Preventivní prohlídka + 60-70% RAM

Zpráva

GuerrCZ · #1 Příspěvek od **GuerrCZ** » 25 srp 2014 23:32

Dobrý den.
Chtěl bych si nechat prohlídnout notebook, protože je pomalej a má zahlcenou RAM.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014 01
Ran by Jonas (administrator) on AUTIC-N016 on 26-08-2014 00:32:48
Running from C:\Users\jonas\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
(Realtek) C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Sysinternals - http://www.sysinternals.com) C:\Users\jonas\Desktop\Hry\Hryy\ProcessExplorer\procexp.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Sysinternals - http://www.sysinternals.com) C:\Users\jonas\AppData\Local\Temp\procexp64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Curse, Inc) C:\Users\jonas\AppData\Roaming\Curse Client\Bin\Curse.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2941496 2011-03-18] (Hewlett-Packard Company)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [627360 2011-05-10] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-05-10] (Atheros Commnucations)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2011-05-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2916584 2010-08-12] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-05-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-07] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-04-22] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HPQuickWebProxy] => c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-08-09] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Google Update] => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-16] (Google Inc.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-08-20] (Raptr, Inc)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {33f57235-da28-11e1-9060-d0df9ae649f6} - D:\AutoRun.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {9225eb1a-c9fc-11e2-8605-c973f28737b8} - D:\Setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {b94d523a-4520-11e2-84f9-d0df9ae649f6} - D:\Startme.exe
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\jonas\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
URLSearchHook: HKLM-x32 - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\prxtbBS_P.dll No File
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\prxtbBS_P.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {75F1308F-9A2C-497F-8603-7728FF4257F4} URL = http://websearch.ask.com/redirect?clien ... 8CF3EDD437
SearchScopes: HKCU - {EF2A6B9A-0E3A-4956-8CF1-7AE48F8292E8} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: BS Player Toolbar -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> C:\Program Files (x86)\BS_Player\prxtbBS_P.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\prxtbBS_P.dll No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: HKLM-x32 {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} http://psslavia.cz/VitaminCtrl_2_1_0_26.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.195.165.131 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kb-ext.cz/PKIComponent -> C:\Users\jonas\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\jonas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\jonas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-31]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-12]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071313
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-16]
CHR Extension: (Battlefield Heroes) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-16]
CHR Extension: (AdBlock) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-21]
CHR Extension: (Peněženka Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-02-12]
CHR Extension: (Battlefield Play4Free) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-04-20]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-16]
CHR HKCU\...\Chrome\Extension: [efbkdhmfnmnmfimllbjamfodcoanhmdd] - C:\Users\jonas\AppData\Local\WebToSave.crx [2013-09-12]
CHR HKCU\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\jonas\AppData\Local\FastDiscountz.crx [2013-09-14]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\jonas\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-03-31]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-03-31]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\jonas\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [2013-02-04]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-02-04]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-02-04]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [2013-02-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-17] (SUPERAntiSpyware.com)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-10] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [80032 2011-05-10] (Atheros Commnucations) [File not signed]
