blbne notebook

[hankeys]

zdravím, začalo to tím, že noťas se nechtěl vypnout, muselo se natvrdo. Po odinstalování ESETu, již vypínat šel. Dnes mi přestaly jít zvuky u videí, videa jdou přehrát pouze ve VLC, ve WMP nikoliv. prosím o kontrolu logu, asi sem něco chytil. Díky
---------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Hankeys at 2014-12-17 14:48:50
Microsoft Windows 8.1 Pro
System drive C: has 334 GB (84%) free of 399 GB
Total RAM: 8091 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:48:56, on 17. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
C:\Program Files (x86)\O2\Nori\Nori.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Hankeys.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleContactSync] "C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533] "C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Global Startup: Aggiorna ESET license.lnk = C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{828869BE-0E61-40AC-AA70-946A4AC26021}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem2.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11069 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
dashost.exe {02fc9e9b-efa4-4d59-aad615aabc363faf}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss d4962519-0ff0-4c14-87d3-5df619193165 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
\??\C:\Windows\system32\conhost.exe 0x4
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\Explorer.EXE
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2a802da7-5a11-49f4-bbb3-c9b304808acc -SystemEventPortName:HostProcess-751df316-d43f-40e3-a900-2d8de0a9943a -IoCancelEventPortName:HostProcess-111b3e53-f7dd-4d88-843d-7ab7183f8cc5 -NonStateChangingEventPortName:HostProcess-e3cd8ef2-bcd1-40b6-ab6e-9809e7d72250 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ae91abc6-023b-4dd6-865b-bc3a8ba03a35 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe"
"C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe"
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="688.0.538028201\180606833" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.1.1808949779\985656025" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.2.1729754912\663437965" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.3.656429785\936519267" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.4.788294465\163248898" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.5.1735209532\1945757703" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.6.97675095\12771192" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.7.902968164\120552269" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.8.1230616642\506030047" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.9.2135265006\1018365581" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.10.334056495\1222933965" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.11.937408414\1676103339" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.12.404656186\131289266" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.14.1019703430\300678434" /prefetch:673131151
"C:\Program Files (x86)\O2\O2CZ\EMMSN.exe"
"C:\Program Files (x86)\O2\Nori\Nori.exe" -Embedding
"C:\Program Files\Altap Salamander\salamand.exe"
"C:\Program Files\Altap Salamander\utils\salmon.exe" "Salmon95E" "czech.slg"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.17.1510125211\413103374" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.21.1765841693\206081021" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.22.731655110\1297027802" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.24.338684365\253289988" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.25.60197404\1858640893" /prefetch:673131151
"C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A9_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="688.26.1073553946\2042186823" /prefetch:673131151
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"D:\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job - C:\Users\Hankeys\AppData\Local\Citrix\GoToMeeting\2093\g2mupdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job - C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job - C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08 163720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08 141192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-07 1321688]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"ACPW07EN"=C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [2014-03-18 1813832]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Google Update"=C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-10 116648]
"GoogleContactSync"=C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe [2014-11-28 1722368]
"GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533"=C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe [2014-12-06 856904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2014-05-08 3499896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aggiorna ESET license.lnk - C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-17 14:48:50 ----D---- C:\rsit
2014-12-17 14:48:50 ----D---- C:\Program Files\trend micro
2014-12-16 11:07:38 ----A---- C:\Windows\ntbtlog.txt
2014-12-16 07:19:47 ----D---- C:\Windows\Minidump
2014-12-15 07:55:26 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-12-15 07:55:26 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-12-15 07:54:52 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-15 07:54:52 ----A---- C:\Windows\system32\crypt32.dll
2014-12-15 07:54:36 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-15 07:54:36 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-13 14:53:06 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-13 14:53:06 ----A---- C:\Windows\system32\poqexec.exe
