Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

RSIT preventivka - pomalý počítač

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

RSIT preventivka - pomalý počítač

#1 Příspěvek od PuntikataZebra »

Ahoj,

problémový počítač (Windows 7 Home Premium, 32bit) patří mým rodičům a bratrovi, kteří jsou ten typ uživatelů, co při instalaci programů/aktualizacích bezmyšlenkovitě odklikávájí "Ok", aby měli pokoj, a zároveň vědomě i nevědomě instalují všechno, co je jim v průběhu nabídnuto :D Snažila jsem odinstalovat všemožné zbytečné programy, cracky i prohlížečové toolbary, ale přesto ten počítač je pomalý a v posledních dnech se objevily i problémy s internetem - dlouhé načítání a poté i výpadky připojení (konkrétně neodpovídající DNS server). Vím, že ty problémy s internetem mohou být díky chybě na straně poskytovatele, přesto bych byla klidnější, kdybych měla 100% jistotu, že to vše není pouze dílem nějakého viru xD

Děkuji :)
_____________________________________________________________________________________________________

Logfile of random's system information tool 1.10 (written by random/random)
Run by planeo at 2015-07-22 16:40:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 147 GB (31%) free of 477 GB
Total RAM: 2986 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:40:49, on 22.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
C:\Users\planeo\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\planeo\Downloads\RSIT.exe
C:\Program Files\trend micro\planeo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 8651886518
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 8651886518
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 8651886518
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll
O2 - BHO: CrossriderApp0061855 - {11111111-1111-1111-1111-110611181155} - (no file)
O2 - BHO: CrossriderApp0061859 - {11111111-1111-1111-1111-110611181159} - (no file)
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: (no name) - {FF103732-4528-4322-AA8B-F7849AB7776B} - (no file)
O3 - Toolbar: (no name) - {4F524A2D-5350-4500-76A7-7A786E7484D7} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Apps Hat] C:\Users\planeo\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\planeo\Desktop\GSplay.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe

--
End of file - 8465 bytes

======Scheduled tasks folder======

C:\Windows\tasks\3d5a00fa-76d4-4e14-9155-c630dfed546e-1.job - C:\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe /bACuvyZYs /gDwSoa=task /wBeAJS='TheTorntv V10' /bjuuF=61855 /Lzzhb='001823' /ixabY='0' /TFrJs='0' /qnjItqW=DB07457ECC1D485D897EFBB13A7FFE50IE /sNKZRp=98c5fdbb41accfbb2203ad0247b4ba53 /irIEEtNr=1_34_07_29 /cxwgI=1.34.7.29 /vbozDJi=1407256527 /QvhSYlpK=http://stats.infostatsserv.com /FOPAZbDo=http://errors.infostatsserv.com /nhRONkxQ=http://cr.install-daddy.com /nzyKBo=ie /dykimqj='TheTorntv V10' /iuJVzoY=http://cr.install-daddy.com /FcdKKPwSh /dsvnjasIM='{"asw":[2, -2147483579, 536870912]}' /mDzKvAR='http://update.infostatsserv.com/ie_code ... pdate.json' /gDwSoa='task' /QkzkgQDDv=''
C:\Windows\tasks\3d5a00fa-76d4-4e14-9155-c630dfed546e-4.job - C:\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-4.exe /qZuFb /wBeAJS='TheTorntv V10' /yuuFNwVV='C:\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e.xpi' /bjuuF=61855 /Lzzhb='001823' /ixabY='0' /TFrJs='0' /qnjItqW=DB07457ECC1D485D897EFBB13A7FFE50IE /sNKZRp=98c5fdbb41accfbb2203ad0247b4ba53 /irIEEtNr=1_34_07_29 /cxwgI=1.34.7.29 /vbozDJi=1407256527 /QvhSYlpK=http://stats.infostatsserv.com /FOPAZbDo=http://errors.infostatsserv.com /jnEPeQO=300 /zQZgyovmN=44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com /jJObn=0.95 /LhJeP=a44e4876d5886435183fea8e44f892d6c2ac4a44858c85e3636com61855 /GEGuogs=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /61855.rdf /eJquCb='TheTorntv V10' /BQNMQ='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /zHyYGddTs='esc' /nzyKBo=ie /dsvnjasIM='{"asw":[2, -2147483579, 536870912]}' /FcdKKPwSh /uqVGi /XfsmEjQ /mDzKvAR='http://update.infostatsserv.com/ff_agen ... pdate.json' /gDwSoa='task' /QkzkgQDDv=''
C:\Windows\tasks\3d5a00fa-76d4-4e14-9155-c630dfed546e-6.job - C:\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-6.exe /wBeAJS='TheTorntv V10' /bjuuF=61855 /Lzzhb='001823' /ixabY='0' /TFrJs='0' /qnjItqW=DB07457ECC1D485D897EFBB13A7FFE50IE /sNKZRp=98c5fdbb41accfbb2203ad0247b4ba53 /irIEEtNr=1_34_07_29 /cxwgI=1.34.7.29 /vbozDJi=1407256527 /QvhSYlpK=http://stats.infostatsserv.com /FOPAZbDo=http://errors.infostatsserv.com /nhRONkxQ=http://cr.install-daddy.com /nzyKBo=ie /ezeIo /dykimqj=TheTorntv V10 /eHRcr7cc0931f-02a4-4a3b-a9d7-64dbe087bb13.dll /hJekbrn30c5befa-6b57-4633-b0bc-1641dfed8ae7.dll /FnfCkC3d5a00fa-76d4-4e14-9155-c630dfed546e-64.exe /AZRlUqAlI='nova' /iuJVzoY=http://cr.install-daddy.com /dsvnjasIM='{"asw":[2, -2147483579, 536870912]}' /mDzKvAR='http://update.infostatsserv.com/novarun ... pdate.json' /gDwSoa='task' /QkzkgQDDv=''
C:\Windows\tasks\3d5a00fa-76d4-4e14-9155-c630dfed546e-7.job - C:\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-7.exe /pjPyHQdT /wBeAJS='TheTorntv V10' /bjuuF=61855 /Lzzhb='001823' /ixabY='0' /TFrJs='0' /qnjItqW=DB07457ECC1D485D897EFBB13A7FFE50IE /sNKZRp=98c5fdbb41accfbb2203ad0247b4ba53 /irIEEtNr=1_34_07_29 /cxwgI=1.34.7.29 /vbozDJi=1407256527 /QvhSYlpK=http://stats.infostatsserv.com /FOPAZbDo=http://errors.infostatsserv.com /nhRONkxQ=http://cr.install-daddy.com /nzyKBo=ie /ezeIo /dykimqj=TheTorntv V10 /eHRcr7cc0931f-02a4-4a3b-a9d7-64dbe087bb13.dll /hJekbrn30c5befa-6b57-4633-b0bc-1641dfed8ae7.dll /FnfCkC3d5a00fa-76d4-4e14-9155-c630dfed546e-64.exe /AZRlUqAlI='nova' /iuJVzoY=http://cr.install-daddy.com /dsvnjasIM='{"asw":[2, -2147483579, 536870912]}' /gDwSoa=task /mDzKvAR='http://update.infostatsserv.com/novacod ... pdate.json' /gDwSoa='task' /QkzkgQDDv=''
C:\Windows\tasks\8a4f9772-4260-45a5-b6fd-903d1b561157.job - C:\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-4.exe /IqkVRtKI=cKLb0Z9Nb5DffUgOkZKr9YpQo1aDCsmRH2J3mILiRq7D+Zo0obK1n/SafpSCa3ITjk/ULznxYIi+prL7qmUowO90OO4/aY+RYq9Y4fSXk20o0jRaJJ9A/xBjjzp94ekpCHmhsLe5RHH2MJigfd9rukPArm6xGr2YwbsnAkwEiNQeOK7zzR8m4MfCwrurEGqNw6PiiVPWM+OsP2BHkgRYH4jB/cqmMOwck6zD1Pv5qqyk1AV6rakSla1TksBE4B9bjFW+9jC2aQceX3Xldkcf6SdDuSrLJc56dp9bj5DTY2G6c2No9f8xA8HvBgRcEXV3OlMg7a6QzsJz9aAdljuLOkNyHaXz1sbZ55Okf9gsXN410nXUxk57YXm7C4CpeSZGFUj5MHx2ys94YLwDcX6eMCd4FnnaHrzLdH2pj2P4gT/PgEgQKUI3tqQXRoabMdu6lJ9oBzBHVPsuJqkCELcwAlsaEloNIAB16jY0YclOijcIiZYa9Wecug/6fUbZtxkNPhuA6PIQUbtqRihFSjgQt2OjFEw7Mng5pPASAJsXNQl2cTdrbhp35JYA6Z5IobsuwkwqpkngHDtFeyN89egVgQqQ3eCbc5o0OBGSno8BwmegCl7+1FoJ4BdX/xTLxHVMq1+pkIOU4giVAcTlnHYDIaqYqlDCcaMRtnBFVnbSKhkWdtk4a9+s9GlY55qyeT0F3uaUZJe4dnS7x6xYhmrFd9OqOubzExL9Uc5aYZ7nTi2+h+5r8hAXQv2HOdeVge/Eiep46/Ymv8obiZuBu7DC20DmUwlCaWQWVbeZ6Wkk5QKZnqwmYBp+fJeo+RSGTysJaVSrnuAnoqu3GoouEK4x1gbH/5INFSvCbI5uTdZVgY5ztafZUfeSAwOeHII6HxK1uiCVhattevdaMiqpz5/opNDaQ5iOxSDcZyEsc8EsrVk+zcknZ5BvhWZDkOJySiDuNPnjLoB1chpo0hou5kNj4Nuca5C/cBdh77VW9VHcVVfnnT1DFbN+AUJ0SWsEEzXuM2pwtLcZT9nAkGV13mkspMLv6jBdihLZXK4+kdNhOoEsWr2EC5Jeqc0i73bShdigdDDODXiRjJXXsDF41iQ6K5yCgujMdTFzGXX+RxQvArYH1G9L1wNGp/L6J7h8iMQX0GSw3mP1JbEP45uJSRr/+66JSVtZyyg3zyQK9yjTqdFKJtZT9AMn3d8acEWjyc4NXOq6SPwb27bc7HPqFqA3UbX/WAb7X/xrg819Tguh9SA0jNo+UasYDkQXDS5iouLQlzGBUO6ziWUd2gz3x8lSMouQZgcinifl6CuATG7hqKp30mLKkydw7N5MrBTmWwVRtFuMx00gOKLKn9PRQaxvQ0N2X7l7k+gEBgztvyAU3rDFgzYgVfI/tDzH9puBEeu3gmaYFpGVOq26rl1YbZWPKOwJ9J1gSUGxgoTnul3PQR0dbuFxe+JaEc67uOx25w9iArLc/dymfHorQlmnnQ9Hf3TzBURPFciOMhRmLo2Vsj/rWVMjegk4XGxwVL/OkIqH
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DLL-Files FixerASKUSER.job - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe -askuser
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611181155}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611181159}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-11 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-24 3770480]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 146032]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 181360]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 190064]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe []
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 894344]
"Apps Hat"=C:\Users\planeo\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [2012-10-26 202752]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"GSplay.exe"=C:\Users\planeo\Desktop\GSplay.exe [2014-03-12 4772747]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 330752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-07-22 16:28:33 ----A---- C:\Windows\system32\drivers\aswB5FE.tmp
2015-07-22 16:28:32 ----A---- C:\Windows\system32\drivers\aswB3BC.tmp
2015-07-22 16:28:32 ----A---- C:\Windows\system32\drivers\aswB1C7.tmp
2015-07-22 16:28:31 ----A---- C:\Windows\system32\drivers\aswAF85.tmp
2015-07-22 16:28:31 ----A---- C:\Windows\system32\drivers\aswADCF.tmp
2015-07-22 16:28:30 ----A---- C:\Windows\system32\drivers\aswAC58.tmp
2015-07-22 16:28:30 ----A---- C:\Windows\system32\drivers\aswAA45.tmp
2015-07-22 16:28:29 ----A---- C:\Windows\system32\drivers\aswA5E0.tmp
2015-07-22 16:28:24 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-22 16:09:42 ----A---- C:\Windows\system32\drivers\asw409B.tmp
2015-07-22 16:06:55 ----D---- C:\ProgramData\Reimage Protector
2015-07-22 14:05:20 ----D---- C:\rsit
2015-07-22 14:05:20 ----D---- C:\Program Files\trend micro
2015-07-18 23:09:34 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-07-18 23:09:34 ----A---- C:\Windows\system32\javaw.exe
2015-07-18 23:09:34 ----A---- C:\Windows\system32\java.exe
2015-07-18 23:09:27 ----D---- C:\Program Files\Java
2015-07-15 06:57:41 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 06:57:38 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 06:57:38 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 06:57:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 06:57:36 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 06:57:36 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 06:57:22 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 06:57:22 ----A---- C:\Windows\system32\msi.dll
2015-07-15 06:57:22 ----A---- C:\Windows\system32\consent.exe
2015-07-15 06:57:22 ----A---- C:\Windows\system32\authui.dll
2015-07-15 06:57:21 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 06:57:21 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 06:57:21 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 06:56:54 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 06:56:52 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 06:56:52 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:56:52 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 06:56:52 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 06:56:51 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wups.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:56:28 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 06:56:27 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 06:56:27 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 06:56:26 ----A---- C:\Windows\system32\atmlib.dll
2015-07-15 06:56:26 ----A---- C:\Windows\system32\atmfd.dll
2015-07-15 06:56:25 ----A---- C:\Windows\system32\lpk.dll
2015-07-15 06:56:25 ----A---- C:\Windows\system32\fontsub.dll
2015-07-15 06:56:25 ----A---- C:\Windows\system32\dciman32.dll
2015-07-15 06:56:24 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 06:56:24 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 06:56:23 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 06:56:23 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 06:56:22 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 06:56:21 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 06:56:19 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 06:55:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 06:55:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 06:55:58 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 06:55:58 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 06:55:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 06:55:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 06:55:57 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 06:55:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 06:55:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 06:55:56 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 06:55:56 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 06:55:56 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 06:55:55 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 06:55:54 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 06:55:54 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 06:55:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 06:55:53 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 06:55:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 06:55:50 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 06:55:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:55:47 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 06:55:46 ----A---- C:\Windows\system32\vbscript.dll
2015-07-08 12:00:30 ----D---- C:\Program Files\Reimage
2015-07-08 12:00:17 ----D---- C:\rei
2015-07-08 11:58:57 ----A---- C:\Windows\Reimage.ini
2015-07-06 14:18:43 ----D---- C:\Program Files\Rockstar Games

