Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

NTB je zpomalen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Zdenek1989
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 18 srp 2013 09:16

NTB je zpomalen

#1 Příspěvek od Zdenek1989 »

Přidávám log

Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2014-08-29 20:38:37
Microsoft Windows 8
System drive C: has 318 GB (70%) free of 458 GB
Total RAM: 3911 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:49, on 29. 8. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17054)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=498&a ... 12&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\uzivatel\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\uzivatel\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\uzivatel\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sleep memory optimizer (FFSOpzSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Acer Theft Shield Service (USecuAppSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13030 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Classic Shell\ClassicShellService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
dashost.exe {eeff06fa-4f78-46dc-9c7c62855ba5813f}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe"
"C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe" -s "C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\Config"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVERNOVY
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"dwm.exe"
taskhostex.exe
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -startup
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4268.0.1736723356\1097209479" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
taskhost.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --channel="4268.54.834372267\2039676309" /prefetch:673131151
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
taskhost.exe $(Arg0)
"C:\Users\uzivatel\Desktop\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-1.job - C:\Program Files (x86)\Go HD\Go HD-codedownloader.exe /aKcQbqOz /rffzVxkgL=task /QVMSs='Go HD' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /FIoCIp=1.34.7.1 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /VpTdV=http://js.genstatsnet.com /JCnzJV=ch /ikWNWMB='Go HD' /OrUqDK=http://js.clientdemocloud.com /cSuOkmnEO /sdkDoZggI='{"asw":[32768, 536870913, 1024]}' /MSOmjdLC='http://update.genstatsnet.com/ie_code_a ... pdate.json' /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-11.job - C:\Program Files (x86)\Go HD\38e53c50-22c0-4b78-9429-043b72d74454-11.exe /jYAKA=dGIUPmPaV9XvBkB99LAPMQZyR/O3DtEmFtIseQ6czkYGXMuoviYtrSR1EWNav1M/tA+sw33AMxHx04AuEXs10xrnmUlsxzav2CXem8v2KHFxouVPrDvOFEfbjGEHdoyMxJxTy4+Z5EmilVFR1h6F5mi9Sal7vxRfeF3/if9RnhYd7JCsfP8bfCdRNL5/fPkGw9LQWhyldSfA+Vg8yX3Gl0XmxuG+oAIPe4gkIRkNHrTvHoMOHMN3gv0USVyqgqn5X7G2HSaoBG8Rdg4st9LeHf/gGDwy9bPce3cvp3tVVBg3me33kpu/paFScRmike6Nb0NvaKBAQWjKoZyiTB+77oJQh53DZTPNFPPfXQAMCpOkbSifwrCmHO35KM/zICGv+5kj9vDFp3ng4OVbVDXWbk5/PlzSbUpSdynk4595IBLL8hjir3w1x+3RKdRMonuMifN+ba5s7DaYBq+JmzsG/85iH98a1/lzgIRYFbm2dA60OzSV6bclPpavK3tr6thjK27T8XX/JZZyZ+mrrOxzmqV6AWG3S/PV10cvXn8Pr6YCJEZ/ZEZC8FATGbnvUNW5vqPHhdNxLu5hkVOcDc5/Rcd5p7untBaMgWzCAj/JjmInydRO2YkbRi5XBvXFvrI7EPJgP0FGOdhRHxGYCL1r06RCVv33LhozvwVmvOJHUIJfGnof1Mf5yPffOj8CBBlhWNYCY44l2js29mrbqRvRvQMgdfvmRdfcau00nERLHhoDk5IP9XSGwXEBkCEe+MBcfjkCNTYEUy//Ztij+jrHtd8Ubv2YIB4HXwlWKQSAagzz/FFS+77il6+MpDmqgBypmYPiHB3ipElT3iiL/KHSrgtu4UU67KkzmBy/+zuqp68DdVbZqCUeiT+ZJok6O0Ro8huxS6ZOjdT9VaN5IhGjZrXtMU/UGAwkbiMR2dUslxLj2q2J/ecNeTPeOc26RIIGbOevMyT6Yktc4wQ/nClEksm6x2hllWocBYKS1YpHUmpYoPZ7pWoKr1LzL1ILaVBjdlMeytqjmtmZOqewBr0F973UUpvkYTfP6BJOJs1Tx+m4c4xZ6KFKaFUT5Q3BeBREgtVV00mgL1e4zxbUWvLxLVnJDpE50V7WUwK1nBKA7i17dqisI4cF7G6zJ9An7S+oO+mj3AEPwl5EG8ZHWHN7XoVAXbtd3uDBXp7/eHODaQAziU6NKeBXQL2xSKlHqAXkr9uB+6BsEY2QRVpa0gdU9TzUmFIAngPp1f3VJF/UvkzA+qGlNzqFmDfQThLZPzkWljDuZYyoC4M0g0IibXKB8BqD6AplAIkDGaB6G2gSp9p7InEnsKp88HqNulfoNSUAOLBQeJjpOZBxV/T+mNzEq62KnRY6DMmybSuVfgf9/OjrJ7Qifl84EPltHLCWLWbwwgVaUv2KV0sLCj6O0j4T6Rj+1Dl9Etg4EdX1A7l5D20QImdY3OEC+3Yt7hAidAoV4/yGGqXblZ+TZNT3Lixksl0hmqtC48qKa9C49hy3vQ22/OaDeO13YIfb8jHmz/n7RiLJGBNdIrm7ZBTHPd2SuPK9cFXQnANIOS519iYiBFLIxRypcHeI5ThO3Glel8h5eFUkpVbR6/V5WtJBKTavom4TBO44BK6fjDcXkPE0TRmLDvLo6KPeRSKXPtEG7Cku23Y/ymJR3jXFV2bzWwziXTC0yNt75BAHfFP8m1UaaEc=
