Zpomalený počítač, pomalé zapínání

Zpráva

Novatera · #1 Příspěvek od **Novatera** » 31 srp 2014 17:18

Dobrý den, poslední dobou se mi zdá počítač značně zpomalený, bohužel jsem nebyl nyní velice dlouhou dobu doma, takže nevím kdy to přesně nastalo abych dal například bod obnovy. Počítač se velice pomalu zpouští ( Někdy i třeba 5 - 10 min - vím pro někoho je to normální ale pamatuji si kdy jsem na zapnutí čekal 40 sec - 2 min ). Myslím že zde bude asi pár breberek.

Zde přikládám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by R at 2014-08-31 18:06:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (20%) free of 941 GB
Total RAM: 4076 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:07:06, on 31.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\Gaming Keyboard\OSD.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Program Files (x86)\GameforgeLive\gfl_client.exe
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE
C:\Program Files\trend micro\R.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0060548 - {11111111-1111-1111-1111-110611051148} - C:\Program Files (x86)\HD-V1.9\HD-V1.9-bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HulaToo - {ab65caf0-fc3b-40f8-8b88-6d096a48f659} - C:\Program Files (x86)\HulaToo\HulaToobho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\Windows\SysWOW64\nethtsrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\Windows\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update HulaToo - Unknown owner - C:\Program Files (x86)\HulaToo\updateHulaToo.exe
O23 - Service: Util HulaToo - Unknown owner - C:\Program Files (x86)\HulaToo\bin\utilHulaToo.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11873 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskeng.exe {7ED44CF8-49D3-4364-832A-82A2AAA0F262}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-10.exe" /vMUHVTT='HD-V1.9' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /tJxyO='HD-V1.9' /gxHLJeS=1000 /Khmjsabq=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /QrmGrtMqY=http://logs.infodatacloud.com /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\SysWOW64\nethtsrv.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\netupdsrv.exe
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\HulaToo\updateHulaToo.exe"
"C:\Program Files (x86)\HulaToo\bin\utilHulaToo.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1928
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Gaming Keyboard\OSD.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\Opera.exe" "C:\Users\R\Desktop\pactirik.png"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\GameforgeLive\gfl_client.exe" "/noautopatch"
"C:\Windows\system32\wuauclt.exe"
"taskhost.exe"
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE -Embedding
C:\Windows\splwow64.exe 8192
C:\Windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE -Embedding
C:\Windows\system32\msiexec.exe /V
"C:\Users\R\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-1.job - C:\Program Files (x86)\HD-V1.9\HD-V1.9-codedownloader.exe /wctdmcm /INRZpZ=task /vMUHVTT='HD-V1.9' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /cMGCQvA=1.34.7.1 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /KcfqCdY=http://js.infodatacloud.com /zqCwG=opera /agmcq='HD-V1.9' /CxkcGSgZ=http://js.clientdemocloud.com /narrgKQh /hjtAnGCZR='{"asw":[0, 64, 0]}' /WbSDW='http://update.infodatacloud.com/ie_code ... pdate.json' /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-10.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-10.exe /vMUHVTT='HD-V1.9' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /tJxyO='HD-V1.9' /gxHLJeS=1000 /Khmjsabq=93-0,102-0,104-0,178-288,179-288,180-288,223-288 /QrmGrtMqY=http://logs.infodatacloud.com /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-11.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-11.exe /UyUVonODa=E9uP+Vw3RAPkis1kxxNVFAjLf58wDvDt875DpAEKBFLLTWGHsQWF+zFC10ITA6T4pqMJBP2ojHbPfihqsQobHHWWvzd7VDFhAknb2L87sy+PwVyZnUJQgrgRp5NCxa6pMkFjSLdcalhUUk9r1hzAwfHhAWX6XMQls5emFsHMNQoa2y4cSCcQ8BVKGpVkUbgjF4FR36d4Qv8hDIemNaSoHKEPZ/4uVuWoGu/T5Y4aYjpd3OYJj3KpNsi185CmEKRWkR8Y68BuqBJyGnIFUaO+8CiETUbl7ADM1uDK97Zw0ta6yGBPNKocnuRlO0Y7Ng38iumQD7PJDwfxjubtzK6ynZ3pBMJLkIUjDIr+Wi5QwAswPuq4pqTh0JyYzQGlxT9xfgpbRSd+xuFgbU0ZY8R3xpYQcjHsmZESL8bAEHzDsdH9nQEc7kmYNeQRZc4ee7sPmdxBhv9Sbki0AKPmLEWCDXaokW3lH/vcEJ7MyBjIT2e6jveo6dScWGnm5tgHfa3mivX10hvbhSOmAOjChGVUtlZc4mwfRosBk3frAyKoKP2vZHN+aheg9Q/ySM1Y1JKd1evAtGRwwDmxz0ts3Yi2apsugq6loiEuHej8mz9heaUt8+PfHRfSbWVs8MdAQWFo7mG6inWVe9Fr4+HkRYXMutk0N26FS1ytcrMXYCHo96wxhtpxT7/zXtnREx1zqdL+yP/TuSoVRB/43cchwPG9+cS8jwqLxVEgIkjuA5oyD29F9B7kqjAU6da7rWSIR3jCTstLtO2J+crclFsWBAFYw9sZ5ev0Zj/dqOK+C5r/7o4mDbNCjTgnBIHk+ATnN9Zscf9hJNAKTl4qOPrlSZXUIVNfeZ7YtUApoHrqPeJnhGPe6xfsGwAHZ0dr3OWj0KiEES+i6lZ0+FzxL5buSHtqDYLSJRysgV+lctzBIjJJLuyzY8r0bQ5GSheDwfq6z8fCxgbyyEVCmWAUwM9a/y6oKHqrSZNvYJHD9u+lRPG60zgl5rpiimg/UNlU8W0KS7FWWVLFBWCrvdrqB3FVKCSbgzD1sgaO2NhJ5PenImA9YEPfLlG/6CFhOWARhbGAUEZ8F7ds88oZvahGFDdqdKCmzMIpsKMCTGpNYt5/DfKzNuHC3z2XwoMJWlbLAsgpVbeAEEU4VzawqmYJkT/z2mdH10C5VEs8JTu8DIb7Bnn9iYJPQVRxRx7EwOH85GZZuWccK8LVv5Bl26+VIWdIZVpWWtIIQsXwenmYPWhRoq77N8v92yJl++mWComI1CFYSD0xkOrQ3t7lCOnvIqNVm5jsslzBwEN4DGQVyAR2WbZGfIH8+qh+LYCkAiomhPEaobS+dD1DaguBhHgUo/YB6MR3IKZjg1ocuPKvCs/5SnvdEbpJXnKqi4tabPiI8s7WFk2Ohote5TA/MPyqEkCmOjHmW2XjycSai6Bh1LaJtBprRqtddpoNEDDahLoVJUcx2GSRUyj7SvuqhCcINzo4gc6c9i3tZIqbcBxR8pLTtG5wFXbHuZ77MRpk2OSLUArD/mdsSkL7PBNWkCtrk0Ez+VC2gDzHVuz+6oq6TpzJ17pI3w0abssEPmR61330BsL0n/YaUtaoE5NGUN8sH7DwpAGicisZZrS6z++Zrdus75uswRrKx0zZ+z8EAJDBSyUX3BUJ2uFZ3m0xvJIJ+KzwYitUnIR3er4DeS5Qh9qihbyMySY=
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-2.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-2.exe /YwWvhAcB /vMUHVTT='HD-V1.9' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /zyRtRsaCB=11111111-1111-1111-1111-110611051148 /zqCwG=opera /Hfiqloix /narrgKQh /WbSDW='http://update.infodatacloud.com/ie_enab ... pdate.json' /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-3.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-3.exe /UyUVonODa=UXJrb5BiGgKcYViDipC7D9ktrixqrKQwkIBGsFmWQiji6627g2WqG1ZDDmSq/+CQBNlEfRxBORRF/GMYYj3X2vevLRra4jXmnrPfv3+FGP7rc6a6P09iGuFowAZeygwENFdiMybB+wfeJxgpHAugnePDqCODc7tiXf0IKTkpCDlTFNpswrmcp37L3338Rzv8O2W7RSTICRCYam67MdleXAR+3tIjCvubZlIKh3JPi27Z1KTiVoa6nWQEHBWV8eLIOKjQPAzY1bXnCZqX7NymPJB6yWf40RNhn9WQraNb2Nly+lOfqxv7tTqKqvKax5HdrKzIqwcJesIg+V0fISomp6utJVup8KGFUcGAS8U2UpMix2pn/1u7iHCZb9shdGTA89ffqkE+AuKHI/vTS7vVI87MsccGohpPDWoJA9ajYGlB79x5SKFRLcuuk7a2Ih1WqFXFq3Z5vvUlmAmah0vCRqvRKCSrofIrNsZPb9VRvEGLwYDQVG7gG3vJxRFW00rlntGHDGX6BczayOZpsgadA3LckNgEh+JqibstGyyshmOIQT0pQ56JLeSzCUE30+M1043LVydNX6REJY16HEyMMp9jIkC12ORDJ1WfVvF2KQbcZIwu1aiZflfOOHvKoDRXPcM6ptzbirb1kjOk7uCgt0XtXC9M2T+DAfAx5nA4oj5MHnzg5Gc00XyEf/Uhd/iQJtBpc4wlVp62X4mq7wghvdCstXxpjWq33sue3/cqUnCHPcX1cbivRCDhYo+HLLOtWvzh77ReVXkpquXhZMxfVD/XEOF1mvht7xX+bPTBhKDhb4p2lQ8XjPpUHFCRsh5f8JOruE4lMJV/DVxaRfhvYBoY22JaQI6nS/Cq7+PjUDtjptRXfBUZITnNrx7FYwuZeyhMWVERRIxq6nubDX6Uo15jwvW7ahHI8H88Qyjcu/GqqcRjt+6VrgaWQkaXAs5uP85ugj4Jg9n0c4/FZcafFvHoKizj1wLjxVZ8XHGnwEngo7pfvpO4ANpWlfGrfcvKE4eXH2zUrhm2nedarYV6i+E+tiXf8ean2LeWgiX9yovM/VNL57JgV3HlAuE7XsggVKoQUAyQkAlYXathZgyyJgUi6whsaJMyMQvfc0w2Hc6YQ9ka08eQKM5SXDQB72UQ8m6qjhTQp8kfY46nVPIKQIYJLfSIOSjjwIwLbrAgU2YBo4wTdWzi7sFe8faGF2i6zOuGesdTIIXcUdNv6cQisueOICd2DdMag8ydM3JKVSZXp1iKIh1Vlr24C4u/ZWse411AlIUHukLntJEe+jy0yDLiBzDDgGo0qokz6LEo6S/qHnW0OFj3Ou3gOHg7T/CPuYvUctay2WlN4hkPONCJ9A==
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-4.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-4.exe /DAnsD /vMUHVTT='HD-V1.9' /xcYFSh='C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9.xpi' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /cMGCQvA=1.34.7.1 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /YVWtt=300 /HhCkPpIQR=d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com /hrUOtTUay=0.95 /pcvGEASqh=ad55cd0d79f24466095b3188599e8e4f86b2faf04e86f4bcfa878632814acf518com60548 /CvZQfrLv=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /60548.rdf /tJxyO='HD-V1.9' /TWQaAl='Lights out for YouTube' /dPcamqIOa='InfoHD-V1.8' /zqCwG=opera /hjtAnGCZR='{"asw":[0, 64, 0]}' /narrgKQh /qAWas /ifFjF /WbSDW='http://update.infodatacloud.com/ff_agen ... pdate.json' /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-5.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-5.exe /mRtSki /vMUHVTT='HD-V1.9' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /xBDhTPmfR=http://ipgeoapi.com/ /DfGnzcfk=http://update.infodatacloud.com /mUbPo=2 /QrmGrtMqY=http://logs.infodatacloud.com /WbSDW='http://update.infodatacloud.com/updater ... pdate.json' /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-5_user.job - C:\Program Files (x86)\HD-V1.9\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-5.exe /mRtSki /vMUHVTT='HD-V1.9' /PPaxQAJ=60548 /lbDgIs='001859' /mkeksm='0' /LkvzpvV='0' /TJhKabv=16130A7A5E114B97AB173613210AA2E7IE /KJLVpgRQK=4da8dca0403961426764cbb4272a95ec /kqhYNBGA=1_34_07_01 /HuPzCNl=1406051156 /JNqvk=http://stats.infodatacloud.com /cJTjo=http://errors.infodatacloud.com /xBDhTPmfR=http://ipgeoapi.com/ /DfGnzcfk=http://update.infodatacloud.com /mUbPo=2 /QrmGrtMqY=http://logs.infodatacloud.com /WbSDW='http://update.infodatacloud.com/updater ... pdate.json' /sVEgHa /INRZpZ='task' /PhQBUVeQ=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForR.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForR (null)