2014-12-13 14:52:45 ----A---- C:\Windows\system32\mshtml.dll
2014-12-13 14:52:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-13 14:52:36 ----A---- C:\Windows\system32\ieframe.dll
2014-12-13 14:52:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-13 14:52:34 ----A---- C:\Windows\system32\jscript9.dll
2014-12-13 14:52:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-13 14:52:33 ----A---- C:\Windows\system32\wininet.dll
2014-12-13 14:52:32 ----A---- C:\Windows\system32\urlmon.dll
2014-12-13 14:52:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-13 14:52:31 ----A---- C:\Windows\system32\iertutil.dll
2014-12-13 14:52:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-13 14:52:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-13 14:52:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-13 14:52:27 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-13 14:52:26 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-13 14:52:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-13 14:52:26 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-13 14:52:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-13 14:52:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-13 14:52:25 ----A---- C:\Windows\system32\vbscript.dll
2014-12-13 14:52:25 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-13 14:52:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-13 14:52:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-13 14:52:24 ----A---- C:\Windows\system32\iepeers.dll
2014-12-13 14:52:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-12-13 14:52:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-13 14:52:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-13 14:52:23 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-12-13 14:52:23 ----A---- C:\Windows\system32\webcheck.dll
2014-12-13 14:52:23 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-13 14:52:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-13 14:52:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-13 14:52:22 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-12-13 14:52:22 ----A---- C:\Windows\system32\jscript.dll
2014-12-13 14:52:22 ----A---- C:\Windows\system32\inetcomm.dll
2014-12-13 14:37:50 ----D---- C:\Program Files (x86)\GO Contact Sync Mod
2014-12-13 14:34:34 ----AC---- C:\Windows\system32\drivers\sdbus.sys
2014-12-13 14:34:34 ----AC---- C:\Windows\system32\drivers\intelpep.sys
2014-12-13 14:34:34 ----AC---- C:\Windows\system32\drivers\dumpsd.sys
2014-12-13 14:34:34 ----A---- C:\Windows\system32\drivers\pdc.sys
2014-12-13 14:34:22 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-13 14:34:22 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-05 19:08:27 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-05 19:05:58 ----SHD---- C:\Config.Msi
2014-11-29 10:54:15 ----D---- C:\Windows\SYSWOW64\NV
2014-11-29 10:54:15 ----D---- C:\Windows\system32\NV
2014-11-29 10:50:58 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-29 10:50:58 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-29 10:50:57 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-29 10:50:57 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-29 10:50:57 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-29 10:50:57 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-29 10:50:57 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-29 10:50:57 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-29 10:50:57 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-29 10:50:57 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-11-29 10:50:57 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-29 10:50:56 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-29 10:50:56 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-29 10:50:56 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-29 10:50:56 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-29 10:50:56 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-29 10:50:56 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-29 10:50:56 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-29 10:50:56 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-11-29 10:50:56 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-11-29 10:50:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-29 10:50:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-29 10:50:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-29 10:50:55 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-29 10:50:55 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-29 10:50:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-29 10:50:54 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-29 10:50:54 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-29 10:37:17 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-11-29 10:37:17 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-11-29 10:37:17 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-11-29 10:37:17 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-11-29 10:37:13 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-11-29 10:37:13 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-11-29 10:36:57 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-29 10:36:57 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-24 08:48:38 ----D---- C:\Flashtool
2014-11-19 08:09:12 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 08:09:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 08:09:12 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 08:09:12 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 20:47:50 ----A---- C:\Windows\system32\FM20.DLL