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9309544 2010-04-19] (DisplayLink Corp.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2010-08-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2010-08-12] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464440 2011-05-10] (Hewlett-Packard Company)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-03-23] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-14] (Hewlett-Packard Company)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-05-24] () [File not signed]
R2 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-04-22] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-07-13] ()
R2 RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [40960 2011-05-30] (Realtek) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-06-07] (IDT, Inc.) [File not signed]
R2 tvnserver; C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.3.24474.0.sys [17408 2012-02-14] (http://libusb-win32.sourceforge.net)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-31] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [168544 2010-07-29] (ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-12] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [171152 2010-07-29] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33632 2010-07-29] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-07-29] (ESET)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-25] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-02-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [624224 2014-02-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-20] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-19] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-25] (Kaspersky Lab ZAO)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x64-n51f.sys [67584 2012-02-14] (SMSC)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158280 2011-05-24] (McAfee, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 00:31 - 2014-08-26 00:33 - 00035913 _____ () C:\Users\jonas\Desktop\FRST.txt
2014-08-26 00:22 - 2014-08-26 00:32 - 00000000 ____D () C:\FRST
2014-08-26 00:20 - 2014-08-26 00:20 - 02103296 _____ (Farbar) C:\Users\jonas\Desktop\FRST64.exe
2014-08-26 00:20 - 2014-08-26 00:20 - 00112640 _____ (forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
2014-08-25 16:16 - 2014-08-25 21:02 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\vlc
2014-08-25 15:58 - 2014-08-25 15:58 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-25 15:56 - 2014-08-25 15:57 - 24743106 _____ () C:\Users\jonas\Desktop\vlc-2.1.5-win32.exe
2014-08-24 14:02 - 2014-08-24 14:03 - 00833208 _____ () C:\windows\Minidump\082414-32479-01.dmp
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\Program Files\AMD
2014-08-24 08:59 - 2014-08-24 11:14 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForJonas.job
2014-08-24 08:59 - 2014-08-24 08:59 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJonas
2014-08-24 08:57 - 2014-08-24 08:57 - 00000000 ____D () C:\Users\jonas\AppData\Local\BBC
2014-08-19 09:50 - 2014-08-19 09:50 - 00175012 _____ () C:\windows\PFRO.log
2014-08-18 17:38 - 2014-08-18 17:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-18 11:07 - 2014-08-18 11:09 - 00018473 _____ () C:\windows\DirectX.log
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Turbine
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\library_dir
2014-08-18 09:24 - 2014-08-26 00:15 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Raptr
2014-08-18 09:24 - 2014-08-24 09:22 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-17 16:41 - 2014-08-17 16:41 - 00000000 ____D () C:\Users\jonas\AppData\Local\2K Games
2014-08-17 16:39 - 2014-08-17 16:39 - 00002105 _____ () C:\Users\Public\Desktop\Mafia II.lnk
2014-08-17 16:39 - 2014-08-17 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2014-08-17 16:28 - 2014-08-17 16:28 - 00000000 ____D () C:\Program Files (x86)\2K Games
2014-08-15 20:51 - 2014-08-15 20:51 - 00000948 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Juarez Gunslinger.lnk
2014-08-15 20:51 - 2014-08-15 20:51 - 00000936 _____ () C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2014-08-15 20:45 - 2014-08-15 20:59 - 00000000 ____D () C:\Program Files (x86)\Call of Juarez Gunslinger
2014-08-15 20:39 - 2014-08-24 14:02 - 482969257 _____ () C:\windows\MEMORY.DMP
2014-08-11 10:17 - 2014-08-26 00:06 - 00012460 _____ () C:\windows\setupact.log