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148}]
HD-V1.9 - C:\Program Files (x86)\HD-V1.9\HD-V1.9-bho64.dll [2014-07-22 723816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-05 545264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-05 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148}]
HD-V1.9 - C:\Program Files (x86)\HD-V1.9\HD-V1.9-bho.dll [2014-07-22 537448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-08-05 453104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab65caf0-fc3b-40f8-8b88-6d096a48f659}]
HulaToo - C:\Program Files (x86)\HulaToo\HulaToobho.dll [2014-07-22 249624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-08-05 157680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-21 37888]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-08-19 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"=C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
"Spotify Web Helper"=C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-07-06 1178168]
"AdobeBridge"= []
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2014-07-16 300840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1a92553fc3706c469bd5c78793b2aa21]
C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe .. []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\6ee4f606bfbd1a4c62361754fecafaa2]
C:\Users\R\AppData\Local\Temp\interrupts.exe .. []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-02-10 61112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ6\ICQ.exe [2008-09-01 173304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
L:\Icq\ICQLite\ICQLite.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP]
C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\R\AppData\Roaming\Spotify\spotify.exe [2014-07-06 6162488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-07-06 1178168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2014-05-28 1775808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-05-30 5622512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
C:\PROGRA~1\GAMEPA~1\gpcl.exe [2011-07-29 442880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk]
C:\PROGRA~2\LOLREP~1\LOLREC~1.EXE [2012-02-25 495104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~2\Xfire\Xfire.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe []
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-08-16 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDriveTypeAutoRun"=28
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Loki\Loki.exe"="C:\Program Files\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.XFR1"=xfcodec64.dll
"vidc.XVID"=xvidvfw.dll
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-08-31 18:06:39 ----D---- C:\Program Files\trend micro
2014-08-31 18:06:38 ----D---- C:\rsit
2014-08-31 17:06:05 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2014-08-31 17:06:04 ----D---- C:\ProgramData\RogueKiller
2014-08-31 15:14:59 ----A---- C:\awh86DB.tmp
2014-08-30 17:29:50 ----A---- C:\awh1F7A.tmp
2014-08-28 21:53:48 ----A---- C:\awh61DC.tmp
2014-08-28 08:26:46 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 08:26:46 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 08:26:46 ----A---- C:\Windows\system32\gdi32.dll
2014-08-25 06:26:10 ----A---- C:\awhD561.tmp
2014-08-23 12:45:34 ----A---- C:\awhD004.tmp
2014-08-19 01:31:01 ----A---- C:\awh88F8.tmp
2014-08-15 02:03:57 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-15 02:03:57 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-15 02:03:57 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 02:03:57 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 02:03:56 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-15 02:03:56 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 02:03:31 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-15 02:03:31 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:13:01 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 02:13:01 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 02:13:01 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 02:13:01 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 02:13:01 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 02:13:01 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 02:13:00 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 02:13:00 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 02:13:00 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 02:13:00 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 02:12:56 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 02:12:56 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 02:12:46 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 02:12:46 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 02:12:46 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 02:12:46 ----A---- C:\Windows\system32\msi.dll
2014-08-14 02:12:46 ----A---- C:\Windows\system32\consent.exe
2014-08-14 02:12:46 ----A---- C:\Windows\system32\authui.dll
2014-08-14 02:12:45 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 02:12:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 02:12:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 02:12:32 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 02:12:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 02:12:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 02:12:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 02:12:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 02:12:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 02:12:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 02:12:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 02:12:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 02:12:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 02:12:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 02:12:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 02:12:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 02:12:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 02:12:25 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 02:12:25 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 02:12:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 02:12:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 02:12:24 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 02:12:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 02:12:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 02:12:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 02:12:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 02:12:23 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 02:12:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 02:12:23 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 02:12:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 02:12:22 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 02:12:22 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 02:12:22 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 02:12:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 02:12:21 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 02:12:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 02:12:20 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 02:12:20 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 02:12:20 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 02:12:19 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 02:12:19 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 02:12:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 02:12:19 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 02:12:19 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 02:12:19 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 02:12:19 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 02:12:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 02:12:18 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 02:12:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 02:12:18 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 02:11:52 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 02:11:51 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 02:11:50 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 02:11:48 ----A---- C:\Windows\system32\aeinv.dll
2014-08-14 01:33:30 ----A---- C:\awh5B29.tmp
2014-08-10 23:10:33 ----A---- C:\awh1479.tmp
2014-08-10 21:30:13 ----A---- C:\awh59E0.tmp
2014-08-08 18:33:23 ----A---- C:\awhF508.tmp
2014-08-07 19:54:14 ----A---- C:\awh7C.tmp
2014-08-07 14:24:56 ----A---- C:\awh34A.tmp
2014-08-06 18:10:42 ----A---- C:\awhF112.tmp
2014-08-06 13:58:56 ----A---- C:\awh4DB3.tmp
2014-08-03 08:33:59 ----A---- C:\awhB259.tmp