======List of files/folders modified in the last 1 month======

2015-07-22 16:40:49 ----D---- C:\Windows\Prefetch
2015-07-22 16:40:40 ----D---- C:\Windows\Temp
2015-07-22 16:33:04 ----SHD---- C:\System Volume Information
2015-07-22 16:33:02 ----D---- C:\Windows\system32\catroot
2015-07-22 16:29:53 ----D---- C:\Windows\system32\config
2015-07-22 16:28:55 ----D---- C:\Windows\system32\Tasks
2015-07-22 16:28:33 ----D---- C:\Windows\system32\drivers
2015-07-22 16:28:24 ----D---- C:\Windows\System32
2015-07-22 16:28:22 ----D---- C:\Windows
2015-07-22 16:24:48 ----D---- C:\Windows\Tasks
2015-07-22 16:24:48 ----D---- C:\Windows\system32\wfp
2015-07-22 16:24:48 ----D---- C:\Windows\system32\DriverStore
2015-07-22 16:24:44 ----D---- C:\Windows\system32\wbem
2015-07-22 16:23:40 ----SHD---- C:\Windows\Installer
2015-07-22 16:23:40 ----SD---- C:\Windows\system32\GWX
2015-07-22 16:23:40 ----D---- C:\Windows\winsxs
2015-07-22 16:23:40 ----D---- C:\Windows\system32\NDF
2015-07-22 16:23:40 ----D---- C:\Windows\system32\catroot2
2015-07-22 16:23:40 ----D---- C:\Windows\Minidump
2015-07-22 16:23:40 ----D---- C:\Windows\inf
2015-07-22 16:23:40 ----D---- C:\Windows\AppCompat
2015-07-22 16:23:10 ----D---- C:\Program Files\Governor of Poker 2 Premium Edition
2015-07-22 16:23:10 ----D---- C:\Program Files\Google
2015-07-22 16:23:10 ----D---- C:\Program Files\Bullfrog
2015-07-22 16:22:35 ----D---- C:\Windows\registration
2015-07-22 16:22:00 ----SD---- C:\Users\planeo\AppData\Roaming\Microsoft
2015-07-22 16:17:55 ----HD---- C:\ProgramData
2015-07-22 16:17:53 ----D---- C:\Program Files
2015-07-22 16:17:43 ----D---- C:\Program Files\Hasbro Interactive
2015-07-22 16:16:41 ----D---- C:\GAMES
2015-07-22 14:09:38 ----D---- C:\Windows\Panther
2015-07-22 14:09:37 ----D---- C:\Windows\Logs
2015-07-22 14:09:37 ----D---- C:\Windows\debug
2015-07-21 18:46:42 ----D---- C:\Windows\system32\LogFiles
2015-07-16 12:17:07 ----D---- C:\Windows\rescache
2015-07-16 07:03:23 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 07:03:20 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 07:03:20 ----D---- C:\Windows\system32\appraiser
2015-07-16 07:03:19 ----D---- C:\Windows\AppPatch
2015-07-16 07:03:17 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 07:03:15 ----D---- C:\Windows\system32\en-US
2015-07-16 07:03:15 ----D---- C:\Program Files\Internet Explorer
2015-07-15 22:05:20 ----D---- C:\Windows\system32\MRT
2015-07-15 21:51:46 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 12:02:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-10 12:04:57 ----SHD---- C:\$Recycle.Bin
2015-07-09 13:47:37 ----D---- C:\ProgramData\YoutubeAdblocker
2015-07-09 13:47:37 ----D---- C:\ProgramData\IePluginServices
2015-07-09 13:47:37 ----D---- C:\Program Files\YoutubeAdblocker
2015-07-09 13:47:37 ----D---- C:\Program Files\SupTab
2015-07-09 13:47:37 ----D---- C:\Program Files\greatsaveer
2015-07-09 13:47:35 ----D---- C:\ProgramData\greatsaveer
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe
2015-06-23 13:27:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-11 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-11 206248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-11 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-21 423784]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-11 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-11 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-11 91496]
R2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-12-14 3759616]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\l1c51x86.sys [2010-10-21 62576]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECI.sys [2010-10-19 41088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 1806448]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz134;cpuz134; \??\C:\Users\planeo\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-11 50344]
R2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 723744]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19 6086640]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-09-27 1064312]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-09-02 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-28 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#2 Příspěvek od Márty84 »