2014-08-11 10:17 - 2014-08-11 10:17 - 00000000 _____ () C:\windows\setuperr.log
2014-08-04 21:43 - 2014-08-07 19:28 - 00000000 ____D () C:\2-click run
2014-08-04 17:37 - 2014-08-04 17:38 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-08-04 17:25 - 2014-08-04 17:27 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Tunngle
2014-08-04 17:25 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\jonas\Documents\Tunngle
2014-08-04 17:24 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2014-08-04 12:19 - 2014-08-04 12:19 - 00000000 ____D () C:\Users\jonas\AppData\Local\Electronic_Arts_Inc
2014-08-04 12:18 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
2014-07-29 15:37 - 2014-07-29 15:37 - 31932045 _____ () C:\Users\jonas\AppData\Roaming\Roaming.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 00:33 - 2014-08-26 00:31 - 00035913 _____ () C:\Users\jonas\Desktop\FRST.txt
2014-08-26 00:32 - 2014-08-26 00:22 - 00000000 ____D () C:\FRST
2014-08-26 00:30 - 2012-10-22 14:28 - 00000000 ____D () C:\Users\jonas\Desktop\Hry
2014-08-26 00:27 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-26 00:20 - 2014-08-26 00:20 - 02103296 _____ (Farbar) C:\Users\jonas\Desktop\FRST64.exe
2014-08-26 00:20 - 2014-08-26 00:20 - 00112640 _____ (forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
2014-08-26 00:18 - 2012-02-09 18:33 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Skype
2014-08-26 00:15 - 2014-08-18 09:24 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Raptr
2014-08-26 00:15 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\tracing
2014-08-26 00:14 - 2009-07-14 06:45 - 00031312 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 00:14 - 2009-07-14 06:45 - 00031312 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 00:13 - 2013-06-05 08:33 - 00000000 ____D () C:\ProgramData\Origin
2014-08-26 00:13 - 2011-08-31 06:49 - 00669466 _____ () C:\windows\system32\perfh005.dat
2014-08-26 00:13 - 2011-08-31 06:49 - 00141564 _____ () C:\windows\system32\perfc005.dat
2014-08-26 00:13 - 2009-07-14 07:13 - 01580126 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-26 00:12 - 2014-01-25 16:22 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-26 00:11 - 2013-06-05 08:33 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-26 00:10 - 2014-01-25 17:38 - 02016924 _____ () C:\windows\WindowsUpdate.log
2014-08-26 00:10 - 2012-02-22 13:32 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 00:06 - 2014-08-11 10:17 - 00012460 _____ () C:\windows\setupact.log
2014-08-26 00:06 - 2014-01-25 16:29 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-26 00:06 - 2013-02-13 08:28 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-08-26 00:06 - 2011-08-31 08:17 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-26 00:06 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-25 22:02 - 2012-02-22 13:32 - 00000950 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 22:01 - 2012-01-16 18:54 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job
2014-08-25 21:50 - 2012-04-10 09:47 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 21:02 - 2014-08-25 16:16 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\vlc
2014-08-25 20:15 - 2013-05-09 21:24 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for Jonas.job
2014-08-25 15:58 - 2014-08-25 15:58 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-25 15:57 - 2014-08-25 15:56 - 24743106 _____ () C:\Users\jonas\Desktop\vlc-2.1.5-win32.exe
2014-08-25 10:54 - 2012-01-05 17:58 - 00003966 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{63024A0A-D262-441A-804E-7C19DBC2A1F9}
2014-08-25 00:01 - 2012-01-16 18:54 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job
2014-08-24 15:00 - 2012-01-16 21:04 - 00000000 ____D () C:\Users\jonas\AppData\Local\CrashDumps
2014-08-24 14:03 - 2014-08-24 14:02 - 00833208 _____ () C:\windows\Minidump\082414-32479-01.dmp
2014-08-24 14:02 - 2014-08-15 20:39 - 482969257 _____ () C:\windows\MEMORY.DMP
2014-08-24 14:02 - 2012-02-14 12:16 - 00000000 ____D () C:\windows\Minidump
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\Program Files\AMD
2014-08-24 12:32 - 2014-01-30 16:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 11:14 - 2014-08-24 08:59 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForJonas.job
2014-08-24 11:00 - 2013-07-13 10:08 - 00000000 ____D () C:\Users\jonas\Documents\Battlefield Heroes
2014-08-24 09:56 - 2014-07-10 12:09 - 00000000 ____D () C:\Users\jonas\Documents\Euro Truck Simulator 2
2014-08-24 09:56 - 2013-06-08 08:16 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-08-24 09:28 - 2014-01-31 09:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-24 09:22 - 2014-08-18 09:24 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-24 09:00 - 2012-01-05 19:11 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Adobe
