Problém s načítáním webových stránek, zpomalený systém

Zpráva

marino.t · #1 Příspěvek od **marino.t** » 14 lis 2014 15:11

Dobrý den,
Již delší dobu mám problém s nabíháním webových stránek. Většinou se objeví ,,tato webová stránka není k dispozici´´ po opakovaném F5 stránka naběhne, nicméně teď se do toho přidal problém s přehráváním videii např. na youtube a obecně je systém pomalejší než normálně. Předem díky za rady.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek at 2014-11-14 14:02:02
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 459 GB (64%) free of 715 GB
Total RAM: 6051 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:11, on 14.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera_crashreporter.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\MetaTrader 4 Admiral Markets AS\terminal.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Marek\AppData\Local\Apps\2.0\AM7W9805.JV2\MDY09BRE.JP9\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D564DD7-01A1-4BD7-AB36-B4DBE035F066}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{21732CF1-CF2C-4EF6-8430-55A3BD434A04}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{34C6F90D-82B8-4A81-8FAD-AA8BD0C30274}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9853 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24512544
\??\C:\Windows\system32\conhost.exe "-2080725619-1584015475-1496646795720294171482289327-682058531-1902823382942311372
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\svchost.exe -k MbnExt
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Marek\AppData\Local\Apps\2.0\AM7W9805.JV2\MDY09BRE.JP9\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --ran-launcher /crash-reporter-parent-id=5520
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=gpu-process --channel="5520.0.1744803831\81873972" --enable-proprietary-media-types-playback --crash-reporter-pid=5676 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.901.1.1000 --enable-proprietary-media-types-playback --crash-reporter-pid=5676 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.2.1218128806\522604101" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.4.670804853\137366401" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.5.205477813\1946564067" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.9.877508375\2103709791" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll" --disable-direct-npapi-requests --lang=cs --channel="5520.11.914221920\1219763427" --enable-proprietary-media-types-playback --crash-reporter-pid=5676 /prefetch:-390060480
"C:\Program Files (x86)\MetaTrader 4 Admiral Markets AS\terminal.exe"

"C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.28.640018293\531277105" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.33.1903930289\1272876140" /prefetch:673131151
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.34.1088198468\583120057" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --crash-reporter-pid=5676 --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5520.36.1266245381\2107104660" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Marek\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000.job - C:\Users\Marek\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-06 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-15 686704]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-15 2480936]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-27 1128448]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2011-03-24 3668336]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-07-27 1935120]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-09-25 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-09-25 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-09-25 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSystemDetect"=C:\Users\Marek\AppData\Local\Apps\2.0\AM7W9805.JV2\MDY09BRE.JP9\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [2014-04-16 258160]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-06 343168]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-06 4085896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-09-25 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-14 14:02:02 ----D---- C:\rsit
2014-11-14 14:02:02 ----D---- C:\Program Files\trend micro
2014-11-12 22:40:46 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 22:40:46 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 22:40:45 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 22:40:44 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 22:40:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 22:40:43 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 22:40:43 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 22:40:43 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 22:40:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 22:40:42 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 22:40:42 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 22:40:42 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 22:40:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 22:40:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 22:40:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 22:40:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 22:40:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 22:40:22 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 22:40:22 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 22:40:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 22:40:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 22:40:22 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 22:40:22 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 22:40:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 22:40:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 22:40:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 22:40:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 22:40:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 22:40:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 22:40:20 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 22:40:20 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 22:40:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 22:40:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 22:40:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 22:40:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 22:40:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 22:40:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 22:40:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 22:40:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 22:40:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 22:40:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 22:40:16 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 22:40:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 22:40:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 22:40:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 22:40:15 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 22:40:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 22:40:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 22:40:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 22:40:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 22:40:14 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 22:40:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 22:40:13 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 22:40:13 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 22:40:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 22:40:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 22:40:12 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 22:40:12 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 22:40:12 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 22:40:11 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 22:40:11 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 22:40:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 22:40:10 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 22:40:10 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 22:39:04 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 22:39:03 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 22:39:03 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 22:39:03 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 22:39:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 22:39:02 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 22:38:57 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 22:38:57 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 22:38:57 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 22:38:57 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 22:38:57 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 22:38:57 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 22:38:56 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 22:38:56 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 22:38:52 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 22:38:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 22:38:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 22:38:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 22:38:51 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 22:38:51 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 22:38:50 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 22:38:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 22:38:50 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 22:38:50 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 22:38:50 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 22:38:50 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 22:38:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 22:38:49 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 22:38:23 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 22:38:23 ----A---- C:\Windows\system32\packager.dll
2014-11-12 22:38:20 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 22:38:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 22:38:18 ----A---- C:\Windows\system32\msi.dll
2014-11-12 22:33:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 22:33:26 ----A---- C:\Windows\system32\oleaut32.dll
2014-10-23 14:53:58 ----D---- C:\Program Files (x86)\Tbccint
2014-10-23 14:53:57 ----D---- C:\ProgramData\Tbccint
2014-10-15 10:38:17 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-10-15 10:38:17 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 10:38:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 10:38:17 ----A---- C:\Windows\system32\tsgqec.dll
2014-10-15 10:38:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 10:38:16 ----A---- C:\Windows\system32\aaclient.dll
2014-10-15 10:38:15 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 10:38:14 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 10:38:14 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 10:28:45 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 10:28:45 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 10:28:45 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 10:28:45 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 10:28:45 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 10:28:45 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 10:28:31 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-10-15 10:28:31 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-10-15 10:28:31 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-10-15 10:28:31 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-10-15 10:28:31 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-15 10:28:30 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-10-15 10:28:30 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-15 10:28:30 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-15 10:28:30 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-15 10:28:30 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-15 10:11:19 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 10:11:18 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 10:11:12 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 10:11:12 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 10:11:12 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 10:11:11 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 10:11:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:11:09 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