Zdravim :)

Havet tam je :boxed:

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#3 Příspěvek od PuntikataZebra »

# AdwCleaner v4.208 - Log vytvořen 22/07/2015 v 18:49:29
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : planeo - PLANEO-PC
# Spuštěno z : C:\Users\planeo\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : ReimageRealTimeProtector

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\rei
Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\ProgramData\Conduit
Složka Smazáno : C:\ProgramData\DSearchLink
Složka Smazáno : C:\ProgramData\IBUpdaterService
Složka Smazáno : C:\ProgramData\IePluginServices
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\Reimage Protector
Složka Smazáno : C:\ProgramData\greatsaveer
Složka Smazáno : C:\ProgramData\YoutubeAdblocker
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Složka Smazáno : C:\Program Files\AskPartnerNetwork
Složka Smazáno : C:\Program Files\Conduit
Složka Smazáno : C:\Program Files\globalUpdate
Složka Smazáno : C:\Program Files\Minibar
Složka Smazáno : C:\Program Files\Reimage
Složka Smazáno : C:\Program Files\SupTab
Složka Smazáno : C:\Program Files\Trymedia
Složka Smazáno : C:\Program Files\77zip
Složka Smazáno : C:\Program Files\TheTorntv V10
Složka Smazáno : C:\Program Files\TheGoPhoto.it V10
Složka Smazáno : C:\Program Files\greatsaveer
Složka Smazáno : C:\Program Files\YoutubeAdblocker
Složka Smazáno : C:\Users\Administrator\AppData\Local\torch
Složka Smazáno : C:\Users\Guest\AppData\Local\torch
Složka Smazáno : C:\Users\planeo\AppData\Local\AppsHat Mobile Apps
Složka Smazáno : C:\Users\planeo\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\planeo\AppData\Local\Conduit
Složka Smazáno : C:\Users\planeo\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\planeo\AppData\Local\Minibar
Složka Smazáno : C:\Users\planeo\AppData\Local\torch
Složka Smazáno : C:\Users\planeo\AppData\Local\webplayer
Složka Smazáno : C:\Users\planeo\AppData\LocalLow\buenosearch LTD
Složka Smazáno : C:\Users\planeo\AppData\LocalLow\Conduit
Složka Smazáno : C:\Users\planeo\AppData\LocalLow\Minibar
Složka Smazáno : C:\Users\planeo\AppData\LocalLow\TheTorntv V10
Složka Smazáno : C:\Users\planeo\AppData\LocalLow\TheGoPhoto.it V10
Složka Smazáno : C:\Users\planeo\AppData\Roaming\7go
Složka Smazáno : C:\Users\planeo\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\planeo\AppData\Roaming\PerformerSoft
Složka Smazáno : C:\Users\planeo\AppData\Roaming\SpeedAnalysis3
Složka Smazáno : C:\Users\planeo\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\77zip
Složka Smazáno : C:\Users\planeo\AppData\Roaming\Mozilla\Firefox\Profiles\o10dfh6p.default-1420529720064\Extensions\44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
[/!\] Ne Smazáno ( Junction ) : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
[/!\] Ne Smazáno ( Junction ) : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\planeo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\planeo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\planeo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Složka Smazáno : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Složka Smazáno : C:\Users\planeo\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehfaaakbogmioeaahaojamambacgfpii
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpolmimaaogdejncdogeaoahhikjgpgd
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Složka Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mfefdjolfkingkcjolgeaacafhhabpio
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjajpkikblccgefaibcafkfbanllpefi_0.localstorage
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gjajpkikblccgefaibcafkfbanllpefi
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mbmpjbkgemhgalmeiigcdljkccfcafoj
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpcknfcdcgpffjddjeceioobdelceffo_0.localstorage
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lbgfiglojokgabdbhegbpjgojgppppgf
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehfaaakbogmioeaahaojamambacgfpii_0.localstorage
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ehfaaakbogmioeaahaojamambacgfpii
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mfefdjolfkingkcjolgeaacafhhabpio_0.localstorage
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mfefdjolfkingkcjolgeaacafhhabpio
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ehfaaakbogmioeaahaojamambacgfpii
Soubor Smazáno : C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mfefdjolfkingkcjolgeaacafhhabpio
Soubor Smazáno : C:\Windows\Reimage.ini
Soubor Smazáno : C:\Windows\system32\roboot.exe
Soubor Smazáno : C:\Users\planeo\AppData\Roaming\speedanalysis.ico
Soubor Smazáno : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
Soubor Smazáno : C:\Program Files\Mozilla Firefox\browser\searchplugins\istartsurf.xml

***** [ Naplánované úlohy ] *****

Úloha Smazáno : RDReminder
Úloha Smazáno : Reimage Reminder
Úloha Smazáno : ReimageUpdater
Úloha Smazáno : 3d5a00fa-76d4-4e14-9155-c630dfed546e-1
Úloha Smazáno : 3d5a00fa-76d4-4e14-9155-c630dfed546e-4
Úloha Smazáno : 3d5a00fa-76d4-4e14-9155-c630dfed546e-6
Úloha Smazáno : 3d5a00fa-76d4-4e14-9155-c630dfed546e-7
Úloha Smazáno : 8a4f9772-4260-45a5-b6fd-903d1b561157

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\Users\planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupce Vyléčeno : C:\Users\planeo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\planeo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\planeo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Klíč Smazáno : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Apps Hat]
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Hodnota Smazáno : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Hodnota Smazáno : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKCU\Software\Mozilla\Extends
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Klíč Smazáno : HKLM\SOFTWARE\Classes\SDP
Klíč Smazáno : HKLM\SOFTWARE\46db666a-4fe4-41ed-872d-18cc50d0d222
Klíč Smazáno : HKLM\SOFTWARE\7cc0931f-02a4-4a3b-a9d7-64dbe087bb13
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061855.BHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061855.BHO.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061855.Sandbox
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061855.Sandbox.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061859.BHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061859.BHO.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061859.Sandbox
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0061859.Sandbox.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2832595
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622182255}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622182259}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655185555}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655185559}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666186655}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666186659}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644184455}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644184459}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59d1fcf5-a4d9-4e6b-8857-6c1f3cb9dbaf}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9771419e-9beb-4232-8e5d-ce4a6a8b7497}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a9ac9962-3e7b-4859-a7f3-d16490174eba}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{451e5cd0-c5ab-48bc-8aec-d8e83530d876}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5a1a146b-ce32-4efc-9257-b3a68e85301d}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c5f61f30-659f-4a69-840e-e3c81789f61d}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{10901306-DCF5-4B6E-BD57-15A715B16167}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F940B243-59F0-41A1-9449-931BA62B6544}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\BI
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\filescout
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\powerpack
Klíč Smazáno : HKCU\Software\RegisteredApplicationsEx
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\SupHpUISoft
Klíč Smazáno : HKCU\Software\systweak
Klíč Smazáno : HKCU\Software\Tbccint_HKLM
Klíč Smazáno : HKCU\Software\usyndication.com
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\USyndication
Klíč Smazáno : HKCU\Software\reimagerepair
Klíč Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainer
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíč Smazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TheTorntv V10
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TheGoPhoto.it V10
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Smazáno : HKLM\SOFTWARE\Minibar
Klíč Smazáno : HKLM\SOFTWARE\SafetyNut
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\supWPM
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\TheTorntv V10
Klíč Smazáno : HKLM\SOFTWARE\Trymedia Systems
Klíč Smazáno : HKLM\SOFTWARE\Reimage
Klíč Smazáno : HKLM\SOFTWARE\LemurLeap
Klíč Smazáno : HKLM\SOFTWARE\TheGoPhoto.it V10
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\buenosearch.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-search.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.conduit.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softango.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.buenosearch.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.istartsurf.com
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17909

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v


-\\ Google Chrome v43.0.2357.134

[C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
[C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}

-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [39094 bytů] - [22/07/2015 18:47:26]
AdwCleaner[S0].txt - [32363 bytů] - [22/07/2015 18:49:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [32422 bytů] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#4 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#5 Příspěvek od PuntikataZebra »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.7.2015
Čas skenování: 19:54
Protokol: ll.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.22.05
Databáze rootkitů: v2015.07.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: planeo