2014-08-24 08:59 - 2014-08-24 08:59 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJonas
2014-08-24 08:57 - 2014-08-24 08:57 - 00000000 ____D () C:\Users\jonas\AppData\Local\BBC
2014-08-23 23:07 - 2014-07-19 22:26 - 00000003 _____ () C:\windows\system32\HRUPPROG.TXT
2014-08-19 09:50 - 2014-08-19 09:50 - 00175012 _____ () C:\windows\PFRO.log
2014-08-19 09:32 - 2013-06-20 14:13 - 00000000 ____D () C:\Users\jonas\AppData\Local\Game Dev Tycoon
2014-08-18 20:55 - 2013-06-05 08:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-18 17:49 - 2011-08-31 07:33 - 01559508 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-08-18 17:38 - 2014-08-18 17:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-18 17:35 - 2013-06-15 17:43 - 00000000 ____D () C:\AMD
2014-08-18 17:35 - 2012-01-19 12:49 - 00000000 ____D () C:\Users\jonas\AppData\Local\Adobe
2014-08-18 11:09 - 2014-08-18 11:07 - 00018473 _____ () C:\windows\DirectX.log
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Turbine
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\library_dir
2014-08-17 16:41 - 2014-08-17 16:41 - 00000000 ____D () C:\Users\jonas\AppData\Local\2K Games
2014-08-17 16:39 - 2014-08-17 16:39 - 00002105 _____ () C:\Users\Public\Desktop\Mafia II.lnk
2014-08-17 16:39 - 2014-08-17 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2014-08-17 16:28 - 2014-08-17 16:28 - 00000000 ____D () C:\Program Files (x86)\2K Games
2014-08-15 20:59 - 2014-08-15 20:45 - 00000000 ____D () C:\Program Files (x86)\Call of Juarez Gunslinger
2014-08-15 20:51 - 2014-08-15 20:51 - 00000948 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Juarez Gunslinger.lnk
2014-08-15 20:51 - 2014-08-15 20:51 - 00000936 _____ () C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2014-08-15 20:45 - 2013-05-31 20:38 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\DAEMON Tools Lite
2014-08-15 20:16 - 2012-01-16 20:49 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\.minecraft
2014-08-11 10:17 - 2014-08-11 10:17 - 00000000 _____ () C:\windows\setuperr.log
2014-08-11 07:51 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-10 07:45 - 2011-08-31 08:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-10 07:40 - 2013-05-31 16:27 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\uTorrent
2014-08-07 19:29 - 2013-06-20 14:13 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-07 19:28 - 2014-08-04 21:43 - 00000000 ____D () C:\2-click run
2014-08-06 15:42 - 2011-10-10 20:58 - 00000000 ____D () C:\ProgramData\Skype
2014-08-05 11:49 - 2014-02-20 19:00 - 00000000 ____D () C:\Games
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-04 19:23 - 2012-01-05 17:58 - 00108840 _____ () C:\Users\jonas\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 17:46 - 2009-07-14 06:45 - 00415984 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-04 17:38 - 2014-08-04 17:37 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-08-04 17:27 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Tunngle
2014-08-04 17:25 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\jonas\Documents\Tunngle
2014-08-04 13:32 - 2012-01-05 17:58 - 00000000 ____D () C:\Users\jonas\Documents\Bluetooth Folder
2014-08-04 12:19 - 2014-08-04 12:19 - 00000000 ____D () C:\Users\jonas\AppData\Local\Electronic_Arts_Inc
2014-08-04 12:18 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
2014-08-04 12:18 - 2013-06-01 16:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-01 17:39 - 2012-02-20 08:50 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-01 17:39 - 2012-01-16 19:03 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-07-30 12:30 - 2013-06-05 08:34 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Origin
2014-07-30 09:19 - 2014-07-12 01:59 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Curse Client
2014-07-29 15:37 - 2014-07-29 15:37 - 31932045 _____ () C:\Users\jonas\AppData\Roaming\Roaming.rar
2014-07-27 08:36 - 2012-05-11 12:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 08:36 - 2012-05-11 12:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\jonas\AppData\Local\Temp\procexp64.exe
C:\Users\jonas\AppData\Local\Temp\SAS6_Update.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForJonas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\Norton Security Scan for Jonas.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: ESET Smart Security 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\jonas\Desktop" je 30497 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001