======List of files/folders modified in the last 1 month======

2014-12-17 14:48:50 ----RD---- C:\Program Files
2014-12-17 14:40:08 ----D---- C:\Windows\Prefetch
2014-12-17 14:38:48 ----D---- C:\Users\Hankeys\AppData\Roaming\vlc
2014-12-17 14:00:00 ----D---- C:\Windows\system32\sru
2014-12-17 13:35:41 ----D---- C:\Users\Hankeys\AppData\Roaming\ClassicShell
2014-12-17 11:23:19 ----D---- C:\Windows\Tasks
2014-12-17 10:07:02 ----D---- C:\Windows\Temp
2014-12-17 08:58:15 ----D---- C:\Windows\system32\config
2014-12-17 08:57:02 ----D---- C:\Windows\rescache
2014-12-17 08:44:55 ----D---- C:\Windows\system32\DriverStore
2014-12-17 08:40:04 ----D---- C:\Windows\Microsoft.NET
2014-12-17 07:19:37 ----RD---- C:\Windows\System32
2014-12-17 07:19:37 ----D---- C:\Windows\Inf
2014-12-17 07:19:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-16 14:14:43 ----A---- C:\Windows\system32\MetaViewer64.dll
2014-12-16 11:10:04 ----SHD---- C:\Windows\Installer
2014-12-16 11:10:04 ----D---- C:\Windows\system32\drivers
2014-12-16 11:10:04 ----D---- C:\Windows
2014-12-16 10:06:49 ----D---- C:\Users\Hankeys\AppData\Roaming\GoContactSyncMOD
2014-12-16 07:18:28 ----D---- C:\Windows\system32\LogFiles
2014-12-16 07:15:08 ----HD---- C:\ProgramData
2014-12-16 07:14:14 ----RD---- C:\Users
2014-12-16 07:13:30 ----D---- C:\Windows\WinSxS
2014-12-15 15:46:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-15 15:46:51 ----D---- C:\Windows\SysWOW64
2014-12-15 15:46:51 ----D---- C:\Windows\system32\cs-CZ
2014-12-15 15:46:49 ----D---- C:\Windows\PolicyDefinitions
2014-12-15 15:46:49 ----D---- C:\Program Files\Internet Explorer
2014-12-15 15:46:49 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-15 08:42:14 ----SHD---- C:\System Volume Information
2014-12-15 08:39:01 ----HD---- C:\Program Files\WindowsApps
2014-12-15 08:39:01 ----D---- C:\Windows\AppReadiness
2014-12-15 08:38:21 ----D---- C:\Windows\CbsTemp
2014-12-15 08:37:38 ----D---- C:\Windows\system32\sr-Latn-RS
2014-12-15 08:37:38 ----D---- C:\Windows\system32\sr-Latn-CS
2014-12-15 08:36:26 ----RSD---- C:\Windows\assembly
2014-12-15 08:36:10 ----D---- C:\ProgramData\Microsoft Help
2014-12-15 08:32:54 ----D---- C:\Windows\system32\MRT
2014-12-15 08:28:37 ----A---- C:\Windows\system32\MRT.exe
2014-12-13 14:47:33 ----D---- C:\Windows\system32\catroot2
2014-12-13 14:37:50 ----RD---- C:\Program Files (x86)
2014-12-13 14:35:32 ----D---- C:\Windows\system32\appmgmt
2014-12-10 08:25:10 ----D---- C:\Users\Hankeys\AppData\Roaming\Adobe
2014-12-03 17:24:50 ----D---- C:\Windows\system32\Tasks
2014-12-03 13:40:28 ----D---- C:\2014
2014-12-01 08:32:50 ----D---- C:\Windows\system32\NDF
2014-11-29 10:54:12 ----D---- C:\ProgramData\NVIDIA
2014-11-29 10:13:33 ----D---- C:\ProgramData\Package Cache
2014-11-29 09:56:24 ----D---- C:\ProgramData\Orbit
2014-11-26 22:10:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-24 08:53:07 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-11-13 31560]
R1 dtsoftbus01;@oem12.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-09-09 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 bcbtums;@oem2.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-09-04 170712]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 Huawei;@oem21.inf,%Huawei.DeviceDesc%;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
R3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-05-20 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-05-06 27032]
R3 JMCR;JMCR; C:\Windows\System32\drivers\jmcr.sys [2012-06-22 174176]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows 8; C:\Windows\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-11-13 13213512]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-14 34544]
R3 SynTP;@oem10.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-08-14 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 btwampfl;@oem2.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2013-09-04 166104]
S3 ggflt;@oem32.inf,%SvcFltDesc%;SEMC USB Flash Driver Filter; C:\Windows\System32\drivers\ggflt.sys [2013-02-13 14448]
S3 ggsemc;@oem32.inf,%SvcDesc%;SEMC USB Flash Driver; C:\Windows\System32\drivers\ggsemc.sys [2013-02-13 27760]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-05-06 38296]
S3 WinDivert1.1;WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [2014-09-09 35376]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-05-20 314696]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S2 BcmBtRSupport;@oem2.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-09-04 2252504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-10 116648]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-03-02 977088]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-05-20 278344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-10 116648]