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-2.job - C:\Program Files (x86)\Go HD\38e53c50-22c0-4b78-9429-043b72d74454-2.exe /NesxB /QVMSs='Go HD' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /vSKCeiOs=11111111-1111-1111-1111-110511091156 /JCnzJV=ch /cSuOkmnEO /MSOmjdLC='http://update.genstatsnet.com/ie_enable ... pdate.json' /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-4.job - C:\Program Files (x86)\Go HD\38e53c50-22c0-4b78-9429-043b72d74454-4.exe /JBbMqjR /QVMSs='Go HD' /sumuWWLfc='C:\Program Files (x86)\Go HD\38e53c50-22c0-4b78-9429-043b72d74454.xpi' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /FIoCIp=1.34.7.1 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /yumPFB=300 /EWYhzdfq=3733101e-a53a-4b86-997a-bfa5beb3325b@0c7de234-778a-4255-b4ca-cab0545a9f50.com /LEHkLPT=0.95 /PusmFwli=a3733101ea53a4b86997abfa5beb3325b0c7de234778a4255b4cacab0545a9f50com50956 /HsqQOY=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /50956.rdf /vccAbEauw='Go HD' /MgVFTCT='HD' /emlpSr='InstallMoon' /JCnzJV=ch /sdkDoZggI='{"asw":[32768, 536870913, 1024]}' /cSuOkmnEO /iiBTehe /XRRcb /MSOmjdLC='http://update.genstatsnet.com/ff_agent_ ... pdate.json' /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-5.job - C:\Program Files (x86)\Go HD\38e53c50-22c0-4b78-9429-043b72d74454-5.exe /ydtZwQqtw /QVMSs='Go HD' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /OmzekCOj=http://ipgeoapi.com/ /nDCHdIxP=http://update.genstatsnet.com /KIEPFLEB=2 /tVBuCUr=http://logs.genstatsnet.com /MSOmjdLC='http://update.genstatsnet.com/updater_a ... pdate.json' /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-5_user.job - C:\Program Files (x86)\Go HD\38e53c50-22c0-4b78-9429-043b72d74454-5.exe /ydtZwQqtw /QVMSs='Go HD' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /OmzekCOj=http://ipgeoapi.com/ /nDCHdIxP=http://update.genstatsnet.com /KIEPFLEB=2 /tVBuCUr=http://logs.genstatsnet.com /MSOmjdLC='http://update.genstatsnet.com/updater_a ... pdate.json' /cUhyjXfir /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-6.job - C:\Program Files (x86)\Go HD\Go HD-novainstaller.exe /DtWKTtSA /QVMSs='Go HD' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /FIoCIp=1.34.7.1 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /VpTdV=http://js.genstatsnet.com /JCnzJV=ch /dgJSVcrQt /ikWNWMB=Go HD /WwPBkAeLY='nova' /OrUqDK=http://js.clientdemocloud.com /sdkDoZggI='{"asw":[32768, 536870913, 1024]}' /rffzVxkgL=task /MSOmjdLC='http://update.genstatsnet.com/novacode/ ... pdate.json' /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\38e53c50-22c0-4b78-9429-043b72d74454-7.job - C:\Program Files (x86)\Go HD\Go HD-nova.exe /QVMSs='Go HD' /zCauwoHKA=50956 /hWzYMA='001005' /ONfuZReY='verticals-shopping,intext,pops,ads' /VcWpG='0' /yggVP=B07248F91BA74872A8EC071BFD7B126BIE /UmAfPsxj=34dd9cc3e09086c4d7e1a7f4e21ae826 /SAowfye=1_34_07_01 /FIoCIp=1.34.7.1 /uSXtr=1405680590 /tSexQZkH=http://stats.genstatsnet.com /wHmcOuqR=http://errors.genstatsnet.com /VpTdV=http://js.genstatsnet.com /JCnzJV=ch /dgJSVcrQt /ikWNWMB=Go HD /WwPBkAeLY='nova' /OrUqDK=http://js.clientdemocloud.com /sdkDoZggI='{"asw":[32768, 536870913, 1024]}' /MSOmjdLC='http://update.genstatsnet.com/novarun/{ ... pdate.json' /rffzVxkgL='task' /MSSTsKJ=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511091156}]
Go HD