==================== End Of Log ==============================

GuerrCZ · #2 Příspěvek od **GuerrCZ** » 25 srp 2014 23:33

Addition

#3 Příspěvek od **vyosek** » 26 srp 2014 07:27

Zdravim

Bezi vam tam Kaspersky a ESET - dva antiviry spolu koliduji, jeden z nich tedy musi pryc

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

GuerrCZ · #4 Příspěvek od **GuerrCZ** » 26 srp 2014 07:53

A jakej mam odstranit ? ESET je koupenej, Kaspersky free, takže asi Kaspersky co?

#5 Příspěvek od **vyosek** » 26 srp 2014 08:35

Tak Kasperskyho do pryc kdyz mate na ESET koupenou licenci...

GuerrCZ · #6 Příspěvek od **GuerrCZ** » 26 srp 2014 09:05

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Jonas on Łt 26.08.2014 at 9:55:44,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{e55e7026-ef2a-4a17-aaa7-db98ea3fd1b1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{75F1308F-9A2C-497F-8603-7728FF4257F4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EF2A6B9A-0E3A-4956-8CF1-7AE48F8292E8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"

~~~ Files

Successfully deleted: [File] "C:\Users\jonas\appdata\local\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\jonas\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\jonas\AppData\Roaming\dsite"
Successfully deleted: [Folder] "C:\Users\jonas\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\jonas\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Users\jonas\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect"
Successfully deleted: [Empty Folder] C:\Users\jonas\appdata\local\{0E83769F-1626-45A9-AAFE-5D2AE148D8B1}
Successfully deleted: [Empty Folder] C:\Users\jonas\appdata\local\{6DB86FF8-E62D-421B-8D56-DEAA094322F2}
Successfully deleted: [Empty Folder] C:\Users\jonas\appdata\local\{F45DD160-F6BB-4D94-A416-8E4830C0539A}
Successfully deleted: [Empty Folder] C:\Users\jonas\appdata\local\{FFAC32B4-B29D-42C4-A5C7-1B39600F0DB7}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\jonas\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 26.08.2014 at 10:08:16,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GuerrCZ · #7 Příspěvek od **GuerrCZ** » 26 srp 2014 09:25

# AdwCleaner v3.308 - Report created 26/08/2014 at 10:18:18
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Jonas - AUTIC-N016
# Running from : C:\Users\jonas\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\VideoConverter
Folder Deleted : C:\Program Files (x86)\BS_Player

***** [ Scheduled Tasks ] *****

Task Deleted : DSite
Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\oldchfemoapgakfjnmbngnljnkoapbhd
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\955d6d1e73eef13
Key Deleted : HKLM\SOFTWARE\955d6d1e73eef13
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A07418D-8647-4C4C-A098-0EF8A935A1D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58653CD5-7BAE-4ACC-A1B2-659AB520137C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\BS_Player
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Converter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16448

-\\ Google Chrome v

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=A8CBA0E6-AD90-42AA-854C-D95DF0B294CF&apn_ptnrs=U3&apn_sauid=0B3D9317-D587-4E56-AA5B-7C8CF3EDD437&apn_dtid=OSJ000YYCZ&q={searchTerms}
Deleted [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
Deleted [Extension] : oldchfemoapgakfjnmbngnljnkoapbhd
Deleted [Extension] : pgafcinpmmpklohkojmllohdhomoefph

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [17875 octets] - [26/08/2014 10:11:03]
AdwCleaner[S0].txt - [9272 octets] - [26/08/2014 10:18:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9332 octets] ##########

#8 Příspěvek od **vyosek** » 26 srp 2014 10:58

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

GuerrCZ · #9 Příspěvek od **GuerrCZ** » 26 srp 2014 14:57

Zoek.exe v5.0.0.0 Updated 26-08-2014
Tool run by Jonas on Łt 26.08.2014 at 15:28:01,98.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jonas\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

26.8.2014 15:32:06 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\jonas\AppData\Roaming\DigitalSites deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\jonas\AppData\Local\FastDiscountz.crx deleted
C:\Users\jonas\AppData\Local\WebToSave.crx deleted
C:\Users\jonas\AppData\Local\APN deleted
C:\Users\jonas\AppData\Local\Conduit deleted
C:\Users\jonas\AppData\LocalLow\BS_Player deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\Users\jonas\AppData\Local\LumaEmu" deleted
"C:\Users\jonas\AppData\Roaming\Apasbi\vuvu.kaw" deleted
"C:\Users\jonas\AppData\Roaming\Tunngle\Local.key" deleted
"C:\Users\jonas\AppData\Roaming\Tunngle\Local.pub" deleted
"C:\Users\jonas\AppData\Roaming\Emgu" deleted
"C:\Users\jonas\AppData\Roaming\Fuho" deleted
"C:\Users\jonas\AppData\Roaming\Apasbi" deleted
"C:\Users\jonas\AppData\Roaming\Tunngle" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [12.02.2013 11:05]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efbkdhmfnmnmfimllbjamfodcoanhmdd - C:\Users\jonas\AppData\Local\WebToSave.crx[]

Battlefield Heroes - jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh
AdBlock - jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Startpages ======================

