Zpomalený PC -> RSIT

[GuerrCZ]

Dobrý den,
Mám zpomalený pc a potřeboval bych ho vyčistit od případné havěti

Zde RSIT log :
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2014-12-21 09:05:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 219 GB (40%) free of 554 GB
Total RAM: 8175 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:05:11, on 21.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GamingMouseEditor] "C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe" Minimum
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - Startup: Curse.lnk = admin\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10135 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=1b476607-2efb-4a62-8b52-ee640930614d /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\05003375-09f4-441c-8b6d-5f7315a4a105-1b4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss d4b1a15d-7475-46b6-a209-3960c0844164 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-13066398814919348671456226116-98022273959599800-276116007498392115-2039706208
\??\C:\Windows\system32\conhost.exe "45267269919594869181626242817-1110535633-204088373920941667032024318594100893815
WLIDSvcM.exe 2772
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe" Minimum
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=43a0f438-9d9c-495a-93cf-e52534ae082c /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\550e9a10-9368-4256-8937-4b38e86b4f23-d48-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ctfmon.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\admin\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6512.0.1889015895\434929914" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4475 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.1.1340494473\1864145765" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.2.1319381273\1414518658" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.4.1802928889\825262807" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.5.2092379580\1386973609" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.6.85967037\2083050141" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6512.9.1340053107\306878655" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.12.1179458807\524347508" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.13.308856529\1861696318" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6512.14.1872775642\495104707" /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default

prefs.js - "browser.search.suggest.enabled" - ""
prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-07 11858536]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"GamingMouseEditor"=C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe [2012-08-17 3333120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-11-07 5188112]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2014-12-08 55568]

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=60
"HideSCAHealth"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-12-21 09:05:05 ----D---- C:\rsit
2014-12-20 14:28:37 ----D---- C:\Kerbal Space Program
2014-12-19 16:55:59 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-19 16:55:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-19 06:22:54 ----SHD---- C:\Config.Msi
2014-12-17 20:39:13 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-12-17 20:37:21 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\nvopencl.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\nvoglv64.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\nvinitx.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\NvIFR64.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\NvFBC64.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-12-17 20:37:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-12-17 20:37:20 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-12-17 20:37:20 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-12-17 20:37:20 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-12-17 20:37:20 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-12-17 20:37:20 ----A---- C:\Windows\system32\nvcuvid.dll
2014-12-17 20:37:20 ----A---- C:\Windows\system32\nvcuda.dll
2014-12-17 20:37:20 ----A---- C:\Windows\system32\nvcompiler.dll
2014-12-17 19:34:36 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-12-17 19:34:36 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-12-12 15:37:21 ----D---- C:\Program Files\Stellarium
2014-12-11 15:07:48 ----D---- C:\Windows\system32\appraiser
2014-12-11 07:10:03 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 07:10:03 ----A---- C:\Windows\system32\mf.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 06:44:29 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 06:44:29 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 06:44:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 06:44:19 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 06:44:16 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 06:44:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 06:44:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 06:44:06 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 06:44:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 06:44:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 06:44:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 06:44:06 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 06:44:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 06:44:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 06:44:06 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 06:44:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 06:44:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 06:44:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 06:44:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 06:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 06:44:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 06:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 06:44:03 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 06:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 06:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 06:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 06:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 06:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 06:44:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 06:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 06:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 06:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 06:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 06:44:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 06:44:00 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 06:44:00 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 06:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 06:43:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 06:43:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 06:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 06:43:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 06:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 06:43:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 06:43:58 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 06:43:58 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 06:43:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 06:43:57 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 06:43:57 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 06:43:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 06:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 06:43:57 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 06:43:57 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 06:43:56 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 06:43:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 06:43:56 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 06:43:29 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 06:43:29 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 06:43:28 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 06:43:28 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 06:43:28 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 06:43:28 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 06:43:28 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 06:43:28 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 06:43:28 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 06:43:28 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 06:43:28 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 06:43:28 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 06:43:25 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 06:43:25 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 16:43:05 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe