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29 741888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4646332D-5637-4300-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25 66688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2012-12-29 454144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29 611328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2012-12-29 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2012-12-29 741888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2012-12-29 611328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-03-05 2876816]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-01-29 13267016]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-01-18 1276488]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Viber"=C:\Users\uzivatel\AppData\Local\Viber\Viber.exe StartMinimized []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\uzivatel\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\uzivatel\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"= []
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-11-02 111216]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-07-08 152392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-29 20:38:38 ----D---- C:\Program Files\trend micro
2014-08-29 20:38:37 ----D---- C:\rsit
2014-08-21 12:15:50 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-21 12:15:49 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-08-21 12:15:49 ----A---- C:\Windows\system32\wucltux.dll
2014-08-21 12:15:49 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-21 12:15:49 ----A---- C:\Windows\system32\storewuauth.dll
2014-08-19 21:02:30 ----D---- C:\ProgramData\ESET
2014-08-19 21:02:30 ----D---- C:\Program Files\ESET
2014-08-15 07:55:40 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-08-15 07:53:25 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-15 07:53:25 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 13:58:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 13:58:42 ----A---- C:\Windows\system32\cdd.dll
2014-08-14 13:58:00 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 13:57:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 13:57:43 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 13:57:40 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 13:57:40 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 13:57:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 13:57:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 13:57:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 13:57:38 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 13:57:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 13:57:37 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 13:57:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 13:57:36 ----A---- C:\Windows\system32\jscript.dll
2014-08-14 13:57:36 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 13:57:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 13:57:35 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 13:57:35 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 13:57:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\uxtheme.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\UXInit.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\iesysprep.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 13:57:34 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 13:57:33 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-08-14 13:57:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 13:57:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 13:57:33 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 13:57:33 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 13:55:20 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 13:55:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-14 13:55:19 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 13:49:48 ----A---- C:\Windows\system32\twinui.dll
2014-08-14 13:49:45 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-08-14 13:49:44 ----A---- C:\Windows\system32\msi.dll
2014-08-14 13:49:44 ----A---- C:\Windows\system32\actxprxy.dll
2014-08-14 13:49:43 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 13:49:43 ----A---- C:\Windows\system32\authui.dll
2014-08-14 13:49:42 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 13:49:42 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 13:49:42 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-08-14 13:49:42 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 13:49:42 ----A---- C:\Windows\system32\consent.exe
2014-08-14 13:49:19 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 13:49:19 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 13:49:17 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2014-08-14 13:49:17 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-08-04 14:32:21 ----D---- C:\Recovery
2014-08-03 21:05:51 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:05:51 ----D---- C:\Program Files\iTunes
2014-08-03 21:05:51 ----D---- C:\Program Files\iPod