-----------------EOF-----------------

[Márty84]

Zdravim

Ten Eset legalni nebyl, ze?


Nainstalujte nejaky free antivir, treba Avast.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[hankeys]

eset léčen minodloginem...
-----------------------------------------
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17. 12. 2014
Scan Time: 15:12:55
Logfile: log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.17.02
Rootkit Database: v2014.12.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Hankeys

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 504919
Time Elapsed: 1 hr, 0 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.OpenCandy, C:\Users\Hankeys\AppData\Roaming\OpenCandy, , [7b6bd192a1db88ae530ca47a28dbb14f],
PUP.Optional.OpenCandy, C:\Users\Hankeys\AppData\Roaming\OpenCandy\EF2042904B7C4A92A58A2D3D63100A9C, , [7b6bd192a1db88ae530ca47a28dbb14f],

Files: 13
Riskware.Keygen, C:\Program Files\ACD Systems\ACDSee Pro\7.0\core_keygen.exe, , [63830f54f7859d990fdd8ccae818e61a],
Riskware.KG, C:\Program Files (x86)\ESET\MiNODLogin\uninst.exe, , [53936df65c2087af3488324539c7b24e],
Trojan.Agent.CK, C:\Users\Hankeys\AppData\Local\Temp\~nsu.tmp\Au_.exe, , [8a5c8ad95b219e982bf4aad9f70eff01],
Riskware.Injector.DC, D:\CPU FIX.rar, , [82646af9502c38feea77dc19b9487f81],
Trojan.Agent, D:\APLIKACE\BSP.2.67.1076_softarchive.net.rar, , [499d81e2afcdf541cb684dfd9270c937],
PUP.Optional.OpenCandy, D:\APLIKACE\DTLite4491-0356.exe, , [8f57f37098e442f4a82898ff4abb22de],
PUP.Optional.OpenCandy, D:\APLIKACE\FreeFileSync_6.9_Windows_Setup.exe, , [bb2b4b18ee8ea4926769cbcca263b749],
Riskware.Keygen, D:\APLIKACE\ACD.Systems.ACDSee.Pro.v7.1.164.x64.Incl.Keymaker-CORE\core_keygen.exe, , [13d33d2697e541f528c4b79f77897090],
CrackTool.Agent, D:\APLIKACE\Adobe Acrobat XI Pro 11.0.7 Multilanguage [ChingLiu]\patch MPT.rar, , [38aef56e334930065c0444f9ca37936d],
CrackTool.Agent, D:\APLIKACE\Adobe Acrobat XI Pro 11.0.7 Multilanguage [ChingLiu]\patch MPT\adobe.acrobat.xi.pro.patch-MPT.exe, , [d61060031765ee48e67ace6f639e0bf5],
Trojan.Agent.CK, D:\APLIKACE\Eset\lA©Ä?ivo\TNodUp 1.4.2.3\TNod-1.4.2.3-final-setup.exe, , [93532a39fd7fcd693fe05b2827de18e8],
Riskware.Injector.DC, D:\Games\Far Cry 4\bin\Extreme Injector v3.exe, , [13d35e05acd0f73f76eb08eda35e1ce4],
Riskware.Injector.DC, D:\Games\Far Cry 4 - CPU Fix\Extreme Injector v3.exe, , [c521b5ae3f3d1422bca5599c11f07d83],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Vsechny nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[hankeys]

je to čistý

[Márty84]