======List of files/folders modified in the last 1 month======

2014-08-31 18:06:54 ----D---- C:\Windows\Prefetch
2014-08-31 18:06:45 ----D---- C:\Windows\Temp
2014-08-31 18:06:39 ----RD---- C:\Program Files
2014-08-31 18:06:04 ----D---- C:\Users\R\AppData\Roaming\Skype
2014-08-31 17:56:43 ----D---- C:\Windows\system32\config
2014-08-31 17:15:19 ----D---- C:\Windows\Tasks
2014-08-31 17:15:19 ----D---- C:\Windows\system32\Tasks
2014-08-31 17:06:05 ----D---- C:\Windows\system32\drivers
2014-08-31 17:06:04 ----D---- C:\ProgramData
2014-08-31 15:12:17 ----A---- C:\Windows\SYSWOW64\log.txt
2014-08-31 15:11:52 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-08-31 15:09:10 ----D---- C:\Program Files (x86)\HulaToo
2014-08-29 06:25:03 ----D---- C:\Windows\winsxs
2014-08-29 06:22:58 ----D---- C:\Windows\System32
2014-08-29 06:22:58 ----AD---- C:\Windows\SysWOW64
2014-08-29 02:19:09 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-29 02:16:48 ----D---- C:\Users\R\AppData\Roaming\HpUpdate
2014-08-29 02:01:19 ----SHD---- C:\System Volume Information
2014-08-28 21:06:53 ----D---- C:\Users\R\AppData\Roaming\TS3Client
2014-08-28 08:25:03 ----D---- C:\Windows\system32\catroot
2014-08-22 02:50:40 ----D---- C:\Users\R\AppData\Roaming\HP Support Assistant
2014-08-21 20:27:06 ----SHD---- C:\Windows\Installer
2014-08-21 20:27:06 ----D---- C:\Config.Msi
2014-08-21 20:23:06 ----RD---- C:\Program Files (x86)
2014-08-21 20:22:40 ----D---- C:\Program Files (x86)\Google
2014-08-15 08:17:26 ----D---- C:\Windows\rescache
2014-08-15 06:15:37 ----D---- C:\Windows\Microsoft.NET
2014-08-15 06:15:11 ----RSD---- C:\Windows\assembly
2014-08-15 05:22:43 ----D---- C:\Windows\ehome
2014-08-15 05:22:42 ----RSD---- C:\Windows\Fonts
2014-08-15 05:22:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-15 05:22:27 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 05:22:25 ----D---- C:\Program Files\Internet Explorer
2014-08-15 05:22:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-15 05:22:22 ----D---- C:\Windows\system32\en-US
2014-08-15 05:22:22 ----D---- C:\Windows\PolicyDefinitions
2014-08-15 05:22:20 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-15 02:19:36 ----D---- C:\ProgramData\Microsoft Help
2014-08-15 02:17:21 ----D---- C:\Windows\system32\catroot2
2014-08-15 02:13:08 ----D---- C:\Windows\system32\MRT
2014-08-15 02:09:51 ----D---- C:\Windows\debug
2014-08-15 02:09:44 ----A---- C:\Windows\system32\MRT.exe
2014-08-15 02:02:32 ----SD---- C:\Windows\system32\CompatTel
2014-08-07 18:06:14 ----RD---- C:\Program Files (x86)\Skype
2014-08-06 21:28:03 ----D---- C:\ProgramData\Skype
2014-08-06 21:28:02 ----D---- C:\Program Files (x86)\Common Files
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-02 02:57:44 ----D---- C:\Program Files (x86)\GameforgeLive