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 628157
Uplynulý čas: 1 hod, 58 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 34
Adware.InstallBrain, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\7go, , [8845786cf19976c028409255e21eb44c],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [f8d5826233571620161c4947c63bba46],
PUP.Optional.GoPhotoIT.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\TheGoPhoto.it V10, , [b31a94502e5c2d09e2f0809e23e05da3],
PUP.Optional.TornTV.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, , [fecf04e08604f6405059aa7d48bba55b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{186751CB-376C-4709-B234-70648DB88723}, , [3697f1f38604bc7a6b98692b1ee6c13f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20420FC7-2B2E-46C8-BD51-4035C2A1D459}, , [f0ddeef601892c0a8c77c4d0fd07c838],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25D2937C-391E-421B-878E-46B14EC31A8D}, , [993420c41b6f112511f2bbd97f854fb1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A7D038D-DD62-4842-B74B-3AB77A63E141}, , [eedf1cc8d2b879bdec18ff95ca3a768a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{37A2829D-7CCB-4E88-90CE-12CD38B172BE}, , [eae37a6a6a20092dbb488b095aaa6a96],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E4B091C-D76D-4D5A-9CFF-16467B2288CF}, , [5a737a6ab3d76dc99c68fd97c2421ee2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{451E5CD0-C5AB-48BC-8AEC-D8E83530D876}, , [3796806443477cba38cba5efdd27e31d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47F7CFC7-39FD-48D2-9A8E-30566834B99B}, , [a02d9e46345675c12fd5553fc53fbe42],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AC26795-7568-42AB-92F7-29774642E3F5}, , [993454905139d3638b78a3f1689ce719],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5738134D-F193-41DA-A59F-80CBDDDD5098}, , [3f8e24c06426dd597e861f75956f8080],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59D1FCF5-A4D9-4E6B-8857-6C1F3CB9DBAF}, , [e2ebd113ccbeb97d778c7123709437c9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A1A146B-CE32-4EFC-9257-B3A68E85301D}, , [913c10d4b2d8c571a262751f7f8541bf],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EE5FB7F-B6B8-4330-8DC9-5D6273C4DEBD}, , [cb027b69ec9e66d00400682c788ce61a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6885BCF3-8169-409F-A9DD-A2F812F97A3D}, , [6d6011d35e2c280e788b99fbd52fd62a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6C721A94-144F-433D-A7EF-60DEF5515915}, , [814ce6fe18721a1c10f3aaea20e4b749],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{70DE156D-DE26-4CF1-9222-FAFB49564B35}, , [339a36ae2466d75fb94b3460ff057987],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{889BA331-48CD-4CB8-B890-8D3172606A93}, , [2aa36480573354e216ee7123768e837d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9771419E-9BEB-4232-8E5D-CE4A6A8B7497}, , [27a61acad2b8d06640c4157f37cd9868],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3CEED51-16E9-4034-B961-3D5071DA6166}, , [6865ba2a137773c3ff040e86ff05d62a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A9AC9962-3E7B-4859-A7F3-D16490174EBA}, , [9538df0597f33402679b652f1fe58779],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB433C23-FEE2-4CF2-B674-E9DBA620F449}, , [f7d6f5eff6948fa7fe065f359a6aa25e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B07B2710-C506-4B28-80F2-BB69105E84B6}, , [0ebfd2126c1e1d19f410177dc1432fd1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B763841F-5B6F-45B7-B44D-CE66FC1CAEEC}, , [5f6ec71d3c4ee6503dc68e065ca8a759],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5F61F30-659F-4A69-840E-E3C81789F61D}, , [45880adab7d3ad891ae87e16798b9967],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA71EE7F-A588-44F7-BA6B-3D189578C54F}, , [903d21c3cac046f0ad5696fe07fdd42c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E47F2DB5-E3E7-47BF-A13D-2DE656123653}, , [67661dc72f5b7bbba95b5242669efe02],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3763934-957A-4B9D-9B72-6DEDE4F389D0}, , [c60736ae2a6053e363a1276d20e4cd33],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F89C0BEA-72DE-44C2-AA59-F7D9EBA9BE2C}, , [75585e86dbaf1e1844c0fd979371f50b],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611181155}, , [715c80642169b0860d1fb18d45c0bf41],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611181159}, , [fad36e766e1cb97d4ae21b2349bcb050],

Hodnoty registru: 28
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{186751CB-376C-4709-B234-70648DB88723}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [3697f1f38604bc7a6b98692b1ee6c13f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{20420FC7-2B2E-46C8-BD51-4035C2A1D459}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [f0ddeef601892c0a8c77c4d0fd07c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25D2937C-391E-421B-878E-46B14EC31A8D}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [993420c41b6f112511f2bbd97f854fb1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A7D038D-DD62-4842-B74B-3AB77A63E141}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-codedownloader.exe, , [eedf1cc8d2b879bdec18ff95ca3a768a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{37A2829D-7CCB-4E88-90CE-12CD38B172BE}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [eae37a6a6a20092dbb488b095aaa6a96]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E4B091C-D76D-4D5A-9CFF-16467B2288CF}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-codedownloader.exe, , [5a737a6ab3d76dc99c68fd97c2421ee2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{451e5cd0-c5ab-48bc-8aec-d8e83530d876}|AppName, TheTorntv V10-buttonutil.exe, , [3796806443477cba38cba5efdd27e31d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47F7CFC7-39FD-48D2-9A8E-30566834B99B}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-codedownloader.exe, , [a02d9e46345675c12fd5553fc53fbe42]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AC26795-7568-42AB-92F7-29774642E3F5}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-buttonutil.exe, , [993454905139d3638b78a3f1689ce719]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5738134D-F193-41DA-A59F-80CBDDDD5098}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-codedownloader.exe, , [3f8e24c06426dd597e861f75956f8080]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59d1fcf5-a4d9-4e6b-8857-6c1f3cb9dbaf}|AppName, TheGoPhoto.it V10-buttonutil.exe, , [e2ebd113ccbeb97d778c7123709437c9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5a1a146b-ce32-4efc-9257-b3a68e85301d}|AppName, TheTorntv V10-codedownloader.exe, , [913c10d4b2d8c571a262751f7f8541bf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EE5FB7F-B6B8-4330-8DC9-5D6273C4DEBD}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-codedownloader.exe, , [cb027b69ec9e66d00400682c788ce61a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6885BCF3-8169-409F-A9DD-A2F812F97A3D}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-buttonutil.exe, , [6d6011d35e2c280e788b99fbd52fd62a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6C721A94-144F-433D-A7EF-60DEF5515915}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [814ce6fe18721a1c10f3aaea20e4b749]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{70DE156D-DE26-4CF1-9222-FAFB49564B35}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-codedownloader.exe, , [339a36ae2466d75fb94b3460ff057987]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{889BA331-48CD-4CB8-B890-8D3172606A93}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-codedownloader.exe, , [2aa36480573354e216ee7123768e837d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9771419e-9beb-4232-8e5d-ce4a6a8b7497}|AppName, TheGoPhoto.it V10-codedownloader.exe, , [27a61acad2b8d06640c4157f37cd9868]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3CEED51-16E9-4034-B961-3D5071DA6166}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-buttonutil.exe, , [6865ba2a137773c3ff040e86ff05d62a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a9ac9962-3e7b-4859-a7f3-d16490174eba}|AppName, TheGoPhoto.it V10-bg.exe, , [9538df0597f33402679b652f1fe58779]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB433C23-FEE2-4CF2-B674-E9DBA620F449}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-codedownloader.exe, , [f7d6f5eff6948fa7fe065f359a6aa25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B07B2710-C506-4B28-80F2-BB69105E84B6}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-codedownloader.exe, , [0ebfd2126c1e1d19f410177dc1432fd1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B763841F-5B6F-45B7-B44D-CE66FC1CAEEC}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [5f6ec71d3c4ee6503dc68e065ca8a759]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c5f61f30-659f-4a69-840e-e3c81789f61d}|AppName, TheTorntv V10-bg.exe, , [45880adab7d3ad891ae87e16798b9967]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA71EE7F-A588-44F7-BA6B-3D189578C54F}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-buttonutil.exe, , [903d21c3cac046f0ad5696fe07fdd42c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E47F2DB5-E3E7-47BF-A13D-2DE656123653}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-codedownloader.exe, , [67661dc72f5b7bbba95b5242669efe02]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3763934-957A-4B9D-9B72-6DEDE4F389D0}|AppName, 3d5a00fa-76d4-4e14-9155-c630dfed546e-2.exe-codedownloader.exe, , [c60736ae2a6053e363a1276d20e4cd33]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F89C0BEA-72DE-44C2-AA59-F7D9EBA9BE2C}|AppName, 4f3bcd50-49d4-4eed-8e69-a62b07ec0055-2.exe-codedownloader.exe, , [75585e86dbaf1e1844c0fd979371f50b]

Data registru: 1
PUM.Hijack.StartMenu, HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowMyComputer, 0, Dobré: (1), Špatné: (0),,[2aa3ae36850538fe646baf854cb96a96]

Složky: 5
PUP.Optional.FreeGames.A, C:\Users\planeo\AppData\Roaming\freegames4357, , [1eaf6183b7d3999dfadfb027e51d3cc4],
PUP.Optional.SpeedTest.A, C:\Users\planeo\AppData\Roaming\speedtest4354, , [408d1ec6f4967abc8a528750f012ad53],
PUP.Optional.Datamngr.A, C:\Users\planeo\AppData\LocalLow\DataMngr, , [b617558fa8e2b284f1a429b2d62c9f61],
PUP.Optional.GlobalUpdate.A, C:\Users\planeo\AppData\Local\Temp\comh.214177, , [deefa242107aed49171b3baefa08a25e],
PUP.Optional.GlobalUpdate.A, C:\Users\planeo\AppData\Local\Temp\comh.480210, , [4c81bd2734562b0bc56dc42519e9dc24],