======List of files/folders modified in the last 1 month======

2014-11-14 14:02:04 ----D---- C:\Windows\Temp
2014-11-14 14:02:02 ----D---- C:\Program Files
2014-11-14 13:16:10 ----D---- C:\Users\Marek\AppData\Roaming\Winamp
2014-11-14 12:02:19 ----D---- C:\Windows\system32\config
2014-11-14 11:54:34 ----D---- C:\Windows\inf
2014-11-14 11:54:33 ----D---- C:\Windows\debug
2014-11-14 11:54:33 ----D---- C:\Windows
2014-11-14 11:50:20 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-14 11:39:28 ----D---- C:\Windows\Tasks
2014-11-14 11:39:28 ----D---- C:\Windows\system32\Tasks
2014-11-14 11:39:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-14 11:00:28 ----D---- C:\Windows\Prefetch
2014-11-14 09:46:05 ----D---- C:\Windows\System32
2014-11-14 09:46:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-13 17:09:25 ----D---- C:\Windows\Microsoft.NET
2014-11-13 17:08:28 ----RSD---- C:\Windows\assembly
2014-11-13 14:05:29 ----D---- C:\Windows\winsxs
2014-11-13 14:02:35 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 14:02:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 14:02:34 ----D---- C:\Windows\SysWOW64
2014-11-13 14:02:33 ----D---- C:\Windows\system32\drivers
2014-11-13 14:02:33 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 14:02:33 ----D---- C:\Program Files\Internet Explorer
2014-11-13 14:02:32 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 14:02:32 ----D---- C:\Windows\system32\en-US
2014-11-13 14:02:28 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 14:01:09 ----SHD---- C:\Windows\Installer
2014-11-13 14:00:49 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 13:59:10 ----RSD---- C:\Windows\Fonts
2014-11-13 13:57:57 ----D---- C:\Windows\system32\MRT
2014-11-13 13:55:41 ----A---- C:\Windows\system32\MRT.exe
2014-11-13 13:52:44 ----SHD---- C:\System Volume Information
2014-11-12 22:38:00 ----D---- C:\Windows\system32\catroot
2014-11-12 22:37:45 ----D---- C:\Windows\system32\catroot2
2014-11-03 09:07:05 ----A---- C:\Windows\system32\MetaViewer64.dll
2014-11-02 13:09:11 ----D---- C:\Marek
2014-10-31 10:05:11 ----D---- C:\Program Files (x86)\Opera
2014-10-28 17:20:24 ----D---- C:\Windows\rescache
2014-10-28 15:09:05 ----D---- C:\Windows\system32\wdi
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 17:20:52 ----D---- C:\Windows\system32\DriverStore
2014-10-23 15:50:47 ----D---- C:\Users\Marek\AppData\Roaming\BSplayer
2014-10-23 14:53:58 ----RD---- C:\Program Files (x86)
2014-10-23 14:53:57 ----HD---- C:\ProgramData
2014-10-23 14:53:53 ----D---- C:\Program Files (x86)\Webteh
2014-10-23 14:44:57 ----D---- C:\Program Files (x86)\NCH Software
2014-10-22 21:37:11 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-06 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-06 224896]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-06 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-06 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-06 427360]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-14 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-06 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-06 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-06 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-06 10208256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-05 317952]
R3 AMPPAL;Virtuבlnם adaptיr Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 90112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-09-25 12309440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-08-03 8604672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-05-27 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-15 1402416]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 30720]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 238080]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-09-25 12309440]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-10-29 250984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-05 204288]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 1166848]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-06 50344]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-07-27 1517328]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-24 76888]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-07-27 844560]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-27 301568]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-12-03 3143472]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-11-15 277048]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-27 340240]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 14 lis 2014 15:57