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; SysWOW64\speedfan.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-07 279616]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2014-07-21 46160]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-26 99800]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-02-26 197408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-02-26 888536]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\DRIVERS\tihub3.sys [2014-02-26 136000]
R3 tixhci;TI XHCI Service; C:\Windows\system32\DRIVERS\tixhci.sys [2014-02-26 409408]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys []
S3 dump_wmimmc;dump_wmimmc; C:\Windows\system32\drivers\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2004-12-31 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-01-03 19456]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-09-20 40664]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-08-01 38632]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-01-03 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-01-03 30208]
S3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2011-10-19 423424]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 NetHttpService;Network HTTP Support Service; C:\Windows\SysWOW64\nethtsrv.exe [2014-07-21 179200]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-03-15 889664]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2014-07-16 430888]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-26 76152]
R2 ServiceUpdater;Network Support Service Updater; C:\Windows\SysWOW64\netupdsrv.exe [2014-07-21 159744]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 Update HulaToo;Update HulaToo; C:\Program Files (x86)\HulaToo\updateHulaToo.exe [2014-08-30 323352]
R2 Util HulaToo;Util HulaToo; C:\Program Files (x86)\HulaToo\bin\utilHulaToo.exe [2014-08-30 323352]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-22 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-21 116648]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-09-27 86528]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-01-07 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-01-07 79360]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-22 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-21 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-07-17 4390376]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-28 564928]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-04 1255736]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S4 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-06-24 8704]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Zde je log z Roguekiller ( v procesech jsem měl asi 94 procesů a přitom jsem neměl nic zaplého, nejvíce mi zabírali SVhosty a nějaké další processy, které jsem ani neznal, tak jsem si na netu dohledal že by mi RK mohl tyto processy zabít.)

RogueKiller V9.2.8.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : R [Práva správce]
Mód : Odebrat -- Datum : 08/31/2014 17:15:20

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 28 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE} | DhcpNameServer : 10.0.0.138 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE} | DhcpNameServer : 10.0.0.138 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE} | DhcpNameServer : 10.0.0.138 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NEVYBRÁNO
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NEVYBRÁNO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : -> NEVYBRÁNO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : -> NEVYBRÁNO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : -> NEVYBRÁNO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : -> NEVYBRÁNO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.trovi.com/?gd=&ctid=CT332219 ... 7D80&SSPV= -> NEVYBRÁNO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.trovi.com/?gd=&ctid=CT332219 ... 7D80&SSPV= -> NEVYBRÁNO
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NEVYBRÁNO
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NEVYBRÁNO
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NEVYBRÁNO

¤¤¤ naplánované úlohy : 3 ¤¤¤
[Suspicious.Path] AmiUpdXp.job -- C:\Users\R\AppData\Local\21676\a24223.exe -> VYMAZÁNO
[Suspicious.Path] \\AmiUpdXp -- C:\Users\R\AppData\Local\21676\a24223.exe -> VYMAZÁNO
[Suspicious.Path] \Hewlett-Packard\HP Support Assistant\Update Check -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe (/s /p 1) -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: NAHRÁNO) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA332 +++++
--- User ---
[MBR] f0b7624901a6d69d5951aaab4625eb68
[BSP] 8ea6679b211905a05af3f7b0dd5e7fb6 : Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 940605 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1926565888 | Size: 13162 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

============================================
RKreport_SCN_08312014_171352.log

#2 Příspěvek od **vyosek** » 31 srp 2014 17:34

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Novatera · #3 Příspěvek od **Novatera** » 31 srp 2014 17:49

Zdravím.

Už jsem to zde kdysi řešil v tomto vláknu http://forum.viry.cz/viewtopic.php?f=66&t=136597 , bohužel JTR mi na počítači rozběhnout nejde, netuším z jakého důvodu, ale po jeho spuštění ( po stisknutí libovolné klávesy, projede backup registrů a poté JTR zmizí bez jakékoliv reakce. )

Mám tedy nechat projet pc ADW bez JTR ?

#4 Příspěvek od **vyosek** » 31 srp 2014 17:57

Ano, pustte tam AdwCleaner

Novatera · #5 Příspěvek od **Novatera** » 03 zář 2014 13:55

Dobrý den zde je log ADWcleaneru:

# AdwCleaner v3.309 - Report created 03/09/2014 at 14:48:55
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : R - R-HP
# Running from : C:\Users\R\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : nethfdrv
Service Deleted : NethxxpService
Service Deleted : ServiceUpdater
[#] Service Deleted : Update HulaToo
[#] Service Deleted : Util HulaToo

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\HulaToo
Folder Deleted : C:\Program Files (x86)\HD-V1.9
Folder Deleted : C:\UseRs\R\AppData\Local\globalUpdate
Folder Deleted : C:\UseRs\R\AppData\Roaming\NCH Software
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage
File Deleted : C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal
File Deleted : C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [freegames4357@bestoffers]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [freegames4357@bestoffers]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XTTB00001.XTTB00001Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0060548.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0060548.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0060548.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0060548.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611051148}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622052248}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32C53681-8E69-4659-8320-7422685BD486}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{596EAA89-F3D2-4174-9BD9-F7D79C744CDA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644054448}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611051148}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB65CAF0-FC3B-40F8-8B88-6D096A48F659}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611051148}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622052248}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32C53681-8E69-4659-8320-7422685BD486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\HulaToo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\HD-V1.9
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\HulaToo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\HD-V1.9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD-V1.9
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HulaToo
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Google Chrome v37.0.2062.103

[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=

[ File : C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod

*************************

AdwCleaner[R1].txt - [13027 octets] - [03/09/2014 14:45:18]
AdwCleaner[S1].txt - [12264 octets] - [03/09/2014 14:48:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12325 octets] ##########

Novatera · #6 Příspěvek od **Novatera** » 03 zář 2014 14:09

Chtěl bych se zeptat, je normální že mám ve správci úloh v procesech 14x svhost.exe ?