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[hankeys]

# AdwCleaner v4.105 - Report created 18/12/2014 at 14:45:00
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Local]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Hankeys - LENOVO
# Running from : C:\Users\Hankeys\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Hankeys\AppData\Roaming\RHEng

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [851 octets] - [18/12/2014 14:42:56]
AdwCleaner[S0].txt - [736 octets] - [18/12/2014 14:45:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [795 octets] ##########

[Márty84]

Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[hankeys]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Hankeys (administrator) on LENOVO on 19-12-2014 11:35:08
Running from C:\Users\Hankeys\Desktop
Loaded Profile: Hankeys (Available profiles: Hankeys)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R) C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Telefónica I+D) C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
(Telefónica I+D) C:\Program Files (x86)\O2\Nori\Nori.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [ACPW07EN] => C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1813832 2014-03-18] (ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-17] (AVAST Software)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [Google Update] => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-10] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe [1722368 2014-11-28] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533] => C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b9a06547-4de9-11e4-825b-446d5785e023} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {f76ccf48-3856-11e4-8253-446d5785e023} - "F:\AutoRun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\..\Interfaces\{828869BE-0E61-40AC-AA70-946A4AC26021}: [NameServer] 160.218.167.5 160.218.161.60

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Hankeys\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Hankeys\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Hankeys\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-17]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-09-10]
CHR Extension: (Prezentace Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-10]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-09-11]
CHR Extension: (Angry Birds) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-09-10]
CHR Extension: (Dokumenty Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-10]
CHR Extension: (Disk Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-10]
CHR Extension: (Glow) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2014-09-10]
CHR Extension: (Save the trees (print & screenshot)) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjlcapbgbcnfkifgclinapfbkielnmdi [2014-09-10]
CHR Extension: (YouTube) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-10]
CHR Extension: (History 2) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2014-09-10]
CHR Extension: (Vyhledávání Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-10]
CHR Extension: (Tampermonkey) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-11-19]
CHR Extension: (Adobe Acrobat - Vytvořit PDF) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-09-11]
CHR Extension: (Kalendář Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-10]
CHR Extension: (Tabulky Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-10]
CHR Extension: (Avast Online Security) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-17]
CHR Extension: (Close Tab by Left Border) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdoplfhlfoagdghmfamhnakmjjffeila [2014-09-17]
CHR Extension: (My Klips - Read Now, Read Later) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpekaddkiibmnedmbgbpfmegmpfmbai [2014-09-10]
CHR Extension: (goo.gl URL Shortener) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2014-09-10]
CHR Extension: (Facebook Invite All) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2014-09-11]
CHR Extension: (Speed Dial 2) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-09-10]
CHR Extension: (Super Drag) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbjeigngkfagmefkkkmhaeechmohhneo [2014-09-10]
CHR Extension: (Peněženka Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-10]
CHR Extension: (Facebook Chat Pop-Outs) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnocoggcoknkjehhjjpanophojgknbpd [2014-09-11]
CHR Extension: (Gmail) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-17] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-17] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-09] (Disc Soft Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-09-09] (Basil Projects)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 11:35 - 2014-12-19 11:36 - 00022356 _____ () C:\Users\Hankeys\Desktop\FRST.txt
2014-12-19 11:34 - 2014-12-19 11:35 - 00000000 ____D () C:\FRST
2014-12-19 11:33 - 2014-12-19 11:33 - 02121216 _____ (Farbar) C:\Users\Hankeys\Desktop\FRST64.exe
2014-12-18 14:42 - 2014-12-18 14:45 - 00000000 ____D () C:\AdwCleaner
2014-12-18 14:42 - 2014-12-18 14:42 - 02166272 _____ () C:\Users\Hankeys\Desktop\adwcleaner_4.105.exe
2014-12-17 21:23 - 2014-12-19 07:17 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenovo-Hankeys Lenovo
2014-12-17 19:21 - 2014-12-17 19:21 - 00002104 _____ () C:\Users\Public\Desktop\MetaTrader 4 Admiral Markets AS.lnk
2014-12-17 19:21 - 2014-12-17 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 Admiral Markets AS
2014-12-17 19:21 - 2014-12-17 19:21 - 00000000 ____D () C:\Program Files (x86)\MetaTrader 4 Admiral Markets AS
2014-12-17 18:43 - 2014-12-17 18:43 - 00003292 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3293060449-512507974-3953459309-1001
2014-12-17 17:25 - 2014-12-17 17:25 - 00000000 ____D () C:\Users\Hankeys\AppData\Roaming\AVAST Software