Zdravim

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

marino.t · #3 Příspěvek od **marino.t** » 14 lis 2014 16:07

# AdwCleaner v4.101 - Report created 14/11/2014 at 16:04:45
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Marek - MAREK-PC
# Running from : C:\Users\Marek\Downloads\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Users\Marek\AppData\Local\Tbccint
Folder Deleted : C:\Users\Marek\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Marek\AppData\Roaming\NCH Software
File Deleted : C:\END

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKLM\SOFTWARE\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Google Chrome v

-\\ Opera v25.0.1614.68

*************************

AdwCleaner[R0].txt - [1985 octets] - [14/11/2014 16:03:39]
AdwCleaner[S0].txt - [1716 octets] - [14/11/2014 16:04:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1776 octets] ##########

#4 Příspěvek od **altrok** » 14 lis 2014 16:12

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928

Upozorneni: tento sken zabere od 30 minut po nekolik hodin

marino.t · #5 Příspěvek od **marino.t** » 14 lis 2014 19:37

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14.11.2014
Scan Time: 16:26:10
Logfile: log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.14.05
Rootkit Database: v2014.11.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marek

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 439505
Time Elapsed: 51 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\ProgramData\Tbccint\Multi\CT3329621\UninstallerUI.exe.vir, , [a80567d45e1e47ef11be289035cc47b9],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\Marek\AppData\Local\Tbccint\Community Alerts\Alert.dll.vir, , [a80555e6acd00135c20d33857e8320e0],

Physical Sectors: 0
(No malicious items detected)

(end)

#6 Příspěvek od **altrok** » 14 lis 2014 19:39

Nalezy nemazte (jiz je ma v karantene AdwCleaner)

Dejte Novy log FRST, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=13&t=133100

marino.t · #7 Příspěvek od **marino.t** » 14 lis 2014 19:56

Nejde mi stáhnout FRST Launcher hlásí to chybu připojení. Můžu sem hodit RSIT log?

#8 Příspěvek od **altrok** » 14 lis 2014 20:48

Spustte tedy jen FRST64.exe

marino.t · #9 Příspěvek od **marino.t** » 14 lis 2014 20:54

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by Marek (administrator) on MAREK-PC on 14-11-2014 20:52:21
Running from C:\Users\Marek\Downloads
Loaded Profile: Marek (Available profiles: Marek)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell) C:\Users\Marek\AppData\Local\Apps\2.0\AM7W9805.JV2\MDY09BRE.JP9\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
() C:\Program Files (x86)\Opera\25.0.1614.68\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.68\opera.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-15] ()
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel(R) Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Run: [DellSystemDetect] => C:\Users\Marek\AppData\Local\Apps\2.0\AM7W9805.JV2\MDY09BRE.JP9\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-04-16] (Dell)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {bfc03731-4a0e-11e4-8d2d-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {bfc037c4-4a0e-11e4-8d2d-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {cf382bc9-466a-11e4-b975-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {cf382bdb-466a-11e4-b975-782bcbde9b2c} - F:\Autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
SearchScopes: HKCU - {889C2F93-193E-48C6-8546-6164DAB4C7D2} URL = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1D564DD7-01A1-4BD7-AB36-B4DBE035F066}: [NameServer]
Tcpip\..\Interfaces\{21732CF1-CF2C-4EF6-8430-55A3BD434A04}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{34C6F90D-82B8-4A81-8FAD-AA8BD0C30274}: [NameServer]

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3062802622-3820419502-2305872489-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Marek\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-19]