#7 Příspěvek od **vyosek** » 04 zář 2014 12:47

Mnozstvi svhost je v poradku

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Novatera · #8 Příspěvek od **Novatera** » 04 zář 2014 13:59

Dobrý den, bohužel stejný problém jako s JRT. Program jsem se pokusil zapnout tak jak jste psal --- Spustit jako administrátor, u kurzoru se pouze objevilo kolečko jako že se něco načítá ( tak na 3 sekundy ) a nic víc se nestalo.

#9 Příspěvek od **vyosek** » 04 zář 2014 17:37

Dejte tedy log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Novatera · #10 Příspěvek od **Novatera** » 04 zář 2014 21:13

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by R (administrator) on R-HP on 04-09-2014 20:34:24
Running from C:\Users\R\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Spotify Ltd) C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() C:\Program Files (x86)\Gaming Keyboard\OSD.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\GameforgeLive\gfl_client.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Spotify Web Helper] => C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-06] (Spotify Ltd)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableChangePassword] 0
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-16] (EasyBits Software Corp.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF HKLM-x32\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\R\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test (4354) - C:\Users\R\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2013-12-19]
FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\R\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 848C3291742F4E18A844CA93A97484E90D027FC61B0B334627428510458E59B1
CHR DefaultSearchProvider: Default -> AD2699A7D94C13E2433729F9624EA8CD4278D5A4CDF21FFB8F79EC53AE5F6C9B
CHR DefaultSearchURL: Default -> 59E73B9604A45081987A7BE7626DEAFA77B3417926C65827EC9CABE84F4BFEC0
CHR Profile: C:\Users\R\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-21]
CHR Extension: (Disk Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-21]
CHR Extension: (YouTube) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-21]
CHR Extension: (Vyhledávání Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-21]
CHR Extension: (AdBlock) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-21]
CHR Extension: (HD-V1.9) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-08-22]
CHR Extension: (Skype Click to Call) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-21]
CHR Extension: (Peněženka Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-21]
CHR Extension: (Gmail) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-01-07] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-07] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-06-24] (Hi-Rez Studios) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-26] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-07] (DT Soft Ltd)
S3 dump_wmimmc; No ImagePath
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-26] (Intel Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 20:34 - 2014-09-04 20:35 - 00017386 _____ () C:\Users\R\Desktop\FRST.txt
2014-09-04 20:33 - 2014-09-04 20:34 - 00000000 ____D () C:\FRST
2014-09-04 20:33 - 2014-09-04 20:33 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 339749046 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S02E03 CZDAB.avi
2014-09-04 20:32 - 2014-09-04 20:32 - 00112640 _____ (forum.viry.cz) C:\Users\R\Desktop\FRSTLauncher.exe
2014-09-04 19:35 - 2014-09-04 19:35 - 02104832 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-09-04 14:47 - 2014-09-04 14:47 - 01288704 _____ () C:\Users\R\Desktop\zoek.exe
2014-09-04 14:47 - 2014-09-04 14:47 - 00000000 ____D () C:\zoek_backup
2014-09-03 20:45 - 2014-09-03 20:49 - 412913664 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S02E02 CZDAB.avi
2014-09-03 15:06 - 2014-09-03 15:08 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-09-03 15:06 - 2014-09-03 15:06 - 02365840 _____ () C:\Users\R\Documents\SecurityTaskManager_Setup.exe
2014-09-03 15:06 - 2014-09-03 15:06 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-09-03 14:58 - 2014-09-03 14:58 - 01016261 _____ (Thisisu) C:\Users\R\Documents\JRT.exe
2014-09-03 14:50 - 2014-09-03 14:50 - 00000310 _____ () C:\Windows\PFRO.log
2014-09-03 14:48 - 2014-09-03 14:48 - 00013027 _____ () C:\Users\R\Desktop\AdwCleaner[R1].txt
2014-09-03 14:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 14:45 - 2014-09-03 14:49 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:44 - 2014-09-03 14:44 - 01370467 _____ () C:\Users\R\Desktop\adwcleaner_3.309.exe
2014-09-02 20:42 - 2014-09-02 20:57 - 413822976 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S02E01 CZDAB.avi
2014-09-02 12:12 - 2014-09-02 12:12 - 00000687 _____ () C:\awh539B.tmp
2014-09-02 12:07 - 2014-09-04 14:51 - 00000348 _____ () C:\Windows\setupact.log
2014-09-02 12:07 - 2014-09-02 12:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-02 12:06 - 2014-09-02 12:07 - 05061752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 20:39 - 2014-09-01 20:44 - 408983552 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S01E22 CZDAB.avi
2014-09-01 20:38 - 2014-09-04 20:29 - 00000096 _____ () C:\Users\R\Documents\aionmemo_afc9c027.dat
2014-09-01 17:14 - 2014-09-01 17:14 - 00000687 _____ () C:\awhB529.tmp
2014-09-01 05:39 - 2014-09-01 05:40 - 00050363 _____ () C:\Users\R\Downloads\particka-83-charaktery-v-obalce-uncut.htm
2014-08-31 20:45 - 2014-08-31 21:08 - 406849536 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S01E21 CZDAB.avi
2014-08-31 19:48 - 2014-08-31 19:48 - 00116072 _____ () C:\Users\R\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-31 18:44 - 2014-08-31 18:44 - 00000089 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-08-31 18:37 - 2014-08-31 18:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 18:36 - 2014-08-31 18:36 - 01016261 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-08-31 18:13 - 2014-08-31 18:13 - 00050560 _____ () C:\Users\R\Desktop\info.txt
2014-08-31 18:06 - 2014-08-31 18:07 - 00000000 ____D () C:\rsit
2014-08-31 18:06 - 2014-08-31 18:07 - 00000000 ____D () C:\Program Files\trend micro
2014-08-31 17:36 - 2014-08-31 17:36 - 01222144 _____ () C:\Users\R\Desktop\RSITx64.exe
2014-08-31 17:23 - 2014-08-31 17:24 - 00008112 _____ () C:\Users\R\Desktop\roguekiller 2.txt
2014-08-31 17:16 - 2014-08-31 17:16 - 00007404 _____ () C:\Users\R\Desktop\Roguekiller.txt
2014-08-31 17:06 - 2014-08-31 17:06 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-31 17:06 - 2014-08-31 17:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-31 17:05 - 2014-08-31 17:05 - 05421656 _____ () C:\Users\R\Desktop\RogueKillerX64.exe
2014-08-30 22:11 - 2014-08-30 22:27 - 408238080 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E20 CZDAB.avi.crdownload
2014-08-30 21:25 - 2014-08-30 21:29 - 409368576 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E19 CZDAB.avi.crdownload
2014-08-30 17:29 - 2014-08-30 17:29 - 00000687 _____ () C:\awh1F7A.tmp
2014-08-28 21:53 - 2014-08-28 21:53 - 00000687 _____ () C:\awh61DC.tmp
2014-08-28 08:26 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:26 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 08:26 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 22:11 - 2014-08-26 22:14 - 407791616 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E16 CZDAB.avi.crdownload
2014-08-26 21:23 - 2014-08-26 21:32 - 408532992 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E11 CZDAB.avi.crdownload
2014-08-25 06:26 - 2014-08-25 06:26 - 00000687 _____ () C:\awhD561.tmp
2014-08-25 02:02 - 2014-08-25 02:03 - 62456936 _____ () C:\Users\R\Downloads\Kry_tof-ft_.wav
2014-08-24 20:44 - 2014-08-24 20:57 - 409071616 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E14 CZDAB.avi.crdownload
2014-08-23 23:39 - 2014-08-23 23:42 - 406749184 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E13 CZDAB.avi.crdownload
2014-08-23 12:45 - 2014-08-23 12:45 - 00000687 _____ () C:\awhD004.tmp
2014-08-22 20:49 - 2014-08-22 20:49 - 00000132 _____ () C:\Users\R\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-08-22 14:05 - 2014-08-22 14:06 - 00031286 _____ () C:\Users\R\Downloads\stažený soubor (5).htm
2014-08-21 21:13 - 2014-08-21 21:14 - 408983552 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E08 CZDAB (1).avi.crdownload