======List of files/folders modified in the last 1 month======

2014-08-29 20:38:38 ----RD---- C:\Program Files
2014-08-29 20:37:59 ----D---- C:\Windows\Temp
2014-08-29 20:36:08 ----D---- C:\Windows\AUInstallAgent
2014-08-29 20:35:42 ----D---- C:\Windows\system32\sru
2014-08-28 19:12:39 ----SHD---- C:\System Volume Information
2014-08-28 18:45:20 ----D---- C:\Windows\Microsoft.NET
2014-08-28 18:44:38 ----D---- C:\Windows\Prefetch
2014-08-28 18:19:12 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2014-08-28 16:58:11 ----D---- C:\Windows\system32\config
2014-08-28 16:46:29 ----D---- C:\Windows\WinSxS
2014-08-28 16:45:45 ----D---- C:\Windows\CbsTemp
2014-08-28 16:06:53 ----D---- C:\Program Files (x86)\Go HD
2014-08-28 15:16:29 ----RD---- C:\Windows\System32
2014-08-27 13:32:10 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2014-08-27 13:27:34 ----D---- C:\Windows\Inf
2014-08-24 16:53:04 ----SHD---- C:\Windows\Installer
2014-08-24 16:53:02 ----D---- C:\Program Files (x86)\Microsoft Office
2014-08-23 14:37:57 ----RSD---- C:\Windows\assembly
2014-08-23 14:11:34 ----D---- C:\Windows\system32\catroot2
2014-08-21 08:17:12 ----D---- C:\Windows\system32\NDF
2014-08-21 07:44:53 ----A---- C:\Windows\SYSWOW64\log.txt
2014-08-21 07:21:07 ----D---- C:\Users\uzivatel\AppData\Roaming\Seznam.cz
2014-08-21 07:20:40 ----D---- C:\Program Files (x86)\Seznam.cz
2014-08-21 07:19:10 ----D---- C:\Program Files (x86)
2014-08-19 21:13:55 ----D---- C:\Windows\system32\wdi
2014-08-19 21:09:51 ----D---- C:\ProgramData\smdmf
2014-08-19 21:03:39 ----D---- C:\Windows\system32\DriverStore
2014-08-19 21:03:39 ----D---- C:\Windows\system32\Drivers
2014-08-19 21:02:30 ----HD---- C:\ProgramData
2014-08-19 20:40:10 ----D---- C:\Windows\system32\MRT
2014-08-19 20:36:13 ----A---- C:\Windows\system32\MRT.exe
2014-08-18 10:01:46 ----D---- C:\Windows\SysWOW64
2014-08-18 09:59:30 ----D---- C:\Users\uzivatel\AppData\Roaming\DVDVideoSoft
2014-08-18 09:59:30 ----D---- C:\Program Files (x86)\Common Files
2014-08-17 15:46:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-16 13:29:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-16 13:29:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-16 13:29:45 ----D---- C:\Windows\system32\en-US
2014-08-16 13:29:45 ----D---- C:\Windows\system32\cs-CZ
2014-08-16 13:29:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-16 13:29:44 ----D---- C:\Program Files\Internet Explorer
2014-08-16 13:29:38 ----RD---- C:\Windows\ToastData
2014-08-15 08:02:46 ----D---- C:\ProgramData\Microsoft Help
2014-08-15 06:50:06 ----HD---- C:\Program Files\WindowsApps
2014-08-09 18:16:08 ----D---- C:\Windows\system32\Tasks
2014-08-05 23:15:00 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-05 23:15:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 16:01:14 ----HD---- C:\$Windows.~BT
2014-08-04 12:55:32 ----D---- C:\Windows\Registration
2014-08-04 12:55:32 ----D---- C:\Windows
2014-08-04 12:31:16 ----D---- C:\Windows\system32\catroot
2014-08-03 21:06:29 ----D---- C:\Program Files (x86)\iTunes
2014-08-03 20:44:19 ----D---- C:\Windows\Tasks
2014-08-03 20:43:06 ----D---- C:\Users\uzivatel\AppData\Roaming\QuickScan
2014-08-02 02:15:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R0 excsd;ExpressCache Storage Filter Driver; C:\Windows\system32\DRIVERS\excsd.sys [2013-01-08 112552]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 excfs;ExpressCache File System Filter Driver; C:\Windows\system32\DRIVERS\excfs.sys [2013-01-08 26024]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 athr;@oem20.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-01-21 3747840]
R3 BTATH_BUS;@oem5.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-01-25 34384]
R3 ETD;@oem16.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-03-05 356752]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-01-29 3311944]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 irstrtdv;@oem18.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\Windows\System32\drivers\irstrtdv.sys [2012-07-20 43800]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 Ps2Kb2Hid;@oem14.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2013-11-02 26736]
R3 RSUSBVSTOR;@oem1.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 AX88772;@netax88772.inf,%AX88772.DeviceDesc%;ASIX AX88772 USB2.0 to Fast Ethernet Adapter; C:\Windows\system32\DRIVERS\ax88772.sys [2012-07-07 104960]
S3 BTATH_A2DP;@oem8.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem8.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_HCRP;@oem11.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-01-25 179432]
S3 BTATH_LWFLT;@oem13.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTATH_RCP;@oem15.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-01-25 136424]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-01-25 581200]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 Netaapl;@oem23.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2013-08-06 23040]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
S3 USBAAPL64;@oem22.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S4 RsFx0102;RsFx0102 Driver; C:\Windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 314904]
S4 RsFx0150;RsFx0150 Driver; C:\Windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 313696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-27 2615368]
R2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2012-12-29 68608]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2013-01-16 350984]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-03-05 100752]
R2 ExpressCache;ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [2013-01-08 107944]
R2 FFSOpzSvc;Sleep memory optimizer; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [2012-03-12 161384]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MSOLAP$MSSQLSERVERNOVY;SQL Server Analysis Services (MSSQLSERVERNOVY); C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe [2008-07-10 21945368]
R2 MSSQL$MSSQLSERVERNOVY;SQL Server (MSSQLSERVERNOVY); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 57820696]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2010-04-03 61913952]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 ReportServer$MSSQLSERVERNOVY;SQL Server Reporting Services (MSSQLSERVERNOVY); C:\Program Files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2008-07-10 1106968]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-11-02 96880]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-12-11 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-03-16 662088]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-07-08 641352]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-18 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 SmdmFService;SmdmF Service; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-05-01 470056]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-18 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 116648]
S3 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2012-07-19 193576]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$MSSQLSERVERNOVY;SQL Server Agent (MSSQLSERVERNOVY); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S3 USecuAppSvc;Acer Theft Shield Service; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [2012-11-12 345744]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 430616]
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384]