Chrome:
=======
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-24] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-14] (Disc Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-14] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 20:52 - 2014-11-14 20:52 - 00012916 _____ () C:\Users\Marek\Downloads\FRST.txt
2014-11-14 20:51 - 2014-11-14 20:52 - 00000000 ____D () C:\FRST
2014-11-14 19:53 - 2014-11-14 19:53 - 02116608 _____ (Farbar) C:\Users\Marek\Downloads\FRST64.exe
2014-11-14 16:24 - 2014-11-14 16:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-14 16:24 - 2014-11-14 16:24 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-14 16:24 - 2014-11-14 16:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-14 16:24 - 2014-11-14 16:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-14 16:24 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-14 16:24 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-14 16:24 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-14 16:23 - 2014-11-14 16:23 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Marek\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-14 16:05 - 2014-11-14 16:05 - 00000314 _____ () C:\Windows\PFRO.log
2014-11-14 16:05 - 2014-11-14 16:05 - 00000056 _____ () C:\Windows\setupact.log
2014-11-14 16:05 - 2014-11-14 16:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-14 16:02 - 2014-11-14 16:04 - 00000000 ____D () C:\AdwCleaner
2014-11-14 16:02 - 2014-11-14 16:02 - 02140160 _____ () C:\Users\Marek\Downloads\adwcleaner_4.101.exe
2014-11-14 14:02 - 2014-11-14 14:02 - 00000000 ____D () C:\rsit
2014-11-14 14:02 - 2014-11-14 14:02 - 00000000 ____D () C:\Program Files\trend micro
2014-11-14 14:01 - 2014-11-14 14:01 - 01222144 _____ () C:\Users\Marek\Desktop\RSITx64.exe
2014-11-14 11:39 - 2014-11-14 20:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-14 11:39 - 2014-11-14 11:39 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-14 11:10 - 2014-11-14 11:13 - 908556288 _____ () C:\Users\Marek\Downloads\The.Best.Offer.2013.BRRip.XviD.CZ.MY.avi
2014-11-14 10:51 - 2014-11-14 10:51 - 00000000 __SHD () C:\Users\Marek\AppData\Local\EmieBrowserModeList
2014-11-13 14:43 - 2014-11-13 14:46 - 764055552 _____ () C:\Users\Marek\Downloads\USVIT PLANETY OPIC 2014 CZ dabing WEBRIP.avi
2014-11-12 22:40 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 22:40 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 22:40 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 22:40 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 22:40 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 22:40 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 22:40 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 22:40 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 22:40 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 22:40 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 22:40 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 22:40 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 22:40 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 22:40 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 22:40 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 22:40 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 22:40 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 22:40 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 22:40 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 22:40 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 22:40 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 22:40 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 22:40 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 22:40 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 22:40 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 22:40 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 22:40 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 22:40 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 22:40 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 22:40 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 22:40 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 22:40 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 22:40 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 22:40 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 22:40 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 22:40 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 22:40 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 22:40 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 22:40 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 22:40 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 22:40 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 22:40 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 22:40 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 22:40 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 22:40 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 22:40 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 22:40 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 22:40 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 22:40 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 22:40 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 22:40 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 22:40 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 22:40 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 22:40 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 22:40 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 22:40 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 22:40 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 22:40 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 22:40 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 22:40 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 22:40 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 22:40 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 22:40 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 22:40 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 22:40 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 22:40 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 22:40 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 22:40 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 22:39 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 22:39 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 22:39 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 22:39 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 22:39 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 22:39 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 22:38 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 22:38 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 22:38 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 22:38 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 22:38 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 22:38 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 22:38 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 22:38 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 22:38 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 22:38 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 22:38 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 22:38 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 22:38 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 22:38 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 22:38 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 22:33 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 22:33 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-06 11:09 - 2014-11-05 15:02 - 84402230 ____N () C:\Users\Marek\Desktop\Hlas0001.aac
2014-10-29 21:53 - 2014-11-10 15:28 - 00066415 _____ () C:\Users\Marek\Desktop\Bankovní spotřebitelské účelové a neúčelové úvěry.pptx
2014-10-26 17:20 - 2014-10-26 17:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2014-10-25 14:35 - 2014-10-25 14:37 - 823745342 _____ () C:\Users\Marek\Downloads\12 let v řetězech CZ DABING (2013).avi
2014-10-23 14:54 - 2014-10-23 14:54 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2014-10-23 14:54 - 2014-10-23 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2014-10-15 10:38 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:38 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 10:38 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 10:38 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-15 10:38 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 10:38 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:38 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 10:38 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 10:38 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-15 10:28 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-15 10:28 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-15 10:28 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-15 10:28 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-15 10:28 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-15 10:28 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-15 10:28 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-15 10:28 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-15 10:28 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-15 10:28 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-15 10:28 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-15 10:28 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-15 10:28 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:28 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:28 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:28 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:28 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:28 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:11 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:11 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:11 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:11 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:11 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:11 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:11 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:11 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 20:50 - 2013-08-19 21:02 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-11-14 20:50 - 2013-08-19 21:02 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-11-14 20:50 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 20:24 - 2014-06-19 07:59 - 00000562 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000.job
2014-11-14 17:42 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 17:42 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-14 17:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-14 16:10 - 2013-08-19 11:07 - 01765560 _____ () C:\Windows\WindowsUpdate.log
2014-11-14 16:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-14 14:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 13:16 - 2013-08-19 16:46 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Winamp
2014-11-14 12:26 - 2014-03-16 11:02 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E1F801AE-9ADD-4A66-9BF1-5B395538B110}
2014-11-14 11:39 - 2013-08-19 16:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-14 11:39 - 2013-08-19 16:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 10:53 - 2014-08-22 11:42 - 00000000 ____D () C:\Users\Marek\AppData\Local\Adobe
2014-11-13 14:06 - 2013-08-19 13:23 - 00084576 _____ () C:\Users\Marek\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 14:04 - 2009-07-14 05:45 - 00338600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 14:02 - 2014-05-07 09:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 14:00 - 2013-08-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 13:57 - 2013-08-19 14:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 13:55 - 2013-08-19 14:26 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 12:18 - 2013-08-20 11:07 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-11-09 20:09 - 2013-08-19 20:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-03 09:07 - 2014-10-10 12:23 - 04400264 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer64.dll
2014-11-02 13:09 - 2013-08-19 12:00 - 00000000 ____D () C:\Marek
2014-11-02 12:28 - 2014-06-19 07:59 - 00003588 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000
2014-10-31 10:05 - 2014-06-04 20:21 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1376922984
2014-10-31 10:05 - 2013-08-19 15:36 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-23 15:50 - 2013-08-19 16:38 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\BSplayer
2014-10-23 14:53 - 2013-08-19 16:38 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-10-23 08:07 - 2013-08-19 17:00 - 00000000 ____D () C:\Users\Marek\AppData\Local\Google
2014-10-22 21:37 - 2014-01-26 11:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-19 21:15 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