2014-08-21 20:22 - 2014-09-04 20:27 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 20:22 - 2014-09-04 20:27 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 20:22 - 2014-08-21 20:22 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-21 20:22 - 2014-08-21 20:22 - 00003686 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-21 20:22 - 2014-08-21 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-19 01:31 - 2014-08-19 01:31 - 00000687 _____ () C:\awh88F8.tmp
2014-08-16 03:45 - 2014-08-16 03:51 - 00000875 _____ () C:\Users\R\Documents\Nový textový dokument (6).txt
2014-08-15 02:03 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 02:03 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 02:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 02:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 02:03 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 02:03 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 02:03 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 02:03 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 02:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 02:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 02:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 02:13 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 02:13 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 02:13 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 02:13 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 02:13 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 02:13 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 02:13 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 02:13 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 02:13 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 02:12 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 02:12 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 02:12 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 02:12 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 02:12 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 02:12 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 02:12 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 02:12 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 02:12 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 02:12 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 02:12 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 02:12 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 02:12 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 02:12 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 02:12 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 02:12 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 02:12 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 02:12 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 02:12 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 02:12 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 02:12 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 02:12 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 02:12 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 02:12 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 02:12 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 02:12 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 02:12 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 02:12 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 02:12 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 02:12 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 02:12 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 02:12 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 02:12 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 02:12 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 02:12 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 02:12 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 02:12 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 02:12 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 02:12 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 02:12 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 02:12 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 02:12 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 02:12 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 02:12 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 02:12 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 02:12 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 02:12 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 02:12 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 02:12 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 02:12 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 02:12 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 02:12 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 02:12 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 02:12 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 02:12 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 02:12 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 02:12 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 02:12 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 02:12 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 02:12 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 02:12 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 02:12 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 02:12 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 02:12 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 02:12 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 02:12 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 02:12 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 02:12 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 02:11 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 02:11 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 02:11 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 02:11 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 01:33 - 2014-08-14 01:33 - 00000687 _____ () C:\awh5B29.tmp
2014-08-10 23:10 - 2014-08-10 23:10 - 00000687 _____ () C:\awh1479.tmp
2014-08-10 21:30 - 2014-08-10 21:30 - 00000687 _____ () C:\awh59E0.tmp
2014-08-08 18:33 - 2014-08-08 18:33 - 00000687 _____ () C:\awhF508.tmp
2014-08-07 19:54 - 2014-08-07 19:54 - 00000687 _____ () C:\awh7C.tmp
2014-08-07 14:24 - 2014-08-07 14:24 - 00000687 _____ () C:\awh34A.tmp
2014-08-06 18:10 - 2014-08-06 18:10 - 00000687 _____ () C:\awhF112.tmp
2014-08-06 13:58 - 2014-08-06 13:58 - 00000687 _____ () C:\awh4DB3.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 20:35 - 2014-09-04 20:34 - 00017386 _____ () C:\Users\R\Desktop\FRST.txt
2014-09-04 20:34 - 2014-09-04 20:33 - 00000000 ____D () C:\FRST
2014-09-04 20:33 - 2014-09-04 20:33 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 339749046 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S02E03 CZDAB.avi
2014-09-04 20:32 - 2014-09-04 20:32 - 00112640 _____ (forum.viry.cz) C:\Users\R\Desktop\FRSTLauncher.exe
2014-09-04 20:29 - 2014-09-01 20:38 - 00000096 _____ () C:\Users\R\Documents\aionmemo_afc9c027.dat
2014-09-04 20:27 - 2014-08-21 20:22 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 20:27 - 2014-08-21 20:22 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 20:15 - 2011-09-02 18:09 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-09-04 19:51 - 2014-07-22 19:46 - 00000930 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-04 19:51 - 2014-07-22 19:46 - 00000926 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00003784 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-11.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00003102 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-3.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00002162 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-4.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00001478 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-1.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00001412 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-5_user.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00001396 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-5.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00001318 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-2.job
