BC1B-1C6F65DEED6C} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Martin\Documents\Images\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.

(konec)

#9 Příspěvek od **Márty84** » 01 bře 2014 17:56

To ja cekal, ze to bude chvili trvat

Office asi legalni nebude, ze?

Nalezy nechte odstranit, pak MBAM odinstalujte.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

cloudstrife · #10 Příspěvek od **cloudstrife** » 01 bře 2014 18:34

Přiznám se, Office není zrovna dvakrát legální. Nejmenovaná společnost prodávajíce počítače a elektroniku, u které jsem sestavu zakoupil, tak nějak pozapomněla přibalit Office. Rytířsky se společnost bránila s tvrzením, že nic takového zakoupeno nebylo i přesto, že bylo. No a po několika tahanicích jsem to prostě vzdal a přiklonil se k alternativnímu řešení. Charitativně jsem jim ty prachy s velkou nechutí přenechal. Doufám, že se to dá brát jako polehčující okolnost. Chybu napravím.

Mimo jiné log z RogueKiller.

RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Kontrola -- Datum : 03/01/2014 18:16:31
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Administrator\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\All Users\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Cloudor\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Kopirovac\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\TEMP\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\User.USER\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD502HJ ATA Device +++++
--- User ---
[MBR] 7c429c6536f602e7bb41b21a8931c3bc
[BSP] bc53a7c2dcfd983fffd3e49959dfe206 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD2500KS-00MJB0 ATA Device +++++
--- User ---
[MBR] 4c2efa01b731280a957815971d07acc8
[BSP] f1fbfdc39113c5ad0e65a9f3a31dbfa7 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_03012014_181631.txt >>

#11 Příspěvek od **Márty84** » 01 bře 2014 20:46

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

cloudstrife · #12 Příspěvek od **cloudstrife** » 01 bře 2014 22:40

Zde je první log

RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Odebrat -- Datum : 03/01/2014 22:38:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Administrator\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\All Users\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Cloudor\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Kopirovac\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\TEMP\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\User.USER\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD502HJ ATA Device +++++
--- User ---
[MBR] 7c429c6536f602e7bb41b21a8931c3bc
[BSP] bc53a7c2dcfd983fffd3e49959dfe206 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD2500KS-00MJB0 ATA Device +++++
--- User ---
[MBR] 4c2efa01b731280a957815971d07acc8
[BSP] f1fbfdc39113c5ad0e65a9f3a31dbfa7 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_03012014_223822.txt >>

cloudstrife · #13 Příspěvek od **cloudstrife** » 01 bře 2014 22:40

Druhý log

RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/01/2014 22:40:12
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Administrator\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\All Users\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Documents and Settings\Cloudor\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Kopirovac\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\TEMP\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\User.USER\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_03012014_224012.txt >>
RKreport[0]_D_03012014_223822.txt