Some content of TEMP:
====================
C:\Users\Marek\AppData\Local\Temp\Quarantine.exe
C:\Users\Marek\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-07 08:39

==================== End Of Log ============================

marino.t · #10 Příspěvek od **marino.t** » 14 lis 2014 20:54

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02
Ran by Marek at 2014-11-14 20:53:02
Running from C:\Users\Marek\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5AF0B1A8-1EF7-0FF7-5504-4983FB76F914}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Dell System Detect (HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell System Detect Bootstrapper (HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.2.5.2 - Synaptics Incorporated)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GoToMeeting 6.4.5.1865 (HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\GoToMeeting) (Version: 6.4.5.1865 - CitrixOnline)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 4.25.00.00 - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MetaTrader 4 Admiral Markets AS (HKLM-x32\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader FIX (HKLM-x32\...\MetaTrader FIX) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Monitor technologie Intel(R) Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
PowerXpressHybrid (x32 Version: 1.00.0000 - Název společnosti:) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2013-10-31@2013-12-02 - Gemfor s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Validity Sensors DDK (HKLM\...\{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}) (Version: 4.3.108.0 - Validity Sensors, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3062802622-3820419502-2305872489-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Marek\AppData\Local\Citrix\GoToMeeting\1440\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

28-10-2014 07:57:29 Windows Update
31-10-2014 08:05:55 Windows Update
04-11-2014 08:01:56 Windows Update
11-11-2014 08:08:43 Windows Update
13-11-2014 12:52:18 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1FD84FB5-65CE-4B13-ACDF-C2444042B82C} - System32\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000 => C:\Users\Marek\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe [2014-11-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {2C6C575A-B14B-4A4A-BDC9-2280077C5D56} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {34BE43BF-80AC-4CE7-9E90-D1DD67B9D4B2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {34E82F04-2D79-48FF-ADFA-01D07D788F81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {70A3D765-0F8B-4EC8-876F-D6B49C89021F} - System32\Tasks\Opera scheduled Autoupdate 1376922984 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software)
Task: {7A29E033-E7CF-48A3-899F-3830F239CE91} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {802DBD9C-8DD9-4425-932B-D6A86019E62A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E4CC1B20-042F-47A6-97B9-46E8C80CEC78} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000.job => C:\Users\Marek\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe

==================== Loaded Modules (whitelisted) =============

2011-07-27 19:07 - 2011-07-27 19:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-09-23 14:59 - 2013-09-24 12:35 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-19 12:32 - 2010-12-15 09:46 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2011-07-27 19:07 - 2011-07-27 19:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-08-19 12:56 - 2012-11-15 01:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-05 21:36 - 2011-11-05 21:36 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-12-13 15:10 - 2011-12-13 15:10 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-10-31 10:05 - 2014-10-31 10:05 - 00500344 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\opera_crashreporter.exe
2014-08-06 17:03 - 2014-08-06 17:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-13 19:11 - 2014-11-13 19:11 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111301\algo.dll
2014-11-14 19:56 - 2014-11-14 19:56 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14111400\algo.dll
2014-08-06 17:03 - 2014-08-06 17:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-31 10:05 - 2014-10-31 10:05 - 01310328 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\libglesv2.dll
2014-10-31 10:05 - 2014-10-31 10:05 - 00219256 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\libegl.dll
2014-10-31 10:05 - 2014-10-31 10:05 - 09218680 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\pdf.dll
2014-10-31 10:05 - 2014-10-31 10:05 - 00991864 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\ffmpegsumo.dll
2014-11-14 11:39 - 2014-11-14 11:39 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3062802622-3820419502-2305872489-500 - Administrator - Disabled)
Guest (S-1-5-21-3062802622-3820419502-2305872489-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3062802622-3820419502-2305872489-1002 - Limited - Enabled)
Marek (S-1-5-21-3062802622-3820419502-2305872489-1000 - Administrator - Enabled) => C:\Users\Marek

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2014 04:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 04:05:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2760) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Marek\AppData\Local\Microsoft\Windows\WebCache\V0100041.log došlo k chybě -1811.

Error: (11/14/2014 00:04:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program terminal.exe verze 4.0.0.745 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1244

Čas spuštění: 01cffff8d1a6ed17

Čas ukončení: 66

Cesta k aplikaci: C:\Program Files (x86)\MetaTrader 4 Admiral Markets AS\terminal.exe

ID hlášení: f8bd38ae-6bed-11e4-bb7e-782bcbde9b2c

Error: (11/14/2014 11:48:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:57:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:43:53 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/13/2014 02:05:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 06:11:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program opera.exe verze 25.0.1614.63 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 55c

Čas spuštění: 01cff48c81839fd4

Čas ukončení: 358

Cesta k aplikaci: C:\Program Files (x86)\Opera\25.0.1614.63\opera.exe

ID hlášení: 7587d5ad-68fc-11e4-bdd1-782bcbde9b2c

Error: (11/06/2014 01:02:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (10/29/2014 09:55:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (11/14/2014 04:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (11/14/2014 04:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel domácích skupin byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/14/2014 04:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/14/2014 04:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient DHCP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/14/2014 04:07:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zvuk systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/14/2014 04:05:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/14/2014 04:05:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/14/2014 04:05:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/14/2014 04:05:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/14/2014 04:04:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (11/14/2014 04:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 04:05:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost2760WebCacheLocal: C:\Users\Marek\AppData\Local\Microsoft\Windows\WebCache\V0100041.log-1811

Error: (11/14/2014 00:04:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: terminal.exe4.0.0.745124401cffff8d1a6ed1766C:\Program Files (x86)\MetaTrader 4 Admiral Markets AS\terminal.exef8bd38ae-6bed-11e4-bb7e-782bcbde9b2c

Error: (11/14/2014 11:48:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:57:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 10:43:53 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/13/2014 02:05:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 06:11:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: opera.exe25.0.1614.6355c01cff48c81839fd4358C:\Program Files (x86)\Opera\25.0.1614.63\opera.exe7587d5ad-68fc-11e4-bdd1-782bcbde9b2c