2014-09-04 19:46 - 2014-07-22 19:46 - 00001226 _____ () C:\Windows\Tasks\ca9f61e7-52b6-468d-8e67-8d2712eae4a9-10.job
2014-09-04 19:39 - 2012-06-25 10:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 19:35 - 2014-09-04 19:35 - 02104832 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-09-04 19:32 - 2014-04-06 03:39 - 01607754 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 15:01 - 2014-07-28 19:14 - 00000000 ____D () C:\Users\R\Downloads\Gameforge Live
2014-09-04 14:59 - 2014-04-06 00:29 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-04 14:59 - 2014-04-06 00:29 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-04 14:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-04 14:51 - 2014-09-02 12:07 - 00000348 _____ () C:\Windows\setupact.log
2014-09-04 14:47 - 2014-09-04 14:47 - 01288704 _____ () C:\Users\R\Desktop\zoek.exe
2014-09-04 14:47 - 2014-09-04 14:47 - 00000000 ____D () C:\zoek_backup
2014-09-04 02:34 - 2012-11-10 09:54 - 00003162 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForR
2014-09-04 02:34 - 2012-11-10 09:54 - 00000316 _____ () C:\Windows\Tasks\HPCeeScheduleForR.job
2014-09-03 20:49 - 2014-09-03 20:45 - 412913664 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S02E02 CZDAB.avi
2014-09-03 15:10 - 2014-07-28 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-09-03 15:10 - 2014-07-28 19:13 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-09-03 15:08 - 2014-09-03 15:06 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-09-03 15:06 - 2014-09-03 15:06 - 02365840 _____ () C:\Users\R\Documents\SecurityTaskManager_Setup.exe
2014-09-03 15:06 - 2014-09-03 15:06 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-09-03 14:58 - 2014-09-03 14:58 - 01016261 _____ (Thisisu) C:\Users\R\Documents\JRT.exe
2014-09-03 14:50 - 2014-09-03 14:50 - 00000310 _____ () C:\Windows\PFRO.log
2014-09-03 14:49 - 2014-09-03 14:45 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:48 - 2014-09-03 14:48 - 00013027 _____ () C:\Users\R\Desktop\AdwCleaner[R1].txt
2014-09-03 14:44 - 2014-09-03 14:44 - 01370467 _____ () C:\Users\R\Desktop\adwcleaner_3.309.exe
2014-09-02 20:57 - 2014-09-02 20:42 - 413822976 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S02E01 CZDAB.avi
2014-09-02 12:12 - 2014-09-02 12:12 - 00000687 _____ () C:\awh539B.tmp
2014-09-02 12:07 - 2014-09-02 12:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-02 12:07 - 2014-09-02 12:06 - 05061752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 20:44 - 2014-09-01 20:39 - 408983552 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S01E22 CZDAB.avi
2014-09-01 17:14 - 2014-09-01 17:14 - 00000687 _____ () C:\awhB529.tmp
2014-09-01 05:40 - 2014-09-01 05:39 - 00050363 _____ () C:\Users\R\Downloads\particka-83-charaktery-v-obalce-uncut.htm
2014-09-01 00:25 - 2011-09-05 22:42 - 00000000 ____D () C:\Users\R\AppData\Local\CrashDumps
2014-08-31 21:08 - 2014-08-31 20:45 - 406849536 _____ () C:\Users\R\Documents\Lovci duchů - Supernatural S01E21 CZDAB.avi
2014-08-31 19:48 - 2014-08-31 19:48 - 00116072 _____ () C:\Users\R\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-31 18:44 - 2014-08-31 18:44 - 00000089 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-08-31 18:37 - 2014-08-31 18:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 18:36 - 2014-08-31 18:36 - 01016261 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-08-31 18:13 - 2014-08-31 18:13 - 00050560 _____ () C:\Users\R\Desktop\info.txt
2014-08-31 18:07 - 2014-08-31 18:06 - 00000000 ____D () C:\rsit
2014-08-31 18:07 - 2014-08-31 18:06 - 00000000 ____D () C:\Program Files\trend micro
2014-08-31 17:36 - 2014-08-31 17:36 - 01222144 _____ () C:\Users\R\Desktop\RSITx64.exe
2014-08-31 17:24 - 2014-08-31 17:23 - 00008112 _____ () C:\Users\R\Desktop\roguekiller 2.txt
2014-08-31 17:16 - 2014-08-31 17:16 - 00007404 _____ () C:\Users\R\Desktop\Roguekiller.txt
2014-08-31 17:06 - 2014-08-31 17:06 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-31 17:06 - 2014-08-31 17:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-31 17:05 - 2014-08-31 17:05 - 05421656 _____ () C:\Users\R\Desktop\RogueKillerX64.exe
2014-08-30 22:27 - 2014-08-30 22:11 - 408238080 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E20 CZDAB.avi.crdownload
2014-08-30 21:29 - 2014-08-30 21:25 - 409368576 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E19 CZDAB.avi.crdownload
2014-08-30 17:29 - 2014-08-30 17:29 - 00000687 _____ () C:\awh1F7A.tmp
2014-08-29 05:00 - 2014-03-27 17:05 - 00000000 ____D () C:\Users\R\Documents\Nová složka (2)
2014-08-29 02:19 - 2011-11-05 15:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-29 02:19 - 2011-09-10 09:40 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-29 02:16 - 2011-09-03 20:41 - 00000000 ____D () C:\Users\R\AppData\Roaming\HpUpdate
2014-08-28 21:53 - 2014-08-28 21:53 - 00000687 _____ () C:\awh61DC.tmp
2014-08-28 21:06 - 2011-09-09 23:44 - 00000000 ____D () C:\Users\R\AppData\Roaming\TS3Client
2014-08-27 20:00 - 2014-03-17 00:44 - 00000000 ____D () C:\Users\R\Documents\afsafs
2014-08-26 22:14 - 2014-08-26 22:11 - 407791616 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E16 CZDAB.avi.crdownload
2014-08-26 21:32 - 2014-08-26 21:23 - 408532992 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E11 CZDAB.avi.crdownload
2014-08-25 06:26 - 2014-08-25 06:26 - 00000687 _____ () C:\awhD561.tmp
2014-08-25 02:03 - 2014-08-25 02:02 - 62456936 _____ () C:\Users\R\Downloads\Kry_tof-ft_.wav
2014-08-24 20:57 - 2014-08-24 20:44 - 409071616 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E14 CZDAB.avi.crdownload
2014-08-23 23:42 - 2014-08-23 23:39 - 406749184 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E13 CZDAB.avi.crdownload
2014-08-23 12:45 - 2014-08-23 12:45 - 00000687 _____ () C:\awhD004.tmp
2014-08-23 04:07 - 2014-08-28 08:26 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 08:26 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 08:26 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 20:49 - 2014-08-22 20:49 - 00000132 _____ () C:\Users\R\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-08-22 14:06 - 2014-08-22 14:05 - 00031286 _____ () C:\Users\R\Downloads\stažený soubor (5).htm
2014-08-22 02:50 - 2011-09-10 09:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\HP Support Assistant
2014-08-21 21:14 - 2014-08-21 21:13 - 408983552 _____ () C:\Users\R\Downloads\Lovci duchů - Supernatural S01E08 CZDAB (1).avi.crdownload
2014-08-21 20:26 - 2011-09-19 02:00 - 00000000 ____D () C:\Users\R\AppData\Local\Google
2014-08-21 20:22 - 2014-08-21 20:22 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-21 20:22 - 2014-08-21 20:22 - 00003686 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-21 20:22 - 2014-08-21 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-21 20:22 - 2011-09-19 02:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-19 01:31 - 2014-08-19 01:31 - 00000687 _____ () C:\awh88F8.tmp
2014-08-16 03:51 - 2014-08-16 03:45 - 00000875 _____ () C:\Users\R\Documents\Nový textový dokument (6).txt
2014-08-15 08:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 05:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 02:19 - 2011-09-03 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 02:13 - 2013-07-12 06:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 02:09 - 2011-09-04 18:58 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 02:02 - 2014-04-30 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 01:33 - 2014-08-14 01:33 - 00000687 _____ () C:\awh5B29.tmp
2014-08-10 23:10 - 2014-08-10 23:10 - 00000687 _____ () C:\awh1479.tmp
2014-08-10 21:30 - 2014-08-10 21:30 - 00000687 _____ () C:\awh59E0.tmp
2014-08-08 18:33 - 2014-08-08 18:33 - 00000687 _____ () C:\awhF508.tmp
2014-08-07 19:54 - 2014-08-07 19:54 - 00000687 _____ () C:\awh7C.tmp
2014-08-07 18:06 - 2011-09-02 18:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-07 14:24 - 2014-08-07 14:24 - 00000687 _____ () C:\awh34A.tmp
2014-08-07 04:06 - 2014-08-14 02:11 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:28 - 2011-09-02 18:08 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 18:10 - 2014-08-06 18:10 - 00000687 _____ () C:\awhF112.tmp
2014-08-06 13:58 - 2014-08-06 13:58 - 00000687 _____ () C:\awh4DB3.tmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\R\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-27 08:48