C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071313",

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Default_Page_URL"="http://companyweb"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.bing.com?pc=CMNTDF"
"Start Page"="http://www.bing.com?pc=CMNTDF"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.bing.com?pc=CMNTDF"
"Start Page"="http://www.bing.com?pc=CMNTDF"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"

==== Reset Google Chrome ======================

C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\efbkdhmfnmnmfimllbjamfodcoanhmdd deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\racl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=163 folders=66 15945150 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jonas\AppData\Local\Temp will be emptied at reboot
C:\Users\racl\AppData\Local\Temp emptied successfully
C:\Users\user\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\jonas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on Łt 26.08.2014 at 15:57:03,53 ======================

#10 Příspěvek od **vyosek** » 26 srp 2014 15:23

Poprosim o novy log z FRST

GuerrCZ · #11 Příspěvek od **GuerrCZ** » 26 srp 2014 15:30

Tady to je

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014 01
Ran by Jonas (administrator) on AUTIC-N016 on 26-08-2014 16:28:27
Running from C:\Users\jonas\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Realtek) C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe
(GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Curse, Inc) C:\Users\jonas\AppData\Roaming\Curse Client\Bin\Curse.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Users\jonas\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2941496 2011-03-18] (Hewlett-Packard Company)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [627360 2011-05-10] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-05-10] (Atheros Commnucations)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2011-05-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2916584 2010-08-12] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-05-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-07] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-04-22] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HPQuickWebProxy] => c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-08-09] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Google Update] => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-16] (Google Inc.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-26] (Electronic Arts)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-08-20] (Raptr, Inc)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {33f57235-da28-11e1-9060-d0df9ae649f6} - D:\AutoRun.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {9225eb1a-c9fc-11e2-8605-c973f28737b8} - D:\Setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {b94d523a-4520-11e2-84f9-d0df9ae649f6} - D:\Startme.exe
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\jonas\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: HKLM-x32 {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} http://psslavia.cz/VitaminCtrl_2_1_0_26.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 217.195.165.131 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @kb-ext.cz/PKIComponent -> C:\Users\jonas\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\jonas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\jonas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-31]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-12]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-06]

Chrome:
=======
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-26]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-16]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-16]
CHR Extension: (Peněženka Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-02-12]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-17] (SUPERAntiSpyware.com)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-10] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [80032 2011-05-10] (Atheros Commnucations) [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9309544 2010-04-19] (DisplayLink Corp.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2010-08-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2010-08-12] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464440 2011-05-10] (Hewlett-Packard Company)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-03-23] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-14] (Hewlett-Packard Company)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-05-24] () [File not signed]
R2 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-04-22] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-07-13] ()
R2 RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [40960 2011-05-30] (Realtek) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-06-07] (IDT, Inc.) [File not signed]