======List of files/folders modified in the last 1 month======

2014-12-21 09:05:12 ----D---- C:\Windows\Prefetch
2014-12-21 09:05:10 ----D---- C:\Program Files\trend micro
2014-12-21 09:03:59 ----D---- C:\Users\admin\AppData\Roaming\Curse Client
2014-12-21 09:01:00 ----D---- C:\Windows\temp
2014-12-21 08:33:05 ----D---- C:\Windows\system32\config
2014-12-21 08:19:55 ----D---- C:\ProgramData\MFAData
2014-12-21 07:55:05 ----D---- C:\Windows
2014-12-21 07:09:22 ----D---- C:\Program Files (x86)\Steam
2014-12-21 07:09:17 ----D---- C:\Windows\inf
2014-12-21 07:09:16 ----D---- C:\Windows\debug
2014-12-21 07:02:46 ----D---- C:\Users\admin\AppData\Roaming\Raptr
2014-12-21 07:00:32 ----D---- C:\ProgramData\NVIDIA
2014-12-20 20:55:29 ----D---- C:\Users\admin\AppData\Roaming\Skype
2014-12-20 08:12:13 ----D---- C:\Windows\System32
2014-12-20 08:12:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-19 20:20:09 ----D---- C:\Windows\winsxs
2014-12-19 20:19:56 ----D---- C:\Windows\SysWOW64
2014-12-19 20:19:47 ----SHD---- C:\System Volume Information
2014-12-19 16:48:41 ----SHD---- C:\Windows\Installer
2014-12-19 16:42:56 ----D---- C:\Windows\Tasks
2014-12-19 16:42:56 ----D---- C:\Windows\system32\wfp
2014-12-19 16:42:56 ----D---- C:\Windows\system32\DriverStore
2014-12-19 16:42:56 ----D---- C:\Windows\system32\catroot2
2014-12-19 16:42:55 ----D---- C:\Windows\system32\Tasks
2014-12-19 16:42:54 ----D---- C:\Program Files\NVIDIA Corporation
2014-12-19 16:42:53 ----D---- C:\Program Files (x86)\Hi-Rez Studios
2014-12-19 16:42:51 ----D---- C:\Windows\system32\wbem
2014-12-19 16:42:51 ----D---- C:\Windows\registration
2014-12-17 20:38:18 ----D---- C:\Windows\system32\drivers
2014-12-17 06:43:17 ----A---- C:\Windows\system32\HRUPPROG.TXT
2014-12-13 15:35:02 ----D---- C:\Windows\rescache
2014-12-13 01:12:24 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-12-13 01:12:24 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-12-13 01:12:12 ----A---- C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12:12 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-12-12 15:37:21 ----RD---- C:\Program Files
2014-12-11 15:07:49 ----SD---- C:\Windows\system32\CompatTel
2014-12-11 15:07:49 ----D---- C:\Windows\AppCompat
2014-12-11 15:07:48 ----SD---- C:\ProgramData\Microsoft
2014-12-11 15:07:47 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-11 15:07:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-11 15:07:47 ----D---- C:\Program Files\Internet Explorer
2014-12-11 15:07:46 ----D---- C:\Windows\system32\en-US
2014-12-11 15:07:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-11 15:07:46 ----D---- C:\Windows\PolicyDefinitions
2014-12-11 15:07:46 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 07:14:52 ----D---- C:\ProgramData\Microsoft Help
2014-12-11 07:14:06 ----D---- C:\Windows\system32\MRT
2014-12-11 07:11:22 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 21:38:45 ----D---- C:\Program Files\SUPERAntiSpyware
2014-12-10 18:47:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-10 13:41:07 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2014-12-10 13:41:05 ----D---- C:\Users\admin\AppData\Roaming\TS3Client
2014-12-10 13:37:45 ----D---- C:\Windows\Logs
2014-12-09 06:37:33 ----D---- C:\Program Files (x86)\Raptr
2014-11-27 17:15:33 ----D---- C:\ProgramData\Hi-Rez Studios
2014-11-26 17:37:53 ----D---- C:\Counter-Strike 1.6
2014-11-22 11:46:30 ----A---- C:\Windows\system32\nvaudcap64v.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-29 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-22 381440]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-10-24 237848]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-20 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-03-21 49952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-28 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-07 2890984]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-16 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-09-24 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-12-21 30528]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-08-25 172344]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-11-07 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-11-07 3247120]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-11-07 289328]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-12-15 9216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-29 76152]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-31 116648]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-11-06 610688]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-11-19 182304]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-31 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[GuerrCZ]

# AdwCleaner v4.105 - Report created 21/12/2014 at 10:40:41
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\AVG\AVG10\Toolbar
Folder Deleted : C:\Program Files (x86)\GotClip
Folder Deleted : C:\Users\admin\AppData\Local\CrashRpt
Folder Deleted : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Key Deleted : HKCU\Software\Classes\MIME\Database\Content Type\application/x-pokkidownloadhelper
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\624342E2D3A94BE5A47DB9E254A55144
Key Deleted : HKCU\Software\GetPrivate

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v9.0.1 (cs)


-\\ Google Chrome v39.0.2171.95


-\\ Chromium v


*************************

AdwCleaner[R2].txt - [2221 octets] - [21/12/2014 10:38:24]
AdwCleaner[S2].txt - [2015 octets] - [21/12/2014 10:40:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2075 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[GuerrCZ]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.12.2014
Čas skenování: 13:23:19
Protokol: dsasadasd.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.21.02
Databáze rootkitů: v2014.12.14.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: admin

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 650828
Uplynulý čas: 1 hod, 57 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 1
PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, , [4a2c2342a4d838fef9e6be987390ef11],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[Márty84]

Nalez hodte do karanteny, pak muzete MBAM odinstalovat.

Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[GuerrCZ]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by admin (administrator) on ADMIN-PC on 21-12-2014 16:25:00
Running from C:\Users\admin\Desktop
Loaded Profile: admin (Available profiles: admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Curse, Inc) C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_encoder_server-90652.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11858536 2011-06-07] (Realtek Semiconductor)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\...\Run: [GamingMouseEditor] => C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe [3333120 2012-08-17] ()
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {18E128BE-23DF-43AA-B7E8-39B281D3B273} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {19BB1D2D-3D1A-45CE-B9C9-0B02CB4BBE79} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {33D8DCAE-DB5A-48BB-A4CB-56CC355BBC7C} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {3999A50A-EE8B-40C5-9FAC-87BEA3F78A60} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {676DE352-54FE-4439-8EBC-2F74DBD03EB7} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {71C1095D-B2A0-4549-AC26-D1004A7A8FE5} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {91D73228-6611-417c-83E2-D232220544CE} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {A7C4C61A-AAD9-4BC2-967A-296E63C840E7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {B1D5E8A3-91DE-42D9-9AAD-731FA75B4EF9} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-1666673100-261464351-4097836267-1000 -> {E75ECBAC-DB98-4013-BC29-50DDCDB9F41B} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1666673100-261464351-4097836267-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-02]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\extensions\extension@linkeyproject.com [Not Found]
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\extensions\faststartff@gmail.com [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.cz/webhp?sourceid=ch ... 2&ie=UTF-8
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1413281188&from=adks&uid=ST31000524AS_6VPGX3HRXXXX6VPGX3HR"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26]
CHR Extension: (Adguard AdBlocker) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2014-07-18]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26]
CHR Extension: (Battlefield Heroes) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-10-03]
CHR Extension: (Adblock Plus) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-15]
CHR Extension: (Adblock na Youtube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-05-26]
CHR Extension: (Vyhledávání Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26]
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-18]
CHR Extension: (Adblock Advisor) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplojogpbcbnjoemcalepfmbcpnkpjjo [2014-07-18]
CHR Extension: (Peněženka Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-25] (SUPERAntiSpyware.com)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-11-07] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [610688 2014-11-06] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-19] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-12-15] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-21] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-28] (Disc Soft Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-12-21] ()
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-22] (Duplex Secure Ltd.)
U3 aplq666w; C:\Windows\System32\Drivers\aplq666w.sys [0 ] (Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 16:25 - 2014-12-21 16:25 - 00021433 _____ () C:\Users\admin\Desktop\FRST.txt
2014-12-21 16:24 - 2014-12-21 16:25 - 00000000 ____D () C:\FRST
2014-12-21 16:24 - 2014-12-21 16:24 - 00029696 _____ () C:\Users\admin\AppData\Local\MSGBOX.EXE
2014-12-21 16:24 - 2014-12-21 16:24 - 00015327 _____ () C:\Users\admin\Desktop\LM.bat
2014-12-21 16:23 - 2014-12-21 16:23 - 02122240 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-12-21 16:23 - 2014-12-21 16:23 - 00112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher (1).exe
2014-12-21 13:22 - 2014-12-21 13:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-21 13:22 - 2014-12-21 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-21 13:22 - 2014-12-21 13:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-21 13:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-21 13:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-21 13:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-21 10:41 - 2014-12-21 10:41 - 00000318 _____ () C:\Windows\PFRO.log
2014-12-21 10:38 - 2014-12-21 10:40 - 00000000 ____D () C:\AdwCleaner
2014-12-21 09:05 - 2014-12-21 09:05 - 00000000 ____D () C:\rsit
2014-12-21 07:55 - 2014-12-21 11:03 - 00001288 _____ () C:\Windows\setupact.log
2014-12-21 07:55 - 2014-12-21 07:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-20 14:30 - 2014-12-20 14:30 - 00000690 _____ () C:\Users\Public\Desktop\Kerbal Space Program.lnk
2014-12-20 14:30 - 2014-12-20 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerbal Space Program
2014-12-20 14:28 - 2014-12-20 15:16 - 00000000 ____D () C:\Kerbal Space Program
2014-12-19 16:55 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 16:55 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 20:39 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-17 20:37 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-17 20:37 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-17 20:37 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-17 19:34 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-17 19:34 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-17 14:17 - 2014-12-17 14:17 - 00248097 _____ () C:\Users\admin\Desktop\Shuttle Replica 07.craft
2014-12-12 15:37 - 2014-12-12 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2014-12-12 15:37 - 2014-12-12 16:19 - 00000000 ____D () C:\Program Files\Stellarium
2014-12-11 15:07 - 2014-12-11 15:07 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 07:10 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 07:10 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 06:44 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 06:44 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 06:44 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 06:44 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 06:44 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 06:44 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 06:44 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 06:44 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 06:44 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 06:44 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 06:44 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 06:44 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 06:44 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 06:44 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 06:44 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 06:44 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 06:44 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 06:44 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 06:44 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 06:44 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 06:44 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 06:44 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 06:44 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 06:44 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 06:44 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 06:44 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 06:44 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 06:44 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 06:44 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 06:44 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 06:44 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 06:44 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 