Soubory: 88
PUP.Optional.BestToolbar, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$RLQHAUA.exe, , [d4f93ca89af0f343654eb27e1ae62cd4],
PUP.Optional.RegCleanPro, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$R4YDESO.exe, , [66679c48f3974cea4ba779bac23e4bb5],
PUP.Optional.SpeedTest.A, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$RB40YM3.exe, , [01ccde065b2feb4beb32330b2ad601ff],
PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$RRNY8CH.exe, , [c20bc91b503a03338bac4f9fa55b2cd4],
Adware.InstallBrain, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$RZXQUGG.exe, , [7558b82cf79344f26efa02e530d02dd3],
PUP.Optional.BestToolbar, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$R89SZTX.exe, , [7b52b2325f2b0036694ae24e629e25db],
PUP.Optional.SpeedTest.A, C:\$Recycle.Bin\S-1-5-21-3416206781-2165729983-1548596503-1000\$R4IY9TJ.exe, , [6667e5fff39776c01b0251ed956bf010],
PUP.Optional.APNToolBar.A, C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe.vir, , [2f9e0fd5e4a6d36310e80e998e7345bb],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir, , [e3ea974dbfcb3df9205653de50b0857b],
PUP.Optional.MiniBar.A, C:\AdwCleaner\Quarantine\C\Program Files\Minibar\Minibar.dll.vir, , [3895657fed9d47efb868919328d848b8],
PUP.Optional.InstallCore.C, C:\AdwCleaner\Quarantine\C\Program Files\TheGoPhoto.it V10\46db666a-4fe4-41ed-872d-18cc50d0d222.dll.vir, , [d4f9469ea3e7cf67942ddf8df60f847c],
PUP.Optional.GoPhotoIT.A, C:\AdwCleaner\Quarantine\C\Program Files\TheGoPhoto.it V10\TheGoPhoto.it V10-bho.dll.vir, , [d4f97d671278b97d734967cb88797888],
PUP.Optional.InstallCore.C, C:\AdwCleaner\Quarantine\C\Program Files\TheGoPhoto.it V10\TheGoPhoto.it V10-buttonutil.dll.vir, , [dcf1a53fd9b191a5fdc40369bf46ec14],
PUP.Optional.GoPhotoIT.A, C:\AdwCleaner\Quarantine\C\Program Files\TheGoPhoto.it V10\TheGoPhoto.it V10-buttonutil.exe.vir, , [ad2021c3cfbb79bd3f7dbc761ce54ab6],
PUP.Optional.InstallCore.C, C:\AdwCleaner\Quarantine\C\Program Files\TheGoPhoto.it V10\Uninstall.exe.vir, , [e9e48d57bfcb32047b4675f7a4618a76],
PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-4.exe.vir, , [f1dc796bbcce3105edd778c4669ae719],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-6.exe.vir, , [2da07b694f3bd264449d74f06e97f60a],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\3d5a00fa-76d4-4e14-9155-c630dfed546e-7.exe.vir, , [8647c024f39792a4667bbca813f20ff1],
PUP.Optional.InstallCore.C, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\7cc0931f-02a4-4a3b-a9d7-64dbe087bb13.dll.vir, , [913c0bd9d2b8c76fa61bee7e5da8b54b],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-bg.exe.vir, , [17b64a9a4e3c01352cb5a3c132d358a8],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-bho.dll.vir, , [597441a30387211533aeb1b36c9946ba],
PUP.Optional.InstallCore.C, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-buttonutil.dll.vir, , [8b426e76cac01b1b7a479dcf6e9716ea],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-buttonutil.exe.vir, , [c9046f758505f1455190ea7a010455ab],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe.vir, , [c50829bba8e25fd77c65f66e4bba47b9],
PUP.Optional.Delta.ShrtCln, C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir, , [efde3fa57c0eef47e9948b5847bd1ce4],
PUP.Optional.WindowsProtectManger.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [f6d70ada8802ef474a2fbf7ae31e17e9],
PUP.Optional.Somoto.A, C:\AdwCleaner\Quarantine\C\Users\planeo\AppData\Local\AppsHat Mobile Apps\Uninstall.exe.vir, , [fcd12bb9751577bf28f930f448b85ba5],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\planeo\AppData\Local\Conduit\Community Alerts\Alert.dll.vir, , [ca0325bfd2b861d5a179f34550b16f91],
Adware.InstallBrain, C:\Program Files\Uninstall Information\Ib\97\3867\ib_uninstall.exe, , [8845786cf19976c028409255e21eb44c],
PUP.Optional.LemurLeap.A, C:\Users\planeo\AppData\Local\Temp\LemurLeap_sm.exe, , [6e5f5094068485b1605f489b28dccc34],
PUP.Optional.Somoto.A, C:\Users\planeo\AppData\Local\Temp\UpdateCheckerSetup.exe, , [963738ac0882ae88ddd1a34656aa02fe],
PUP.Optional.Somoto.A, C:\Users\planeo\AppData\Local\Temp\FLVPlayerSetup.exe, , [9f2e7d67c3c7a096df62151eb947aa56],
PUP.Optional.APNToolBar.A, C:\Users\planeo\AppData\Local\Temp\APNSetup.exe, , [d5f8cc18553580b61eda693e3dc44db3],
PUP.Optional.Somoto.A, C:\Users\planeo\AppData\Local\Temp\appshat-distribution.exe, , [fad3b430dab049ed71b02004a85821df],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\BabylonTB.exe, , [c904b62e7c0ebd79e7c4f8f1b34dd828],
PUP.Optional.Somoto, C:\Users\planeo\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe, , [9934a1439feb3bfba21cf667f2134bb5],
PUP.Optional.ClientConnect, C:\Users\planeo\AppData\Local\Temp\InnoGames_International\nsh61DC.tbInn0.dll, , [bb126084b7d396a058c24eeae12052ae],
PUP.Optional.ClientConnect, C:\Users\planeo\AppData\Local\Temp\InnoGames_International\nsq9B11.tbInn0.dll, , [96377173eaa0043265b56fc9d42d7987],
PUP.Optional.ClientConnect, C:\Users\planeo\AppData\Local\Temp\InnoGames_International\nsxAC5C.tbInn2.dll, , [7a53a83cdeaccb6b22f8b58342bfe21e],
PUP.Optional.ClientConnect, C:\Users\planeo\AppData\Local\Temp\InnoGames_International\tbInn0.dll, , [d7f6b0346c1e1b1b2af0cd6b09f840c0],
PUP.Optional.Installrex, C:\Users\planeo\AppData\Local\Temp\{346BED5B-6825-4BFD-A916-2007EF88CFAD}\Addons\browsecoupon_setup.exe, , [49849054e7a31a1cad64f9f611f3ab55],
PUP.Optional.Installrex, C:\Users\planeo\AppData\Local\Temp\{346BED5B-6825-4BFD-A916-2007EF88CFAD}\Addons\extIE_setup.exe, , [8746ac38f8923df9ca47dd1238cc40c0],
PUP.Optional.Installrex, C:\Users\planeo\AppData\Local\Temp\{346BED5B-6825-4BFD-A916-2007EF88CFAD}\Addons\ext_setup.exe, , [8c4124c0a2e872c426eb4ca3bf45728e],
PUP.Optional.EZDownloader.A, C:\Users\planeo\AppData\Local\Temp\{346BED5B-6825-4BFD-A916-2007EF88CFAD}\Addons\EzDownloader_setup.exe, , [c8058c589af039fdbbcd9d8435cb7e82],
PUP.Optional.Installrex, C:\Users\planeo\AppData\Local\Temp\{346BED5B-6825-4BFD-A916-2007EF88CFAD}\Addons\ytab_setup.exe, , [903d3ea6e5a5b97d0809ce211ee6629e],
PUP.Optional.Installrex, C:\Users\planeo\AppData\Local\Temp\{346BED5B-6825-4BFD-A916-2007EF88CFAD}\Addons\ytbmk_setup.exe, , [fdd032b24b3fdf575db4b13edc282ad6],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\1D386EC1-BAB0-7891-9F7D-92115A87B729\Setup.exe, , [08c5796b36540f27d7109e4b09f712ee],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\1D386EC1-BAB0-7891-9F7D-92115A87B729\Latest\Setup.exe, , [d9f47074117943f3295e11127a86c23e],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\GoogleCrashHandler.exe, , [a5282eb6711982b475bdb0e0728f50b0],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\GoogleUpdate.exe, , [f8d5826233571620161c4947c63bba46],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\GoogleUpdateBroker.exe, , [537a489ceb9fc373a48ef59bb948639d],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\GoogleUpdateOnDemand.exe, , [1bb23da7e0aaeb4bb37ff19fac55c739],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\goopdate.dll, , [9736796b3f4bcc6ab47e741c5fa2639d],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\goopdateres_en.dll, , [13ba9153206ac472ac86f19f45bc4db3],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\npGoogleUpdate4.dll, , [d2fb855f84068da947eb0a868f728f71],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\psmachine.dll, , [95388f550189340278ba632d778a738d],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.214177\psuser.dll, , [3d90a2422367e0565bd7d1bff110f709],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\GoogleCrashHandler.exe, , [5d70b72d513944f29c96038de31eaf51],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\GoogleUpdate.exe, , [00cd21c335551d19e2509bf5f70ac838],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\GoogleUpdateBroker.exe, , [d8f5786c0f7b142201315040fc05cb35],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\GoogleUpdateOnDemand.exe, , [27a6b2322961ee4889a9820ebf42b64a],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\goopdate.dll, , [a429499bf991cf67082a662aee130000],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\goopdateres_en.dll, , [04c91cc87d0dd660d35f325ebf429769],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\npGoogleUpdate4.dll, , [cffee7fdbecca98d072bd0c051b002fe],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\psmachine.dll, , [e1ece5fffc8ea294b47e5f31c23f44bc],
PUP.Optional.ModGoog, C:\Users\planeo\AppData\Local\Temp\comh.480210\psuser.dll, , [c706c3210b7f4fe70c266828946d07f9],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\7FBF3B3F-BAB0-7891-BD55-D7EB54F845EC\Latest\BExternal.dll, , [efde7a6ab0da1026f3ee0f152dd3d030],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\7FBF3B3F-BAB0-7891-BD55-D7EB54F845EC\Latest\Setup.exe, , [6e5fcb194f3b20162f585cc731cfd729],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\ADEA78DB-BAB0-7891-B6A8-27CAF2C90144\Setup.exe, , [7e4fdb0985058aacf0f7cf1a0bf5e31d],
PUP.Optional.Babylon.A, C:\Users\planeo\AppData\Local\Temp\ADEA78DB-BAB0-7891-B6A8-27CAF2C90144\Latest\Setup.exe, , [f3da17cdf39763d3e0a75bc8be4260a0],
PUP.Optional.CrossRider, C:\Users\planeo\AppData\Local\Temp\nspC8C9.tmp\GOPSetup.exe, , [7855f0f4167469cda4e346f0827f9f61],
PUP.Optional.SearchHijacker.A, C:\Users\planeo\AppData\Local\Temp\nspC8C9.tmp\ild_istartsurf.exe, , [d1fcfde78ffb74c21780df58de23b848],
PUP.Optional.CrossRider, C:\Users\planeo\AppData\Local\Temp\nspC8C9.tmp\trtextsetup.exe, , [0fbecb19256587afd3b4c2744ab79967],
PUP.Optional.Softonic.A, C:\Users\planeo\Downloads\SoftonicDownloader_for_directx.exe, , [6964b72dd5b572c42367f9fed62adb25],
PUP.Optional.SpeedTest.A, C:\Users\planeo\Downloads\speedtest4354 (1).exe, , [c30a08dcb3d78ea8db42f04e39c716ea],
PUP.Optional.BesttoolBars, C:\Users\planeo\Downloads\freegames4357 (1).exe, , [933acf154e3c999dfdeaa29120e0ea16],
Adware.InstallBrain, C:\Users\planeo\Downloads\PCPerformerSetup.exe, , [7e4f588cd2b8191d757a21e8a061e41c],
PUP.Optional.Conduit, C:\Users\planeo\Downloads\instalace\bsplayer264.1073.exe, , [ad2063810882bb7b8eb6f37048bd5aa6],
Trojan.Agent, C:\hl.exe, , [cd00f4f0a2e8c86e1c891f727b88d12f],
PUP.Optional.FreeGames.A, C:\Users\planeo\AppData\Roaming\freegames4357\freegames4357.crx, , [1eaf6183b7d3999dfadfb027e51d3cc4],
PUP.Optional.FreeGames.A, C:\Users\planeo\AppData\Roaming\freegames4357\freegames4357DeskTopIcon.ico, , [1eaf6183b7d3999dfadfb027e51d3cc4],
PUP.Optional.FreeGames.A, C:\Users\planeo\AppData\Roaming\freegames4357\install_helper.exe, , [1eaf6183b7d3999dfadfb027e51d3cc4],
PUP.Optional.SpeedTest.A, C:\Users\planeo\AppData\Roaming\speedtest4354\install_helper.exe, , [408d1ec6f4967abc8a528750f012ad53],
PUP.Optional.SpeedTest.A, C:\Users\planeo\AppData\Roaming\speedtest4354\speedtest4354.crx, , [408d1ec6f4967abc8a528750f012ad53],
PUP.Optional.SpeedTest.A, C:\Users\planeo\AppData\Roaming\speedtest4354\speedtest4354DeskTopIcon.ico, , [408d1ec6f4967abc8a528750f012ad53],
PUP.Optional.Datamngr.A, C:\Users\planeo\AppData\LocalLow\DataMngr\{2ad95a4b-54b3-4570-bc8b-e85db90c1775}64, , [b617558fa8e2b284f1a429b2d62c9f61],
PUP.Optional.GlobalUpdate.A, C:\Users\planeo\AppData\Local\Temp\comh.214177\GoogleUpdateHelper.msi, , [deefa242107aed49171b3baefa08a25e],
PUP.Optional.GlobalUpdate.A, C:\Users\planeo\AppData\Local\Temp\comh.480210\GoogleUpdateHelper.msi, , [4c81bd2734562b0bc56dc42519e9dc24],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#6 Příspěvek od Márty84 »