R2 tvnserver; C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.3.24474.0.sys [17408 2012-02-14] (http://libusb-win32.sourceforge.net)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-31] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [168544 2010-07-29] (ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-12] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [171152 2010-07-29] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33632 2010-07-29] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-07-29] (ESET)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x64-n51f.sys [67584 2012-02-14] (SMSC)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158280 2011-05-24] (McAfee, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 15:53 - 2014-08-26 15:27 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-26 15:31 - 2014-08-26 15:57 - 00010163 _____ () C:\zoek-results.log
2014-08-26 15:27 - 2014-08-26 15:48 - 00000000 ____D () C:\zoek_backup
2014-08-26 15:26 - 2014-08-26 15:27 - 01288704 _____ () C:\Users\jonas\Desktop\zoek.exe
2014-08-26 10:23 - 2014-08-26 15:54 - 00000642 _____ () C:\windows\PFRO.log
2014-08-26 10:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-26 10:10 - 2014-08-26 10:21 - 00000000 ____D () C:\AdwCleaner
2014-08-26 10:08 - 2014-08-26 10:08 - 00008063 _____ () C:\Users\jonas\Desktop\JRT.txt
2014-08-26 09:55 - 2014-08-26 09:55 - 00000000 ____D () C:\windows\ERUNT
2014-08-26 09:48 - 2014-08-26 15:54 - 00000168 _____ () C:\windows\setupact.log
2014-08-26 09:48 - 2014-08-26 09:48 - 00000000 _____ () C:\windows\setuperr.log
2014-08-26 09:44 - 2014-08-26 09:44 - 00057178 _____ () C:\Users\jonas\Desktop\cc_20140826_094450.reg
2014-08-26 09:42 - 2014-08-26 09:44 - 01364531 _____ () C:\Users\jonas\Desktop\adwcleaner_3.308.exe
2014-08-26 09:42 - 2014-08-26 09:42 - 01016261 _____ (Thisisu) C:\Users\jonas\Desktop\JRT.exe
2014-08-26 00:35 - 2014-08-26 00:35 - 00011262 _____ () C:\Users\jonas\Desktop\Addition.rar
2014-08-26 00:31 - 2014-08-26 16:29 - 00027375 _____ () C:\Users\jonas\Desktop\FRST.txt
2014-08-26 00:22 - 2014-08-26 16:28 - 00000000 ____D () C:\FRST
2014-08-26 00:20 - 2014-08-26 00:20 - 02103296 _____ (Farbar) C:\Users\jonas\Desktop\FRST64.exe
2014-08-26 00:20 - 2014-08-26 00:20 - 00112640 _____ (forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
2014-08-26 00:15 - 2014-08-26 00:15 - 00000000 ____H () C:\Users\jonas\Desktop\~WRL0003.tmp
2014-08-25 16:16 - 2014-08-25 21:02 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\vlc
2014-08-25 15:58 - 2014-08-25 15:58 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\Program Files\AMD
2014-08-24 08:59 - 2014-08-24 11:14 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForJonas.job
2014-08-24 08:59 - 2014-08-24 08:59 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJonas
2014-08-24 08:57 - 2014-08-24 08:57 - 00000000 ____D () C:\Users\jonas\AppData\Local\BBC
2014-08-18 17:38 - 2014-08-18 17:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Turbine
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\library_dir
2014-08-18 09:24 - 2014-08-26 16:00 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Raptr
2014-08-18 09:24 - 2014-08-24 09:22 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-17 16:41 - 2014-08-17 16:41 - 00000000 ____D () C:\Users\jonas\AppData\Local\2K Games
2014-08-17 16:39 - 2014-08-17 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2014-08-17 16:28 - 2014-08-17 16:28 - 00000000 ____D () C:\Program Files (x86)\2K Games
2014-08-15 20:51 - 2014-08-15 20:51 - 00000948 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Juarez Gunslinger.lnk
2014-08-15 20:51 - 2014-08-15 20:51 - 00000936 _____ () C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2014-08-15 20:45 - 2014-08-15 20:59 - 00000000 ____D () C:\Program Files (x86)\Call of Juarez Gunslinger
2014-08-04 21:43 - 2014-08-07 19:28 - 00000000 ____D () C:\2-click run
2014-08-04 17:37 - 2014-08-04 17:38 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-08-04 17:25 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\jonas\Documents\Tunngle
2014-08-04 17:24 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2014-08-04 12:19 - 2014-08-04 12:19 - 00000000 ____D () C:\Users\jonas\AppData\Local\Electronic_Arts_Inc
2014-08-04 12:18 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
2014-07-29 15:37 - 2014-07-29 15:37 - 31932045 _____ () C:\Users\jonas\AppData\Roaming\Roaming.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 16:29 - 2014-08-26 00:31 - 00027375 _____ () C:\Users\jonas\Desktop\FRST.txt
2014-08-26 16:28 - 2014-08-26 00:22 - 00000000 ____D () C:\FRST
2014-08-26 16:28 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\tracing
2014-08-26 16:05 - 2009-07-14 06:45 - 00031312 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 16:05 - 2009-07-14 06:45 - 00031312 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 16:02 - 2012-02-22 13:32 - 00000950 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-26 16:01 - 2013-06-05 08:33 - 00000000 ____D () C:\ProgramData\Origin
2014-08-26 16:01 - 2012-02-09 18:33 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Skype
2014-08-26 16:01 - 2012-01-16 18:54 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job
2014-08-26 16:01 - 2011-08-31 06:49 - 00669466 _____ () C:\windows\system32\perfh005.dat
2014-08-26 16:01 - 2011-08-31 06:49 - 00141564 _____ () C:\windows\system32\perfc005.dat