-----------------EOF-----------------

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: NTB je zpomalen

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Zdenek1989
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 18 srp 2013 09:16

Re: NTB je zpomalen

#3 Příspěvek od Zdenek1989 »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by uzivatel on p  29. 08. 2014 at 20:54:17,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050956.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050956.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050956.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050956.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511091156}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522092256}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555095556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566096656}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544094456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511091156}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220522092256}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550555095556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660566096656}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544094456}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050956.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050956.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050956.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050956.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555095556}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566096656}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544094456}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550555095556}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660566096656}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544094456}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3B7C5D6A-6562-4573-BBCB-EB20EDFB7A36}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\systweak"
Successfully deleted: [Folder] "C:\Users\uzivatel\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\uzivatel\AppData\Roaming\systweak"
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{030B0516-626E-4EBE-958F-57BF656E749E}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{14A64301-1A24-4C8A-9CD5-EE3DB95821D5}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{1FF71CDE-6DFC-45B7-88DE-0DDCD0587BC3}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{27ED81DC-7E40-4383-B419-9F0D59315E53}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{2F4EF231-7532-49C5-9AD5-6A0E81D4019E}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{603098FC-6AB0-41E7-93B2-17AB6A5304C4}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{6FF8C3D0-5529-4678-9B01-0672303F9D57}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{8DEFDC4F-B547-493C-8236-DCD4067371C8}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{A7857CF8-BF4C-464E-BCF5-424621A61436}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{BA890FC8-04AD-4D55-ABE1-6B7CC242DE40}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{DC306F57-BC02-4CCD-A1FA-3B30E4E65CA9}
Successfully deleted: [Empty Folder] C:\Users\uzivatel\appdata\local\{E2258565-0CA0-483F-B951-96BB61163854}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  29. 08. 2014 at 21:11:46,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



# AdwCleaner v3.308 - Report created 29/08/2014 at 21:21:26
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : uzivatel - ACERNTB
# Running from : C:\Users\uzivatel\Desktop\Downloads\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : SmdmFService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Pokki
Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Users\uzivatel\AppData\Local\globalUpdate
Folder Deleted : C:\Users\uzivatel\AppData\Local\Temp\apn
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : ASP
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-1
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-11
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-2
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-4
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-5
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-5_user
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-6
Task Deleted : 38e53c50-22c0-4b78-9429-043b72d74454-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\SmdmF
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17054

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://www.default-search.net?sid=498&aid=148& ... 12&src=hmp
Deleted [Startup_urls] : hxxp://www.search.ask.com/?tpid=FF3-V7C&o=APN1 ... 01-04&psv=

*************************

AdwCleaner[R0].txt - [12150 octets] - [29/08/2014 21:17:46]
AdwCleaner[S0].txt - [11395 octets] - [29/08/2014 21:21:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11456 octets] ##########

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: NTB je zpomalen

#4 Příspěvek od vyosek »

:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize
  • Kód: Vybrat vše

    autoclean;
    emptyclsid;
    iedefaults;
    FFdefaults;
    CHRdefaults;
    emptyalltemp;
    resethosts;
    
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Zdenek1989
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 18 srp 2013 09:16

Re: NTB je zpomalen

#5 Příspěvek od Zdenek1989 »

Zoek.exe v5.0.0.0 Updated 28-08-2014
Tool run by uzivatel on p  29. 08. 2014 at 21:51:18,90.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\uzivatel\Desktop\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29. 8. 2014 21:52:59 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3305348813-2771938429-208643079-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4646332D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3305348813-2771938429-208643079-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4646332D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511091156} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511091156} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4646332D-5637-4300-76A7-7A786E7484D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3305348813-2771938429-208643079-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4646332D-5637-4300-76A7-7A786E7484D7} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Default\AppData\Local\Pokki deleted
"C:\Windows\Installer\55fcc.msi" deleted