==================== End Of Log ============================

____
addotion
http://leteckaposta.cz/281301958

Novatera · #11 Příspěvek od **Novatera** » 04 zář 2014 21:15

ještě dodám:

2014-08-14 01:33 - 2014-08-14 01:33 - 00000687 _____ () C:\awh5B29.tmp
2014-08-10 23:10 - 2014-08-10 23:10 - 00000687 _____ () C:\awh1479.tmp
2014-08-10 21:30 - 2014-08-10 21:30 - 00000687 _____ () C:\awh59E0.tmp
2014-08-08 18:33 - 2014-08-08 18:33 - 00000687 _____ () C:\awhF508.tmp
2014-08-07 19:54 - 2014-08-07 19:54 - 00000687 _____ () C:\awh7C.tmp
2014-08-07 14:24 - 2014-08-07 14:24 - 00000687 _____ () C:\awh34A.tmp
2014-08-06 18:10 - 2014-08-06 18:10 - 00000687 _____ () C:\awhF112.tmp
2014-08-06 13:58 - 2014-08-06 13:58 - 00000687 _____ () C:\awh4DB3.tmp

tyto data se mi v Céčku vytvářejí již nějakou dobu, - třeba ráno je smažu a oni se tam přes den zase takhle naládujou...

#12 Příspěvek od **vyosek** » 05 zář 2014 08:29

Bohuzel jsem jeste nedohledal co je vytvari

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Spotify Web Helper] => C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-06] (Spotify Ltd)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableChangePassword] 0
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File

FF HKLM-x32\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\R\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test (4354) - C:\Users\R\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2013-12-19]
FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\R\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers

CHR DefaultSearchKeyword: Default -> 848C3291742F4E18A844CA93A97484E90D027FC61B0B334627428510458E59B1
CHR DefaultSearchProvider: Default -> AD2699A7D94C13E2433729F9624EA8CD4278D5A4CDF21FFB8F79EC53AE5F6C9B
CHR DefaultSearchURL: Default -> 59E73B9604A45081987A7BE7626DEAFA77B3417926C65827EC9CABE84F4BFEC0
CHR Extension: (HD-V1.9) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-08-22]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 WinHttpAutoProxySvc; winhttp.dll [X]

S3 dump_wmimmc; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

C:\Program Files (x86)\IObit
2014-09-04 20:34 - 2014-09-04 20:35 - 00017386 _____ () C:\Users\R\Desktop\FRST.txt
2014-09-04 20:33 - 2014-09-04 20:33 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 00112640 _____ (forum.viry.cz) C:\Users\R\Desktop\FRSTLauncher.exe
2014-09-04 14:47 - 2014-09-04 14:47 - 01288704 _____ () C:\Users\R\Desktop\zoek.exe
2014-09-04 14:47 - 2014-09-04 14:47 - 00000000 ____D () C:\zoek_backup
2014-09-03 14:58 - 2014-09-03 14:58 - 01016261 _____ (Thisisu) C:\Users\R\Documents\JRT.exe
2014-09-03 14:50 - 2014-09-03 14:50 - 00000310 _____ () C:\Windows\PFRO.log
2014-09-03 14:48 - 2014-09-03 14:48 - 00013027 _____ () C:\Users\R\Desktop\AdwCleaner[R1].txt
2014-09-03 14:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 14:45 - 2014-09-03 14:49 - 00000000 ____D () C:\AdwCleaner
2014-09-03 14:44 - 2014-09-03 14:44 - 01370467 _____ () C:\Users\R\Desktop\adwcleaner_3.309.exe2014-08-31 18:37 - 2014-08-31 18:37 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 18:36 - 2014-08-31 18:36 - 01016261 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-08-31 18:13 - 2014-08-31 18:13 - 00050560 _____ () C:\Users\R\Desktop\info.txt
2014-08-31 18:06 - 2014-08-31 18:07 - 00000000 ____D () C:\rsit
2014-08-31 18:06 - 2014-08-31 18:07 - 00000000 ____D () C:\Program Files\trend micro
2014-08-31 17:36 - 2014-08-31 17:36 - 01222144 _____ () C:\Users\R\Desktop\RSITx64.exe
2014-08-31 17:23 - 2014-08-31 17:24 - 00008112 _____ () C:\Users\R\Desktop\roguekiller 2.txt
2014-08-31 17:16 - 2014-08-31 17:16 - 00007404 _____ () C:\Users\R\Desktop\Roguekiller.txt
2014-08-31 17:06 - 2014-08-31 17:06 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-31 17:06 - 2014-08-31 17:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-31 17:05 - 2014-08-31 17:05 - 05421656 _____ () C:\Users\R\Desktop\RogueKillerX64.exe

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Novatera · #13 Příspěvek od **Novatera** » 26 říj 2014 01:54

Dobrý den, strašně moc se omlouvám že jsem se neozval dříve, bohužel měl jsem to strašně nabité a teď mám zase po dlouhé době první volný týden ( Jsem pracující student na intru, takže je to opravdu pruda s časem)..

Chtěl bych se zeptat, jestli stále platí že ten fixlist, nebo jestli není lepší začít s fixováním od začátku? Počítač je stále zasekaný a v podstatě i prohlížení není plynnulé na to jaké mám "dělo". Bratr s PC operoval, ovšem výslovně jsem mu zakázal lozit na "zakázané" stránky ( Porno ) a v historii jsem taky nic nenašel, takže buď mě poslechl nebo se naučil mazat historii, to už se asi nedovim, ale nemělo by to být zasviněné víc než na začátku.

Děkuji moc za schovívavost, s pozdravem Novatera

#14 Příspěvek od **vyosek** » 26 říj 2014 08:17

Zdravim

Ano, aplikujte fixlist a uvidime co dale...

VIRY.CZ

Zpomalený počítač, pomalé zapínání

Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání

Re: Zpomalený počítač, pomalé zapínání