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#7 Příspěvek od PuntikataZebra »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.7.2015
Čas skenování: 9:00
Protokol: lo.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.22.07
Databáze rootkitů: v2015.07.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: planeo

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 628811
Uplynulý čas: 1 hod, 58 min, 32 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#8 Příspěvek od Márty84 »

:arrow: MBAM odinstalujte.

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#9 Příspěvek od PuntikataZebra »

Opět problémy s internetovým připojením. Stáhla jsem RSIT na flashku a pak spustila, ale ve výsledném logu to napsalo, že download toho programu nebyl úspěšný. Tudíž asi počkám, až se obnoví internet na počítači a pak vložím požadované logy. Tímto se chci omluvit, že zdržuji vyřešení celé této záležitosti :?:
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#10 Příspěvek od Márty84 »

Ty problemy s pripojenim jsou jen u tohoto pc, nebo i na pripadnych dalsich zarizenich (pc, tablet, mobil)?

Jinak to, ze si RSIT nemohl stahnout tu soucast vubec nevadi, klidne dejte logy i bez toho :-) Ta soucast neni az tak dulezita, dulezita je hlavne ta spodni cast logu, ktera tam bude ;-)

A nemate proc se omlouvat, vzdyt za to nemuzete! :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#11 Příspěvek od PuntikataZebra »

Pouze tento počítač má problémy s připojením :?: Notebook a mobily jsou v pohodě. Zatím :D
____________________________________________________________________________________

Logfile of random's system information tool 1.10 (written by random/random)
Run by planeo at 2015-07-25 09:19:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 149 GB (31%) free of 477 GB
Total RAM: 2986 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:19:37, on 25.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\planeo\Desktop\RSIT.exe
C:\Program Files\trend micro\planeo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\planeo\Desktop\GSplay.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe

--
End of file - 6378 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DLL-Files FixerASKUSER.job - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe -askuser
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-23 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-24 3770480]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 146032]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 181360]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 190064]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-23 6109776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe []
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 894344]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"GSplay.exe"=C:\Users\planeo\Desktop\GSplay.exe [2014-03-12 4772747]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 330752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-07-23 07:14:58 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-23 07:09:05 ----A---- C:\Windows\avastSS.scr
2015-07-22 19:51:52 ----D---- C:\ProgramData\Malwarebytes
2015-07-22 18:47:24 ----D---- C:\AdwCleaner
2015-07-22 16:32:57 ----A---- C:\Windows\system32\lpk.dll
2015-07-22 16:32:57 ----A---- C:\Windows\system32\fontsub.dll
2015-07-22 16:32:57 ----A---- C:\Windows\system32\dciman32.dll
2015-07-22 16:32:57 ----A---- C:\Windows\system32\atmlib.dll
2015-07-22 16:32:57 ----A---- C:\Windows\system32\atmfd.dll
2015-07-22 16:09:42 ----A---- C:\Windows\system32\drivers\asw409B.tmp
2015-07-22 14:05:20 ----D---- C:\rsit
2015-07-22 14:05:20 ----D---- C:\Program Files\trend micro
2015-07-18 23:09:34 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-07-18 23:09:34 ----A---- C:\Windows\system32\javaw.exe
2015-07-18 23:09:34 ----A---- C:\Windows\system32\java.exe
2015-07-18 23:09:27 ----D---- C:\Program Files\Java
2015-07-15 06:57:41 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 06:57:38 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 06:57:38 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 06:57:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 06:57:37 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 06:57:36 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 06:57:36 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 06:57:36 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 06:57:22 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 06:57:22 ----A---- C:\Windows\system32\msi.dll
2015-07-15 06:57:22 ----A---- C:\Windows\system32\consent.exe
2015-07-15 06:57:22 ----A---- C:\Windows\system32\authui.dll
2015-07-15 06:57:21 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 06:57:21 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 06:57:21 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 06:56:54 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 06:56:53 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 06:56:52 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 06:56:52 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:56:52 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 06:56:52 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 06:56:51 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 06:56:46 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 06:56:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wups.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 06:56:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:56:28 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 06:56:27 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 06:56:27 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 06:56:24 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 06:56:24 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 06:56:23 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 06:56:23 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 06:56:22 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 06:56:21 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 06:56:19 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 06:55:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 06:55:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 06:55:58 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 06:55:58 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 06:55:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 06:55:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 06:55:57 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 06:55:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 06:55:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 06:55:56 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 06:55:56 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 06:55:56 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 06:55:55 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 06:55:54 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 06:55:54 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 06:55:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 06:55:53 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 06:55:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 06:55:50 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 06:55:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:55:47 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 06:55:46 ----A---- C:\Windows\system32\vbscript.dll
2015-07-06 14:18:43 ----D---- C:\Program Files\Rockstar Games