Error: (11/06/2014 01:02:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (10/29/2014 09:55:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
Percentage of memory in use: 60%
Total physical RAM: 6051.16 MB
Available physical RAM: 2389.2 MB
Total Pagefile: 12100.51 MB
Available Pagefile: 7562.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:446.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7BB9FCB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#11 Příspěvek od **altrok** » 14 lis 2014 21:09

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {bfc03731-4a0e-11e4-8d2d-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {bfc037c4-4a0e-11e4-8d2d-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {cf382bc9-466a-11e4-b975-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {cf382bdb-466a-11e4-b975-782bcbde9b2c} - F:\Autorun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
SearchScopes: HKCU - {889C2F93-193E-48C6-8546-6164DAB4C7D2} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_1
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2014-11-14 14:02 - 2014-11-14 14:02 - 00000000 ____D () C:\Program Files\trend micro
2014-11-14 16:23 - 2014-11-14 16:23 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Marek\Downloads\mbam-setup-2.0.3.1025.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000.job => C:\Users\Marek\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe
Hosts:
EmptyTemp:
End

marino.t · #12 Příspěvek od **marino.t** » 14 lis 2014 22:33

Udělal jsem tak jak píšete nicméně když sem spustil znovu FRST a kliknul na FIX vyběhlo okénko ,,No fixlist.txt found. The fixlist.txt should be in the same folder/directory the tool is located.

#13 Příspěvek od **altrok** » 14 lis 2014 22:35

Protoze nemate FRST64.exe na plose

Kód: Vybrat vše

Running from C:\Users\Marek\Downloads

Presunte tedy FRST64.exe i fixlist.txt na plochu

marino.t · #14 Příspěvek od **marino.t** » 14 lis 2014 23:07

Pardon

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-11-2014 02
Ran by Marek at 2014-11-14 23:02:34 Run:1
Running from C:\Users\Marek\Desktop
Loaded Profile: Marek (Available profiles: Marek)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {bfc03731-4a0e-11e4-8d2d-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {bfc037c4-4a0e-11e4-8d2d-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {cf382bc9-466a-11e4-b975-782bcbde9b2c} - F:\Autorun.exe
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\...\MountPoints2: {cf382bdb-466a-11e4-b975-782bcbde9b2c} - F:\Autorun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
SearchScopes: HKCU - {889C2F93-193E-48C6-8546-6164DAB4C7D2} URL = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_1
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2014-11-14 14:02 - 2014-11-14 14:02 - 00000000 ____D () C:\Program Files\trend micro
2014-11-14 16:23 - 2014-11-14 16:23 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Marek\Downloads\mbam-setup-2.0.3.1025.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000.job => C:\Users\Marek\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
"HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3062802622-3820419502-2305872489-1000" => Key not found.
"HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfc03731-4a0e-11e4-8d2d-782bcbde9b2c}" => Key deleted successfully.
"HKCR\CLSID\{bfc03731-4a0e-11e4-8d2d-782bcbde9b2c}" => Key not found.
"HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfc037c4-4a0e-11e4-8d2d-782bcbde9b2c}" => Key deleted successfully.
"HKCR\CLSID\{bfc037c4-4a0e-11e4-8d2d-782bcbde9b2c}" => Key not found.
"HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf382bc9-466a-11e4-b975-782bcbde9b2c}" => Key deleted successfully.
"HKCR\CLSID\{cf382bc9-466a-11e4-b975-782bcbde9b2c}" => Key not found.
"HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf382bdb-466a-11e4-b975-782bcbde9b2c}" => Key deleted successfully.
"HKCR\CLSID\{cf382bdb-466a-11e4-b975-782bcbde9b2c}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{889C2F93-193E-48C6-8546-6164DAB4C7D2}" => Key deleted successfully.
"HKCR\CLSID\{889C2F93-193E-48C6-8546-6164DAB4C7D2}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Marek\Downloads\mbam-setup-2.0.3.1025.exe => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
"C:\Windows\AutoKMS\AutoKMS.exe" => File/Directory not found.
C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3062802622-3820419502-2305872489-1000.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 17 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#15 Příspěvek od **altrok** » 14 lis 2014 23:09

Vyborne, jak se pocitac chova ted?

Zkontrolujeme jeste stav HDD

Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_1.zip
v archivu spustte soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

VIRY.CZ

Problém s načítáním webových stránek, zpomalený systém

Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém

Re: Problém s načítáním webových stránek, zpomalený systém