06:44 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 06:44 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 06:44 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 06:44 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 06:44 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 06:44 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 06:44 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 06:44 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 06:44 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 06:44 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 06:44 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 06:44 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 06:44 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 06:44 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 06:44 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 06:43 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 06:43 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 06:43 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 06:43 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 06:43 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 06:43 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 06:43 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 06:43 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 06:43 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 06:43 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 06:43 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 06:43 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 06:43 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 06:43 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 06:43 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 06:43 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 06:43 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 06:43 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 06:43 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 06:43 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 06:43 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 06:43 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 06:43 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 06:43 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 06:43 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 06:43 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 06:43 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 06:43 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 06:43 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 06:43 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 06:43 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 06:43 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 16:43 - 2014-11-19 16:11 - 00182304 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-11-27 17:15 - 2014-11-27 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 16:25 - 2014-10-25 17:27 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Curse Client
2014-12-21 16:18 - 2011-12-22 10:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-21 15:47 - 2014-10-28 08:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 15:42 - 2014-10-28 08:26 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 15:33 - 2014-01-22 13:07 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA1E35AC-6D37-4442-BB83-DBA286BEA0AF}
2014-12-21 14:44 - 2014-08-28 20:44 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Raptr
2014-12-21 13:00 - 2014-08-25 13:11 - 01799616 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 10:50 - 2009-07-14 05:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 10:50 - 2009-07-14 05:45 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 10:42 - 2014-10-28 08:26 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-21 10:42 - 2011-12-21 14:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-21 10:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 09:05 - 2014-10-18 09:38 - 00000000 ____D () C:\Program Files\trend micro
2014-12-21 07:09 - 2013-08-06 16:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-20 20:55 - 2011-12-26 14:59 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2014-12-20 08:12 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-12-20 08:12 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-20 08:12 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-19 16:42 - 2014-04-21 11:00 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-12-19 16:42 - 2011-12-21 14:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-19 16:42 - 2011-12-21 13:51 - 00000000 ____D () C:\Users\admin
2014-12-19 16:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-17 20:39 - 2012-11-19 06:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-17 06:43 - 2014-01-06 14:19 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-12-13 15:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 01:12 - 2014-06-29 09:26 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-29 09:26 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2014-01-18 08:16 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-01-18 08:16 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-11 15:07 - 2014-05-06 17:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 15:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 15:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 07:14 - 2013-07-29 23:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 07:14 - 2011-12-22 10:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 07:11 - 2011-12-27 07:37 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 21:38 - 2014-03-10 16:15 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-10 18:47 - 2012-04-12 06:00 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 18:47 - 2012-04-12 05:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 18:47 - 2011-12-26 14:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 13:41 - 2013-12-29 16:12 - 00000000 ____D () C:\Users\admin\AppData\Roaming\uTorrent
2014-12-10 13:41 - 2013-05-14 18:19 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TS3Client
2014-12-09 06:37 - 2014-08-27 15:22 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-11-27 17:15 - 2013-12-20 13:20 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-11-26 17:37 - 2014-10-25 16:36 - 00000000 ____D () C:\Counter-Strike 1.6
2014-11-22 11:46 - 2014-01-18 08:11 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-11-22 10:17 - 2012-04-14 18:41 - 00000000 ____D () C:\Users\admin\Documents\My Games

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\admin\AppData\Local\Temp\nvStInst.exe
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 16:14

==================== End Of Log ============================

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1666673100-261464351-4097836267-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1413281188&from=adks&uid=ST31000524AS_6VPGX3HRXXXX6VPGX3HR"

2014-12-21 15:47 - 2014-10-28 08:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 15:42 - 2014-10-28 08:26 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 10:42 - 2014-10-28 08:26 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[GuerrCZ]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-12-2014 01
Ran by admin at 2014-12-21 19:46:47 Run:1
Running from C:\Users\admin\Desktop
Loaded Profile: admin (Available profiles: admin)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1666673100-261464351-4097836267-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1413281188&from=adks&uid=ST31000524AS_6VPGX3HRXXXX6VPGX3HR"

2014-12-21 15:47 - 2014-10-28 08:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 15:42 - 2014-10-28 08:26 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 10:42 - 2014-10-28 08:26 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1666673100-261464351-4097836267-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.3 GB temporary data.

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.




18.1. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975