======List of files/folders modified in the last 1 month======

2015-07-25 09:19:35 ----D---- C:\Windows\Temp
2015-07-24 10:35:42 ----D---- C:\Program Files
2015-07-24 10:35:41 ----D---- C:\Windows\system32\drivers
2015-07-24 07:55:22 ----D---- C:\Windows\system32\config
2015-07-23 15:34:16 ----D---- C:\Windows\system32\NDF
2015-07-23 11:07:05 ----D---- C:\Windows\System32
2015-07-23 11:07:05 ----D---- C:\Windows\inf
2015-07-23 11:07:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-23 08:55:45 ----D---- C:\Windows\system32\Tasks
2015-07-23 07:14:56 ----D---- C:\Windows
2015-07-23 07:03:19 ----SHD---- C:\System Volume Information
2015-07-22 22:12:00 ----D---- C:\Windows\Offline Web Pages
2015-07-22 19:51:52 ----HD---- C:\ProgramData
2015-07-22 18:49:49 ----D---- C:\Windows\Tasks
2015-07-22 18:13:49 ----D---- C:\Program Files\Dll-Files.com Fixer
2015-07-22 18:07:00 ----D---- C:\Windows\Prefetch
2015-07-22 18:06:18 ----D---- C:\Windows\winsxs
2015-07-22 18:03:38 ----D---- C:\Windows\system32\catroot
2015-07-22 16:24:48 ----D---- C:\Windows\system32\wfp
2015-07-22 16:24:48 ----D---- C:\Windows\system32\DriverStore
2015-07-22 16:24:44 ----D---- C:\Windows\system32\wbem
2015-07-22 16:23:40 ----SHD---- C:\Windows\Installer
2015-07-22 16:23:40 ----SD---- C:\Windows\system32\GWX
2015-07-22 16:23:40 ----D---- C:\Windows\system32\catroot2
2015-07-22 16:23:40 ----D---- C:\Windows\Minidump
2015-07-22 16:23:40 ----D---- C:\Windows\AppCompat
2015-07-22 16:23:10 ----D---- C:\Program Files\Governor of Poker 2 Premium Edition
2015-07-22 16:23:10 ----D---- C:\Program Files\Google
2015-07-22 16:23:10 ----D---- C:\Program Files\Bullfrog
2015-07-22 16:22:35 ----D---- C:\Windows\registration
2015-07-22 16:22:00 ----SD---- C:\Users\planeo\AppData\Roaming\Microsoft
2015-07-22 16:17:43 ----D---- C:\Program Files\Hasbro Interactive
2015-07-22 16:16:41 ----D---- C:\GAMES
2015-07-22 14:09:38 ----D---- C:\Windows\Panther
2015-07-22 14:09:37 ----D---- C:\Windows\Logs
2015-07-22 14:09:37 ----D---- C:\Windows\debug
2015-07-21 18:46:42 ----D---- C:\Windows\system32\LogFiles
2015-07-16 12:17:07 ----D---- C:\Windows\rescache
2015-07-16 07:03:23 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 07:03:20 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 07:03:20 ----D---- C:\Windows\system32\appraiser
2015-07-16 07:03:19 ----D---- C:\Windows\AppPatch
2015-07-16 07:03:17 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 07:03:15 ----D---- C:\Windows\system32\en-US
2015-07-16 07:03:15 ----D---- C:\Program Files\Internet Explorer
2015-07-15 22:05:20 ----D---- C:\Windows\system32\MRT
2015-07-15 21:51:46 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 12:02:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-10 12:04:57 ----SHD---- C:\$Recycle.Bin
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-23 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-23 208664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-23 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-23 788784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-23 433264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-23 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-23 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-23 113592]
R2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-12-14 3759616]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\l1c51x86.sys [2010-10-21 62576]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECI.sys [2010-10-19 41088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 1806448]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz134;cpuz134; \??\C:\Users\planeo\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-23 146600]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 723744]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-09-27 1064312]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-09-02 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-28 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#12 Příspěvek od PuntikataZebra »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by planeo (administrator) on PLANEO-PC on 25-07-2015 09:27:17
Running from C:\Users\planeo\Desktop
Loaded Profiles: planeo (Available Profiles: planeo)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(forum.viry.cz) C:\Users\planeo\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3770480 2011-06-24] (VIA)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-23] (AVAST Software)
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [GSplay.exe] => C:\Users\planeo\Desktop\GSplay.exe [4772747 2014-03-12] ()
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-23] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3416206781-2165729983-1548596503-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-23] (AVAST Software)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 84.16.113.2 84.16.96.2 84.16.113.105
Tcpip\..\Interfaces\{891BE8FA-43A0-47FE-892E-84B859FFD239}: [DhcpNameServer] 84.16.113.2 84.16.96.2 84.16.113.105

FireFox:
========
FF ProfilePath: C:\Users\planeo\AppData\Roaming\Mozilla\Firefox\Profiles\nr3t4a1b.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-12-28] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3416206781-2165729983-1548596503-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\planeo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\planeo\AppData\Roaming\Mozilla\Firefox\Profiles\o10dfh6p.default-1420529720064\searchplugins\seznam-avast.xml [2015-01-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-11]

Chrome:
=======
CHR Profile: C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-18]
CHR Extension: (Google Search) - C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-18]
CHR Extension: (Google Wallet) - C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Gmail) - C:\Users\planeo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-18]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-23] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2013-09-27] (Flexera Software LLC)
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [723744 2013-01-25] (Autodesk, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-23] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-23] (AVAST Software)
R3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [62576 2010-10-21] (Atheros Communications, Inc.)
R3 MEI; C:\Windows\system32\drivers\HECI.sys [41088 2010-10-19] (Intel Corporation)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1806448 2011-06-14] (VIA Technologies, Inc.)
S3 cpuz134; \??\C:\Users\planeo\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 09:27 - 2015-07-25 09:27 - 00011881 _____ C:\Users\planeo\Desktop\FRST.txt
2015-07-25 09:26 - 2015-07-25 09:27 - 00000000 ____D C:\FRST
2015-07-25 09:25 - 2015-07-25 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\planeo\Desktop\FRSTLauncher.exe
2015-07-25 09:24 - 2015-07-25 09:16 - 01638912 _____ (Farbar) C:\Users\planeo\Desktop\FRST.exe
2015-07-25 09:19 - 2015-07-22 14:34 - 01107968 _____ C:\Users\planeo\Desktop\RSIT.exe
2015-07-23 07:14 - 2015-07-23 07:09 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-23 07:09 - 2015-07-23 07:09 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-22 19:51 - 2015-07-22 19:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-22 19:50 - 2015-07-22 19:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\planeo\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-22 18:47 - 2015-07-22 18:49 - 00000000 ____D C:\AdwCleaner
2015-07-22 18:45 - 2015-07-22 18:45 - 02248704 _____ C:\Users\planeo\Desktop\adwcleaner_4.208.exe
2015-07-22 16:40 - 2015-07-22 16:40 - 01107968 _____ C:\Users\planeo\Downloads\RSIT.exe
2015-07-22 16:32 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 16:32 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 16:32 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 16:32 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 16:32 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 16:09 - 2014-11-11 13:32 - 00024184 _____ C:\Windows\system32\Drivers\asw409B.tmp
2015-07-22 14:05 - 2015-07-25 09:19 - 00000000 ____D C:\Program Files\trend micro
2015-07-22 14:05 - 2015-07-22 14:20 - 00000000 ____D C:\rsit
2015-07-21 18:06 - 2015-07-21 18:06 - 00002171 _____ C:\Users\planeo\Desktop\ip.txt
2015-07-18 23:09 - 2015-07-22 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-18 23:09 - 2015-07-22 16:17 - 00000000 ____D C:\Program Files\Java
2015-07-18 23:09 - 2015-07-18 23:09 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-07-18 23:09 - 2015-07-18 23:09 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-07-18 23:09 - 2015-07-18 23:09 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-07-15 06:57 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 06:57 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 06:57 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 06:57 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 06:57 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 06:57 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 06:57 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 06:57 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 06:57 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 06:57 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 06:57 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 06:57 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 06:57 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 06:57 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 06:57 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 06:57 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 06:57 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 06:57 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 06:57 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 06:57 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 06:56 - 2015-07-09 19:44 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:56 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 06:56 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 06:56 - 2015-07-09 19:42 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 06:56 - 2015-07-09 19:42 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 06:56 - 2015-07-09 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 06:56 - 2015-07-09 19:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 06:56 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 06:56 - 2015-07-09 19:42 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 06:56 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 06:56 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 06:56 - 2015-07-09 19:34 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 06:56 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 06:56 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 06:56 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 06:56 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 06:56 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 06:56 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 06:56 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 06:56 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 06:56 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 06:56 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 06:56 - 2015-06-09 21:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 06:56 - 2015-06-09 21:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 06:56 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 06:56 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 06:56 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 06:56 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 06:56 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 06:55 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 06:55 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 06:55 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 06:55 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 06:55 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 06:55 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 06:55 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:55 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 06:55 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 06:55 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 06:55 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 06:55 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 06:55 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 06:55 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 06:55 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 06:55 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 06:55 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 06:55 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 06:55 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 06:55 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 06:55 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 06:55 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 06:55 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 06:55 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 11:06 - 2015-07-14 11:06 - 00000004 _____ C:\Users\planeo\Desktop\test.dat
2015-07-10 12:04 - 2015-07-19 12:22 - 00019592 _____ C:\Windows\system32\ScanResults.xml
2015-07-10 12:01 - 2015-07-22 16:26 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-08 11:58 - 2015-07-08 11:58 - 00772016 _____ (Reimage®) C:\Users\planeo\Downloads\ReimageRepair.exe
2015-07-06 14:29 - 2015-07-06 14:53 - 00000000 ____D C:\Users\planeo\Documents\GTA San Andreas User Files
2015-07-06 14:19 - 2015-07-06 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA Liberty City Stories PC Edition beta 3.1.1
2015-07-06 14:18 - 2015-07-06 14:18 - 00000000 ____D C:\Program Files\Rockstar Games
2015-07-06 13:55 - 2015-07-06 14:12 - 278608083 _____ () C:\Users\planeo\Downloads\gta-liberty-city-stories-pc-edition-beta-3-1-1.exe
2015-07-04 18:23 - 2015-07-04 19:00 - 667822826 _____ C:\Users\planeo\Downloads\GTA-3-Liberty-City-Komplet-Hra.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 09:26 - 2013-03-13 11:00 - 01769995 _____ C:\Windows\WindowsUpdate.log
2015-07-25 09:20 - 2010-11-20 23:01 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 09:03 - 2013-07-18 15:48 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 09:02 - 2013-05-11 12:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 08:01 - 2013-07-18 15:48 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 07:42 - 2009-07-14 06:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 07:42 - 2009-07-14 06:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 07:21 - 2013-06-02 07:10 - 00069750 _____ C:\Windows\setupact.log
2015-07-25 07:21 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-23 21:03 - 2014-05-19 19:03 - 00000274 _____ C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2015-07-23 15:34 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-07-23 08:54 - 2013-06-26 13:04 - 00263562 _____ C:\Windows\PFRO.log
2015-07-23 07:17 - 2013-11-21 18:04 - 00002089 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-23 07:14 - 2014-05-11 07:32 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-23 07:14 - 2013-12-21 10:13 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-23 07:14 - 2013-05-11 10:55 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-23 07:14 - 2013-05-11 10:55 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-23 07:14 - 2013-05-11 10:55 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-23 07:14 - 2013-05-11 10:55 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-23 07:14 - 2013-05-11 10:55 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-23 07:08 - 2013-05-11 10:55 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-22 22:12 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\Offline Web Pages
2015-07-22 22:10 - 2013-05-11 12:42 - 00000000 ____D C:\Users\planeo\Downloads\instalace
2015-07-22 18:49 - 2013-03-13 11:01 - 00001088 _____ C:\Users\planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-22 18:13 - 2014-05-19 19:02 - 00001010 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-07-22 18:13 - 2014-05-19 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2015-07-22 18:13 - 2014-05-19 19:02 - 00000000 ____D C:\Program Files\Dll-Files.com Fixer
2015-07-22 18:06 - 2009-07-14 06:33 - 00545400 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-22 16:29 - 2014-11-11 13:32 - 00001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-22 16:24 - 2013-03-13 11:00 - 00000000 ____D C:\Users\planeo
2015-07-22 16:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-07-22 16:23 - 2015-04-04 22:36 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 16:23 - 2015-01-09 16:58 - 00000000 ____D C:\Users\planeo\Desktop\SaS2
2015-07-22 16:23 - 2014-11-11 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-22 16:23 - 2014-06-24 15:29 - 00000000 ____D C:\Users\planeo\Documents\FIFA 14
2015-07-22 16:23 - 2014-05-19 19:22 - 00000000 ____D C:\Users\planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UDS
2015-07-22 16:23 - 2013-10-25 16:50 - 00000000 ____D C:\Windows\Minidump
2015-07-22 16:23 - 2013-07-18 15:48 - 00000000 ____D C:\Program Files\Google
2015-07-22 16:23 - 2013-06-26 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Governor of Poker 2 Premium Edition
2015-07-22 16:23 - 2013-06-26 09:46 - 00000000 ____D C:\Program Files\Governor of Poker 2 Premium Edition
2015-07-22 16:23 - 2013-06-25 15:52 - 00000000 ____D C:\Users\planeo\AppData\Local\Unity
2015-07-22 16:23 - 2013-05-25 13:02 - 00000000 ____D C:\Program Files\Bullfrog
2015-07-22 16:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-07-22 16:22 - 2014-05-05 10:09 - 00000000 ____D C:\Users\planeo\GSplay
2015-07-22 16:22 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-07-22 16:17 - 2013-07-18 15:48 - 00000000 ____D C:\Users\planeo\AppData\Local\Google
2015-07-22 16:17 - 2013-05-24 19:12 - 00000000 ____D C:\Program Files\Hasbro Interactive
2015-07-22 16:16 - 2014-05-19 19:03 - 00000000 ____D C:\GAMES
2015-07-22 14:09 - 2011-12-28 13:28 - 00000000 ____D C:\Windows\Panther
2015-07-21 18:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-07-18 19:02 - 2014-05-19 19:02 - 00000282 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2015-07-16 12:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-16 07:03 - 2014-12-11 10:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 07:03 - 2014-04-30 11:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 22:05 - 2013-07-13 15:48 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 21:51 - 2013-06-26 10:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 19:05 - 2014-05-19 19:02 - 00000266 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-07-15 13:53 - 2013-05-11 12:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 12:02 - 2013-05-11 12:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 12:02 - 2011-12-29 10:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-06 14:29 - 2013-05-11 13:30 - 00000000 ____D C:\Users\planeo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-07-03 08:49 - 2011-12-28 14:51 - 127070192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 20:29 - 2014-09-26 20:54 - 00000000 ____D C:\Users\planeo\Documents\GTA Vice City User Files