2014-12-17 16:54 - 2014-12-18 14:49 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-17 16:54 - 2014-12-17 16:54 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-17 16:54 - 2014-12-17 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-17 16:54 - 2014-12-17 16:53 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-17 16:54 - 2014-12-17 16:53 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-17 16:54 - 2014-12-17 16:53 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-17 16:54 - 2014-12-17 16:53 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-17 16:54 - 2014-12-17 16:53 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-17 16:54 - 2014-12-17 16:53 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-17 16:54 - 2014-12-17 16:53 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-17 16:54 - 2014-12-17 16:53 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-17 16:53 - 2014-12-17 16:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-17 16:52 - 2014-12-17 16:52 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-17 16:51 - 2014-12-17 16:51 - 00000000 __SHD () C:\Users\Hankeys\AppData\Local\EmieBrowserModeList
2014-12-17 16:50 - 2014-12-17 16:52 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-17 15:11 - 2014-12-17 17:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-17 15:11 - 2014-12-17 15:11 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-17 15:11 - 2014-12-17 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-17 15:11 - 2014-12-17 15:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-17 15:11 - 2014-12-17 15:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-17 15:11 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-17 15:11 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-17 15:11 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-17 14:48 - 2014-12-17 14:48 - 00000000 ____D () C:\rsit
2014-12-17 14:48 - 2014-12-17 14:48 - 00000000 ____D () C:\Program Files\trend micro
2014-12-16 07:19 - 2014-12-16 07:20 - 00292680 _____ () C:\Windows\Minidump\121614-25296-01.dmp
2014-12-16 07:19 - 2014-12-16 07:19 - 477934908 _____ () C:\Windows\MEMORY.DMP
2014-12-16 07:19 - 2014-12-16 07:19 - 00000000 ____D () C:\Windows\Minidump
2014-12-15 07:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-15 07:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-15 07:54 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-15 07:54 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-15 07:54 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-15 07:54 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-13 14:53 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-13 14:53 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-13 14:52 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-13 14:52 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-13 14:52 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-13 14:52 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-13 14:52 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-13 14:52 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-13 14:52 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-13 14:52 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-13 14:52 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-13 14:52 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-13 14:52 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-13 14:52 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-13 14:52 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-13 14:52 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-13 14:52 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-13 14:52 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-13 14:52 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-13 14:52 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-13 14:52 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-13 14:52 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-13 14:52 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-13 14:52 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-13 14:52 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-13 14:52 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-13 14:52 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-13 14:52 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-13 14:52 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-13 14:52 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-13 14:52 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-13 14:52 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-13 14:52 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-13 14:52 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-13 14:52 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-13 14:52 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-13 14:52 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-13 14:52 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-13 14:52 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-13 14:52 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-13 14:52 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-13 14:37 - 2014-12-13 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2014-12-13 14:37 - 2014-12-13 14:37 - 00000000 ____D () C:\Program Files (x86)\GO Contact Sync Mod
2014-12-13 14:34 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-13 14:34 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-13 14:34 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-13 14:34 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-13 14:34 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-13 14:34 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-05 19:08 - 2014-10-30 12:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-03 17:24 - 2014-12-19 10:49 - 00000588 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job
2014-12-03 17:24 - 2014-12-17 11:23 - 00003588 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001