#14 Příspěvek od **Márty84** » 02 bře 2014 00:11

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

cloudstrife · #15 Příspěvek od **cloudstrife** » 02 bře 2014 22:04

ComboFix Log zde -

ComboFix 14-02-24.02 - Martin 02.03.2014 21:55:33.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4079.2704 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\xmlE3C9.tmp
c:\programdata\xmlE456.tmp
c:\programdata\xmlE457.tmp
c:\programdata\xmlE468.tmp
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\tmp2BE5.tmp
c:\windows\SysWow64\tmp2BF6.tmp
c:\windows\SysWow64\tmpD168.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-02 do 2014-03-02 )))))))))))))))))))))))))))))))
.
.
2014-03-02 21:02 . 2014-03-02 21:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-01 17:01 . 2014-03-02 21:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B52A5E1B-7B0E-4E62-875C-669D3A0C1415}\offreg.dll
2014-03-01 14:56 . 2014-03-01 14:56 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2014-03-01 14:56 . 2014-03-01 14:56 -------- d-----w- c:\programdata\Malwarebytes
2014-03-01 14:28 . 2014-03-01 14:48 -------- d-----w- C:\AdwCleaner
2014-02-28 15:40 . 2014-02-28 15:52 -------- d-----w- c:\program files (x86)\TSEV Skyrim LE
2014-02-28 15:40 . 2013-04-28 13:56 396800 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\w\a\l\m\a\r\t\dll\ISSkinExW.dll
2014-02-28 15:31 . 2014-02-28 15:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-02-28 08:33 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B52A5E1B-7B0E-4E62-875C-669D3A0C1415}\mpengine.dll
2014-02-27 07:54 . 2014-02-27 07:54 -------- d-----w- c:\windows\Migration
2014-02-25 20:38 . 2014-02-25 20:59 -------- d-----w- c:\program files (x86)\Thief
2014-02-24 22:19 . 2014-02-24 22:19 -------- d-----w- C:\rsit
2014-02-24 22:19 . 2014-02-24 22:19 -------- d-----w- c:\program files\trend micro
2014-02-24 22:01 . 2014-02-05 09:31 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-24 22:01 . 2014-02-05 09:30 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-02-24 22:00 . 2014-02-24 22:00 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-02-24 22:00 . 2014-02-08 17:42 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-24 22:00 . 2014-02-08 17:42 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-24 22:00 . 2014-02-08 17:42 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-24 22:00 . 2014-02-08 17:42 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-24 22:00 . 2014-02-08 17:42 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-24 22:00 . 2014-02-08 17:42 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-24 22:00 . 2014-02-05 17:52 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-24 22:00 . 2014-02-08 18:34 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-02-24 22:00 . 2014-02-08 18:34 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-02-24 18:42 . 2014-02-24 18:42 -------- d-----w- c:\users\Martin\AppData\Roaming\AC3Filter
2014-02-24 14:05 . 2014-02-24 21:53 -------- d-----w- c:\users\Martin\AppData\Local\NVIDIA Corporation
2014-02-13 23:41 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-13 23:41 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-13 07:49 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-04 18:17 . 2014-02-04 18:17 -------- d-----w- c:\users\Martin\AppData\Local\ESET
2014-02-04 18:16 . 2014-02-04 18:16 -------- d-----w- c:\program files\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-28 15:32 . 2011-11-28 22:33 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-02-21 17:37 . 2012-06-27 08:22 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-21 17:37 . 2011-10-15 21:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-16 23:39 . 2011-05-15 17:44 88567024 ----a-w- c:\windows\system32\MRT.exe
2013-12-18 20:09 . 2014-01-19 09:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-10 23:56 . 2013-12-10 23:56 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-10 23:56 . 2013-12-10 23:56 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-10 23:56 . 2013-12-10 23:56 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-10 23:56 . 2013-12-10 23:56 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-10 23:56 . 2013-12-10 23:56 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-10 23:56 . 2013-12-10 23:56 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-10 23:56 . 2013-12-10 23:56 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-10 23:56 . 2013-12-10 23:56 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-10 23:56 . 2013-12-10 23:56 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-10 23:56 . 2013-12-10 23:56 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-10 23:56 . 2013-12-10 23:56 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-10 23:56 . 2013-12-10 23:56 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-10 23:56 . 2013-12-10 23:56 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-10 23:56 . 2013-12-10 23:56 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-10 23:56 . 2013-12-10 23:56 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-10 23:56 . 2013-12-10 23:56 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-10 23:56 . 2013-12-10 23:56 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-10 23:56 . 2013-12-10 23:56 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-10 23:56 . 2013-12-10 23:56 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-10 23:56 . 2013-12-10 23:56 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-10 23:56 . 2013-12-10 23:56 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-10 23:56 . 2013-12-10 23:56 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-10 23:56 . 2013-12-10 23:56 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-10 23:56 . 2013-12-10 23:56 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-10 23:56 . 2013-12-10 23:56 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-10 23:56 . 2013-12-10 23:56 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-10 23:56 . 2013-12-10 23:56 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-10 23:56 . 2013-12-10 23:56 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-10 23:56 . 2013-12-10 23:56 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-10 23:56 . 2013-12-10 23:56 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-10 23:56 . 2013-12-10 23:56 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-10 23:56 . 2013-12-10 23:56 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-10 23:56 . 2013-12-10 23:56 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-10 23:56 . 2013-12-10 23:56 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-10 23:56 . 2013-12-10 23:56 413696 ----a-w- c:\windows\system32\html.iec
2013-12-10 23:56 . 2013-12-10 23:56 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 23:56 . 2013-12-10 23:56 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-10 23:56 . 2013-12-10 23:56 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-10 23:56 . 2013-12-10 23:56 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-10 23:56 . 2013-12-10 23:56 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-10 23:56 . 2013-12-10 23:56 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-10 23:56 . 2013-12-10 23:56 235520 ----a-w- c:\windows\system32\url.dll
2013-12-10 23:56 . 2013-12-10 23:56 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-10 23:56 . 2013-12-10 23:56 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-10 23:56 . 2013-12-10 23:56 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-10 23:56 . 2013-12-10 23:56 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-10 23:56 . 2013-12-10 23:56 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-10 23:56 . 2013-12-10 23:56 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-10 23:56 . 2013-12-10 23:56 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-10 23:56 . 2013-12-10 23:56 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-10 23:56 . 2013-12-10 23:56 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-10 23:56 . 2013-12-10 23:56 101376 ----a-w- c:\windows\system32\inseng.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Snap"="c:\program files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe" [2011-07-13 163840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [x]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\users\Martin\AppData\Local\Temp\EverestDriver.sys;c:\users\Martin\AppData\Local\Temp\EverestDriver.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys;c:\windows\SYSNATIVE\DRIVERS\point64k.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbcamcl;Driver for usbcamcl Device;c:\windows\system32\DRIVERS\usbcamcl.sys;c:\windows\SYSNATIVE\DRIVERS\usbcamcl.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 17:37]
.
2014-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-29 22:41]
.
2014-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf2757e742bbf3.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-29 22:41]
.
2014-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4106746080-1543361611-121868080-1000Core.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 10:53]
.
2014-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4106746080-1543361611-121868080-1000UA.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-04 11772520]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 2320752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-ICQ - ~c:\program files\ICQ6.5\ICQ.exe
Wow6432Node-HKLM-Run-STCAgent - c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe
Wow6432Node-HKLM-Run-ZyngaGamesAgent - c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4 Beta\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4106746080-1543361611-121868080-1000\Software\SecuROM\License information*]
"datasecu"=hex:84,c9,ec,24,16,8d,8d,92,d8,9e,86,01,af,6a,e6,58,05,e9,8f,e8,b9,
a0,d3,86,f4,57,e1,e9,2a,9f,03,06,c2,31,b7,6c,01,24,30,a4,20,00,f1,c3,cc,96,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-02 22:03:35
ComboFix-quarantined-files.txt 2014-03-02 21:03
.
Před spuštěním: Volných bajtů: 205 842 165 760
Po spuštění: Volných bajtů: 205 897 142 272
.
- - End Of File - - 970A7E162FCE032F52E84683CF385736
A36C5E4F47E84449FF07ED3517B43A31

VIRY.CZ

Pomalé PC/boot/zamrzávaní PC/sekání videí

Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí

Re: Pomalé PC/boot/zamrzávaní PC/sekání videí