==== Chrome Look ======================

Seznam Li\u0161ti\u010Dka - Email - uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam Lištička - Rychlá volba - uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{4575255C-AFC1-4EEB-96E3-D8DBE6BC4507} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3305348813-2771938429-208643079-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4575255C-AFC1-4EEB-96E3-D8DBE6BC4507} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=948 folders=84 234744937 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\uzivatel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\uzivatel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p  29. 08. 2014 at 22:20:10,69 ======================

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: NTB je zpomalen

#6 Příspěvek od vyosek »

"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Zdenek1989
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 18 srp 2013 09:16

Re: NTB je zpomalen

#7 Příspěvek od Zdenek1989 »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-08-2014 01
Ran by uzivatel (administrator) on ACERNTB on 30-08-2014 08:41:23
Running from C:\Users\uzivatel\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKU\.DEFAULT\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\Run: [Viber] => "C:\Users\uzivatel\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\RunOnce: [Application Restart #1] => C:\Users\uzivatel\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-si (the data entry has 546 more characters).
HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\MountPoints2: {458b71eb-7867-11e3-be78-e89d0ba9f37c} - "D:\OpenFiles.exe"
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 217.197.144.22 217.197.152.132

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-08-19]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Vyhledávání Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (Peněženka Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft) [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-03-05] (ELAN Microelectronics Corp.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MSOLAP$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSAS10.MSSQLSERVERNOVY\OLAP\bin\msmdsrv.exe [21945368 2008-07-10] (Microsoft Corporation)
R2 MSSQL$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57820696 2008-07-10] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation)
R2 ReportServer$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSRS10.MSSQLSERVERNOVY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1106968 2008-07-10] (Microsoft Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-11-02] (Dritek System INC.)
S3 SQLAgent$MSSQLSERVERNOVY; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSQLSERVERNOVY\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430616 2008-07-10] (Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-12-11] (PS Media s.r.o.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-11-02] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 08:40 - 2014-08-30 08:41 - 00018266 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2014-08-30 08:40 - 2014-08-30 08:40 - 00041772 _____ () C:\Users\uzivatel\Desktop\FRST3.txt
2014-08-30 08:39 - 2014-08-30 08:40 - 00034826 _____ () C:\Users\uzivatel\Desktop\Addition.txt
2014-08-30 08:37 - 2014-08-30 08:41 - 00000000 ____D () C:\FRST
2014-08-30 08:34 - 2014-08-30 08:34 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
2014-08-30 08:31 - 2014-08-30 08:31 - 02103808 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2014-08-29 22:18 - 2014-08-29 21:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-29 21:52 - 2014-08-29 22:20 - 00007247 _____ () C:\zoek-results.log
2014-08-29 21:50 - 2014-08-29 22:13 - 00000000 ____D () C:\zoek_backup
2014-08-29 21:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-29 21:17 - 2014-08-29 21:21 - 00000000 ____D () C:\AdwCleaner
2014-08-29 21:11 - 2014-08-29 21:11 - 00005450 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2014-08-29 20:53 - 2014-08-29 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 20:38 - 2014-08-29 20:38 - 00000000 ____D () C:\rsit
2014-08-29 20:38 - 2014-08-29 20:38 - 00000000 ____D () C:\Program Files\trend micro
2014-08-28 15:50 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 12:14 - 2014-08-29 21:22 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 12:14 - 2014-08-29 21:22 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 12:14 - 2014-08-29 21:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 12:14 - 2014-08-29 21:22 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-21 12:14 - 2014-08-24 09:14 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 12:14 - 2014-08-24 09:14 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 21:02 - 2014-08-19 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-19 21:02 - 2014-08-19 21:02 - 00000000 ____D () C:\ProgramData\ESET
2014-08-19 21:02 - 2014-08-19 21:02 - 00000000 ____D () C:\Program Files\ESET
2014-08-17 09:21 - 2014-08-17 14:35 - 00074240 _____ () C:\Users\uzivatel\Desktop\Popelková - Zapletal.xls
2014-08-17 09:21 - 2014-08-17 09:57 - 00097792 _____ () C:\Users\uzivatel\Desktop\Popelková - Zapletal 2.xls
2014-08-17 09:21 - 2014-08-17 09:57 - 00093184 _____ () C:\Users\uzivatel\Desktop\Vávra.xls
2014-08-15 07:55 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-15 07:53 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 07:53 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 13:58 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 13:58 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 13:58 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 13:57 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 13:57 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 13:57 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 13:57 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-14 13:57 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 13:57 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 13:57 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 13:57 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 13:57 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 13:57 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 13:57 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 13:57 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 13:57 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 13:57 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 13:57 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-14 13:55 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 13:55 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 13:49 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 13:49 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 13:49 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 13:49 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-14 13:49 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 13:49 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 13:49 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 13:49 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-14 13:49 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-14 13:49 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 13:49 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 13:49 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 13:49 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-14 13:49 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-14 13:49 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-09 18:16 - 2014-08-09 18:16 - 00003112 _____ () C:\Windows\System32\Tasks\{FF52B341-9A09-4AB4-ADCE-2C7B3EFBAB2C}
2014-08-04 14:35 - 2014-08-04 14:35 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-08-04 14:32 - 2014-08-04 16:59 - 00000000 ____D () C:\Recovery
2014-08-04 12:55 - 2014-08-04 12:55 - 00001586 _____ () C:\Windows\comsetup.log
2014-08-04 12:50 - 2014-08-04 13:05 - 00022863 _____ () C:\Windows\diagwrn.xml
2014-08-04 12:50 - 2014-08-04 13:05 - 00022863 _____ () C:\Windows\diagerr.xml
2014-08-03 21:06 - 2014-08-03 21:06 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-03 21:06 - 2014-08-03 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 21:05 - 2014-08-03 21:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:05 - 2014-08-03 21:06 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 21:05 - 2014-08-03 21:05 - 00000000 ____D () C:\Program Files\iPod
2014-07-31 17:29 - 2014-08-26 19:01 - 00000000 ____D () C:\Users\uzivatel\Desktop\marsa