2014-12-03 17:24 - 2014-12-03 17:24 - 00000000 ____D () C:\Users\Hankeys\AppData\Local\Citrix
2014-11-29 10:54 - 2014-12-16 10:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-11-29 10:54 - 2014-12-16 10:35 - 00000000 ____D () C:\Windows\system32\NV
2014-11-29 10:50 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-29 10:50 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-29 10:50 - 2014-11-13 01:20 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-11-29 10:37 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-29 10:37 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-11-29 10:37 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-11-29 10:37 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-11-29 10:37 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-29 10:37 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-29 10:36 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-29 10:36 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-29 09:11 - 2014-11-29 09:47 - 00000559 _____ () C:\Users\Public\Desktop\Far Cry 4.lnk
2014-11-29 09:11 - 2014-11-29 09:47 - 00000559 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4.lnk
2014-11-24 20:29 - 2014-11-24 20:29 - 00000000 ____D () C:\Users\Hankeys\Documents\WB Games
2014-11-24 20:24 - 2014-11-24 20:24 - 00000885 _____ () C:\Users\Hankeys\Desktop\Middle Earth Shadow of Mordor.lnk
2014-11-24 20:24 - 2014-11-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
2014-11-24 08:50 - 2014-11-24 08:50 - 00000000 ____D () C:\Users\Hankeys\.swt
2014-11-24 08:50 - 2014-11-24 08:50 - 00000000 ____D () C:\Users\Hankeys\.android
2014-11-24 08:49 - 2014-11-24 08:49 - 00000000 ____D () C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-11-24 08:48 - 2014-11-24 08:55 - 00000000 ____D () C:\Flashtool
2014-11-19 08:09 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 08:09 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 08:09 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 08:09 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 11:32 - 2014-09-10 13:04 - 00000000 ____D () C:\Users\Hankeys\AppData\Roaming\ClassicShell
2014-12-19 11:25 - 2014-09-09 21:26 - 00000000 ____D () C:\Users\Hankeys\Documents\Soubory aplikace Outlook
2014-12-19 11:07 - 2014-09-10 12:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-19 10:54 - 2014-09-10 08:37 - 00000984 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
2014-12-19 10:07 - 2014-09-10 12:48 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 09:54 - 2014-09-10 08:37 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
2014-12-19 07:59 - 2014-09-09 19:12 - 01951758 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 07:07 - 2014-09-09 19:35 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4826E594-2A27-4CFA-98B9-542F03BAC25A}
2014-12-18 14:46 - 2014-03-18 08:20 - 00026396 _____ () C:\Windows\PFRO.log
2014-12-18 14:46 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 13:00 - 2014-09-09 19:15 - 00000000 ____D () C:\Users\Hankeys\AppData\Local\Packages
2014-12-18 11:37 - 2014-09-09 19:21 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3293060449-512507974-3953459309-1001
2014-12-18 11:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-18 08:34 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 20:39 - 2014-09-09 20:34 - 00000000 ____D () C:\Users\Hankeys\AppData\Roaming\vlc
2014-12-17 09:30 - 2014-09-11 20:08 - 00000000 ____D () C:\Users\Hankeys\AppData\Local\CrashDumps
2014-12-17 08:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-17 07:19 - 2014-03-18 16:33 - 01754528 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 07:19 - 2014-03-18 15:54 - 00743142 _____ () C:\Windows\system32\perfh005.dat
2014-12-17 07:19 - 2014-03-18 15:54 - 00152856 _____ () C:\Windows\system32\perfc005.dat
2014-12-16 14:14 - 2014-09-30 13:54 - 04441216 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer64.dll
2014-12-16 10:58 - 2014-09-09 19:15 - 00000000 ____D () C:\Users\Hankeys
2014-12-16 10:06 - 2014-09-10 13:43 - 00000000 ____D () C:\Users\Hankeys\AppData\Roaming\GoContactSyncMOD
2014-12-15 15:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-15 15:46 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-15 08:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-15 08:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-15 08:36 - 2014-09-09 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-15 08:36 - 2014-09-09 19:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-15 08:32 - 2014-09-12 08:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-15 08:28 - 2014-09-12 08:47 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-13 14:35 - 2014-09-10 13:33 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-10 08:25 - 2014-09-09 19:15 - 00000000 ____D () C:\Users\Hankeys\AppData\Roaming\Adobe
2014-12-06 08:06 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-05 19:20 - 2013-08-22 15:46 - 00038412 _____ () C:\Windows\setupact.log
2014-12-03 13:40 - 2014-09-09 20:49 - 00000000 ____D () C:\2014
2014-12-02 16:47 - 2014-09-10 07:16 - 00000000 ____D () C:\Users\Hankeys\AppData\Local\Deployment
2014-12-01 08:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-29 10:54 - 2014-09-09 19:55 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-29 10:16 - 2014-10-09 07:12 - 00000000 ____D () C:\Users\Hankeys\Documents\My Games
2014-11-29 10:13 - 2014-09-10 08:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-29 09:56 - 2014-10-09 07:11 - 00000000 ____D () C:\ProgramData\Orbit
2014-11-26 22:10 - 2014-11-13 07:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2014-11-13 07:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-24 21:28 - 2014-11-10 17:41 - 00000803 _____ () C:\Users\Hankeys\Desktop\Call of Duty Advanced Warfare.lnk
2014-11-24 21:28 - 2014-11-09 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Advanced Warfare
2014-11-24 08:53 - 2014-09-09 20:19 - 00011896 _____ () C:\Windows\DPINST.LOG