==================== Files in the root of some directories =======


Some files in TEMP:
====================
C:\Users\planeo\AppData\Local\Temp\7z920.exe
C:\Users\planeo\AppData\Local\Temp\AcDeltree.exe
C:\Users\planeo\AppData\Local\Temp\AutoRun.exe
C:\Users\planeo\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\planeo\AppData\Local\Temp\bi_cleaner.exe
C:\Users\planeo\AppData\Local\Temp\down.4264.assistant_v3.exe
C:\Users\planeo\AppData\Local\Temp\down.4264.OptimizerProInstaller.exe
C:\Users\planeo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0h1fm8.dll
C:\Users\planeo\AppData\Local\Temp\EADB2DA.exe
C:\Users\planeo\AppData\Local\Temp\EBU4D0D.exe
C:\Users\planeo\AppData\Local\Temp\EBU5C49.DLL
C:\Users\planeo\AppData\Local\Temp\install_helper.exe
C:\Users\planeo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\planeo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\planeo\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\planeo\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\planeo\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\planeo\AppData\Local\Temp\Quarantine.exe
C:\Users\planeo\AppData\Local\Temp\ReimagePackage.exe
C:\Users\planeo\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\planeo\AppData\Local\Temp\sqlite-3.8.2-x86-sqlitejdbc.dll
C:\Users\planeo\AppData\Local\Temp\sqlite3.dll
C:\Users\planeo\AppData\Local\Temp\sqlite3.exe
C:\Users\planeo\AppData\Local\Temp\Tsu30394D19.dll
C:\Users\planeo\AppData\Local\Temp\UninstallEADM.dll
C:\Users\planeo\AppData\Local\Temp\UNTAE5E.tmp.exe
C:\Users\planeo\AppData\Local\Temp\UNTAE5F.tmp.exe
C:\Users\planeo\AppData\Local\Temp\UNTAE61.tmp.exe
C:\Users\planeo\AppData\Local\Temp\UNTAE62.tmp.exe
C:\Users\planeo\AppData\Local\Temp\UNTAE63.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 11:13




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.76 GB) (Free:145.1 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.47 GB) (Free:6.15 GB) FAT32

Available physical RAM: 1995.71 MB
Total physical RAM: 2985.94 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B8E4A564)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\planeo\Desktop" je 14027 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.zip
(38.76 KiB) Staženo 44 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#13 Příspěvek od Márty84 »

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\planeo\Desktop" je 14027 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)


:arrow: Pokud nepouzivate, odinstalujte Akamai.

:arrow: Vypnete trvale Windows Defender.



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [GSplay.exe] => C:\Users\planeo\Desktop\GSplay.exe [4772747 2014-03-12] ()
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

SearchScopes: HKU\S-1-5-21-3416206781-2165729983-1548596503-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)

S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-09-02 194032]

2015-07-22 19:51 - 2015-07-22 19:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-22 19:50 - 2015-07-22 19:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\planeo\Downloads\mbam-setup-2.1.8.1057.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
PuntikataZebra
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 22 črc 2015 13:27

Re: RSIT preventivka - pomalý počítač

#14 Příspěvek od PuntikataZebra »

Fix result of Farbar Recovery Scan Tool (x86) Version: 25-07-2015
Ran by planeo at 2015-07-25 21:37:13 Run:1
Running from C:\Users\planeo\Desktop
Loaded Profiles: planeo (Available Profiles: planeo)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\planeo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\...\Run: [GSplay.exe] => C:\Users\planeo\Desktop\GSplay.exe [4772747 2014-03-12] ()
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

SearchScopes: HKU\S-1-5-21-3416206781-2165729983-1548596503-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)

S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-09-02 194032]

2015-07-22 19:51 - 2015-07-22 19:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-22 19:50 - 2015-07-22 19:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\planeo\Downloads\mbam-setup-2.1.8.1057.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully.
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully.
HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GSplay.exe => value removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
"HKU\S-1-5-21-3416206781-2165729983-1548596503-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}" => key removed successfully.
HKCR\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully.
"HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully.
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully.
MBAMSwissArmy => service removed successfully.
AdobeARMservice => service removed successfully.
BBUpdate => service removed successfully.
BBSvc => service removed successfully.
gupdate => service removed successfully.
AdobeFlashPlayerUpdateSvc => service removed successfully.
gupdatem => service removed successfully.
gusvc => service removed successfully.
C:\ProgramData\Malwarebytes => moved successfully.
C:\Users\planeo\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\DLL-Files FixerASKUSER.job => moved successfully.
C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => moved successfully.
C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully..
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 10.1 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:39:02 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: RSIT preventivka - pomalý počítač

#15 Příspěvek od Márty84 »

:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“