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 08:41 - 2014-08-30 08:40 - 00018266 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2014-08-30 08:41 - 2014-08-30 08:37 - 00000000 ____D () C:\FRST
2014-08-30 08:40 - 2014-08-30 08:40 - 00041772 _____ () C:\Users\uzivatel\Desktop\FRST3.txt
2014-08-30 08:40 - 2014-08-30 08:39 - 00034826 _____ () C:\Users\uzivatel\Desktop\Addition.txt
2014-08-30 08:34 - 2014-08-30 08:34 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
2014-08-30 08:31 - 2014-08-30 08:31 - 02103808 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2014-08-30 08:29 - 2013-11-19 15:51 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 08:29 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-29 22:47 - 2013-11-02 06:06 - 01332543 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 22:31 - 2013-11-02 06:55 - 00961748 _____ () C:\Windows\system32\perfh005.dat
2014-08-29 22:31 - 2013-11-02 06:55 - 00239690 _____ () C:\Windows\system32\perfc005.dat
2014-08-29 22:31 - 2012-07-26 09:28 - 02380420 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 22:25 - 2013-12-11 19:28 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2014-08-29 22:25 - 2013-11-19 15:51 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 22:25 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 22:20 - 2014-08-29 21:52 - 00007247 _____ () C:\zoek-results.log
2014-08-29 22:19 - 2013-03-12 06:08 - 00064888 _____ () C:\Windows\PFRO.log
2014-08-29 22:19 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-29 22:13 - 2014-08-29 21:50 - 00000000 ____D () C:\zoek_backup
2014-08-29 21:50 - 2014-08-29 22:18 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-29 21:25 - 2014-07-20 16:30 - 00458752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 21:22 - 2014-08-21 12:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-29 21:22 - 2014-08-21 12:14 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-29 21:22 - 2014-08-21 12:14 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 21:22 - 2014-08-21 12:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-29 21:22 - 2013-12-12 12:10 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\CrashDumps
2014-08-29 21:22 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-29 21:21 - 2014-08-29 21:17 - 00000000 ____D () C:\AdwCleaner
2014-08-29 21:11 - 2014-08-29 21:11 - 00005450 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2014-08-29 20:53 - 2014-08-29 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 20:38 - 2014-08-29 20:38 - 00000000 ____D () C:\rsit
2014-08-29 20:38 - 2014-08-29 20:38 - 00000000 ____D () C:\Program Files\trend micro
2014-08-29 20:36 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-28 18:19 - 2013-11-19 15:57 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\vlc
2014-08-28 16:06 - 2014-07-18 12:49 - 00000000 ____D () C:\Program Files (x86)\Go HD
2014-08-27 13:32 - 2013-12-11 19:30 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2014-08-26 19:01 - 2014-07-31 17:29 - 00000000 ____D () C:\Users\uzivatel\Desktop\marsa
2014-08-24 16:53 - 2014-01-08 17:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-24 09:14 - 2014-08-21 12:14 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-24 09:14 - 2014-08-21 12:14 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 08:47 - 2014-08-28 15:50 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 08:17 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-21 07:21 - 2013-12-11 19:30 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Seznam.cz
2014-08-21 07:20 - 2013-12-11 19:30 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-08-19 21:11 - 2013-11-26 21:42 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\ESET
2014-08-19 21:02 - 2014-08-19 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-08-19 21:02 - 2014-08-19 21:02 - 00000000 ____D () C:\ProgramData\ESET
2014-08-19 21:02 - 2014-08-19 21:02 - 00000000 ____D () C:\Program Files\ESET
2014-08-19 20:40 - 2013-11-19 16:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-19 20:36 - 2013-11-19 16:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-18 09:59 - 2014-07-18 13:00 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\DVDVideoSoft
2014-08-17 14:35 - 2014-08-17 09:21 - 00074240 _____ () C:\Users\uzivatel\Desktop\Popelková - Zapletal.xls
2014-08-17 10:12 - 2013-11-19 15:49 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Deployment
2014-08-17 09:57 - 2014-08-17 09:21 - 00097792 _____ () C:\Users\uzivatel\Desktop\Popelková - Zapletal 2.xls
2014-08-17 09:57 - 2014-08-17 09:21 - 00093184 _____ () C:\Users\uzivatel\Desktop\Vávra.xls
2014-08-16 13:29 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-16 11:34 - 2013-11-19 15:53 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 08:02 - 2013-11-26 21:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-09 18:16 - 2014-08-09 18:16 - 00003112 _____ () C:\Windows\System32\Tasks\{FF52B341-9A09-4AB4-ADCE-2C7B3EFBAB2C}
2014-08-05 23:15 - 2014-01-03 19:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-05 23:15 - 2014-01-03 19:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 16:59 - 2014-08-04 14:32 - 00000000 ____D () C:\Recovery
2014-08-04 16:28 - 2014-01-03 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-04 16:01 - 2014-03-18 19:21 - 00000000 ___HD () C:\$Windows.~BT
2014-08-04 14:35 - 2014-08-04 14:35 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-08-04 13:05 - 2014-08-04 12:50 - 00022863 _____ () C:\Windows\diagwrn.xml
2014-08-04 13:05 - 2014-08-04 12:50 - 00022863 _____ () C:\Windows\diagerr.xml
2014-08-04 13:05 - 2012-07-26 09:21 - 00416389 _____ () C:\Windows\setupact.log
2014-08-04 13:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-04 13:02 - 2012-07-26 10:13 - 00003611 _____ () C:\Windows\DtcInstall.log
2014-08-04 12:55 - 2014-08-04 12:55 - 00001586 _____ () C:\Windows\comsetup.log
2014-08-04 12:55 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Registration
2014-08-03 21:06 - 2014-08-03 21:06 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-03 21:06 - 2014-08-03 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 21:06 - 2014-08-03 21:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:06 - 2014-08-03 21:05 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 21:06 - 2014-02-11 19:29 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-03 21:05 - 2014-08-03 21:05 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 20:43 - 2014-07-18 12:59 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\QuickScan
2014-08-02 02:15 - 2013-11-02 07:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:15 - 2013-11-02 07:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-23 14:06