Some content of TEMP:
====================
C:\Users\Hankeys\AppData\Local\Temp\bassmod.dll
C:\Users\Hankeys\AppData\Local\Temp\BfEqhSeuUX.DLL
C:\Users\Hankeys\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Hankeys\AppData\Local\Temp\GuiUerGhFwjeGenXQRNy.DLL
C:\Users\Hankeys\AppData\Local\Temp\InstHelper.exe
C:\Users\Hankeys\AppData\Local\Temp\mini_installer.exe
C:\Users\Hankeys\AppData\Local\Temp\NlPhecHcbCXWUFVbracg.DLL
C:\Users\Hankeys\AppData\Local\Temp\ose00000.exe
C:\Users\Hankeys\AppData\Local\Temp\proxy_vole188640708404720790.dll
C:\Users\Hankeys\AppData\Local\Temp\Quarantine.exe
C:\Users\Hankeys\AppData\Local\Temp\ReadyCommSetup.exe
C:\Users\Hankeys\AppData\Local\Temp\ResetDevice.exe
C:\Users\Hankeys\AppData\Local\Temp\setup.exe
C:\Users\Hankeys\AppData\Local\Temp\sonarinst.exe
C:\Users\Hankeys\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-19 07:38

==================== End Of Log ============================

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [Google Update] => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-10] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533] => C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk

2014-12-19 11:07 - 2014-09-10 12:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 10:54 - 2014-09-10 08:37 - 00000984 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
2014-12-19 10:07 - 2014-09-10 12:48 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 09:54 - 2014-09-10 08:37 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job 

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[hankeys]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Hankeys at 2014-12-19 20:46:27 Run:1
Running from C:\Users\Hankeys\Desktop
Loaded Profile: Hankeys (Available profiles: Hankeys)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [Google Update] => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-10] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533] => C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk

2014-12-19 11:07 - 2014-09-10 12:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 10:54 - 2014-09-10 08:37 - 00000984 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
2014-12-19 10:07 - 2014-09-10 12:48 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 09:54 - 2014-09-10 08:37 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533 => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk => Moved successfully.
C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job => Moved successfully.
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[hankeys]

vše hotovo. zvuky valí a ostatní taky funguje. Díky

[Márty84]

Nemate zac!

Mejte se a treba zase nekdy