==================== End Of Log ============================

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: NTB je zpomalen

#8 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize
  • Kód: Vybrat vše

    Start
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
    HKU\.DEFAULT\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
    HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\RunOnce: [Application Restart #1] => C:\Users\uzivatel\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-si (the data entry has 546 more characters).
    HKU\S-1-5-21-3305348813-2771938429-208643079-1001\...\MountPoints2: {458b71eb-7867-11e3-be78-e89d0ba9f37c} - "D:\OpenFiles.exe" 
    ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
    
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
    
    2014-08-30 08:40 - 2014-08-30 08:41 - 00018266 _____ () C:\Users\uzivatel\Desktop\FRST.txt
    2014-08-30 08:40 - 2014-08-30 08:40 - 00041772 _____ () C:\Users\uzivatel\Desktop\FRST3.txt
    2014-08-30 08:39 - 2014-08-30 08:40 - 00034826 _____ () C:\Users\uzivatel\Desktop\Addition.txt
    2014-08-30 08:34 - 2014-08-30 08:34 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
    2014-08-29 22:18 - 2014-08-29 21:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
    2014-08-29 21:52 - 2014-08-29 22:20 - 00007247 _____ () C:\zoek-results.log
    2014-08-29 21:50 - 2014-08-29 22:13 - 00000000 ____D () C:\zoek_backup
    2014-08-29 21:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-08-29 21:17 - 2014-08-29 21:21 - 00000000 ____D () C:\AdwCleaner
    2014-08-29 21:11 - 2014-08-29 21:11 - 00005450 _____ () C:\Users\uzivatel\Desktop\JRT.txt
    2014-08-29 20:53 - 2014-08-29 20:53 - 00000000 ____D () C:\Windows\ERUNT
    2014-08-29 20:38 - 2014-08-29 20:38 - 00000000 ____D () C:\rsit
    2014-08-29 20:38 - 2014-08-29 20:38 - 00000000 ____D () C:\Program Files\trend micro
    
    Hosts:
    Reboot:
    End
    
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Odpovědět