2014-08-26 16:01 - 2009-07-14 07:13 - 01580126 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-26 16:00 - 2014-08-18 09:24 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Raptr
2014-08-26 15:57 - 2014-08-26 15:31 - 00010163 _____ () C:\zoek-results.log
2014-08-26 15:57 - 2014-01-25 16:22 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-26 15:57 - 2013-06-05 08:33 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-26 15:56 - 2012-02-22 13:32 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 15:55 - 2013-02-13 08:28 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-08-26 15:55 - 2011-08-31 08:17 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-26 15:54 - 2014-08-26 10:23 - 00000642 _____ () C:\windows\PFRO.log
2014-08-26 15:54 - 2014-08-26 09:48 - 00000168 _____ () C:\windows\setupact.log
2014-08-26 15:54 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-26 15:53 - 2014-01-25 17:38 - 01166476 _____ () C:\windows\WindowsUpdate.log
2014-08-26 15:50 - 2012-04-10 09:47 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 15:48 - 2014-08-26 15:27 - 00000000 ____D () C:\zoek_backup
2014-08-26 15:27 - 2014-08-26 15:53 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-26 15:27 - 2014-08-26 15:26 - 01288704 _____ () C:\Users\jonas\Desktop\zoek.exe
2014-08-26 12:53 - 2012-01-05 17:58 - 00003966 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{63024A0A-D262-441A-804E-7C19DBC2A1F9}
2014-08-26 10:21 - 2014-08-26 10:10 - 00000000 ____D () C:\AdwCleaner
2014-08-26 10:08 - 2014-08-26 10:08 - 00008063 _____ () C:\Users\jonas\Desktop\JRT.txt
2014-08-26 09:55 - 2014-08-26 09:55 - 00000000 ____D () C:\windows\ERUNT
2014-08-26 09:48 - 2014-08-26 09:48 - 00000000 _____ () C:\windows\setuperr.log
2014-08-26 09:46 - 2014-01-31 09:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-26 09:46 - 2013-05-31 20:38 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\DAEMON Tools Lite
2014-08-26 09:45 - 2012-02-14 12:16 - 00000000 ____D () C:\windows\Minidump
2014-08-26 09:45 - 2012-01-16 21:04 - 00000000 ____D () C:\Users\jonas\AppData\Local\CrashDumps
2014-08-26 09:44 - 2014-08-26 09:44 - 00057178 _____ () C:\Users\jonas\Desktop\cc_20140826_094450.reg
2014-08-26 09:44 - 2014-08-26 09:42 - 01364531 _____ () C:\Users\jonas\Desktop\adwcleaner_3.308.exe
2014-08-26 09:42 - 2014-08-26 09:42 - 01016261 _____ (Thisisu) C:\Users\jonas\Desktop\JRT.exe
2014-08-26 09:42 - 2012-10-22 14:28 - 00000000 ____D () C:\Users\jonas\Desktop\Hry
2014-08-26 00:35 - 2014-08-26 00:35 - 00011262 _____ () C:\Users\jonas\Desktop\Addition.rar
2014-08-26 00:27 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-26 00:20 - 2014-08-26 00:20 - 02103296 _____ (Farbar) C:\Users\jonas\Desktop\FRST64.exe
2014-08-26 00:20 - 2014-08-26 00:20 - 00112640 _____ (forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
2014-08-26 00:15 - 2014-08-26 00:15 - 00000000 ____H () C:\Users\jonas\Desktop\~WRL0003.tmp
2014-08-25 21:02 - 2014-08-25 16:16 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\vlc
2014-08-25 20:15 - 2013-05-09 21:24 - 00000452 ____H () C:\windows\Tasks\Norton Security Scan for Jonas.job
2014-08-25 15:58 - 2014-08-25 15:58 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-25 15:58 - 2014-08-25 15:58 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-25 00:01 - 2012-01-16 18:54 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\Program Files\AMD
2014-08-24 11:14 - 2014-08-24 08:59 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForJonas.job
2014-08-24 11:00 - 2013-07-13 10:08 - 00000000 ____D () C:\Users\jonas\Documents\Battlefield Heroes
2014-08-24 09:56 - 2014-07-10 12:09 - 00000000 ____D () C:\Users\jonas\Documents\Euro Truck Simulator 2
2014-08-24 09:56 - 2013-06-08 08:16 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-08-24 09:22 - 2014-08-18 09:24 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-24 09:00 - 2012-01-05 19:11 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Adobe
2014-08-24 08:59 - 2014-08-24 08:59 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJonas
2014-08-24 08:57 - 2014-08-24 08:57 - 00000000 ____D () C:\Users\jonas\AppData\Local\BBC
2014-08-23 23:07 - 2014-07-19 22:26 - 00000003 _____ () C:\windows\system32\HRUPPROG.TXT
2014-08-19 09:32 - 2013-06-20 14:13 - 00000000 ____D () C:\Users\jonas\AppData\Local\Game Dev Tycoon
2014-08-18 20:55 - 2013-06-05 08:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-18 17:49 - 2011-08-31 07:33 - 01559508 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-08-18 17:38 - 2014-08-18 17:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-18 17:35 - 2013-06-15 17:43 - 00000000 ____D () C:\AMD
2014-08-18 17:35 - 2012-01-19 12:49 - 00000000 ____D () C:\Users\jonas\AppData\Local\Adobe
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Turbine
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-08-18 11:04 - 2014-08-18 11:04 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2014-08-18 09:25 - 2014-08-18 09:25 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\library_dir
2014-08-17 16:41 - 2014-08-17 16:41 - 00000000 ____D () C:\Users\jonas\AppData\Local\2K Games
2014-08-17 16:39 - 2014-08-17 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2014-08-17 16:28 - 2014-08-17 16:28 - 00000000 ____D () C:\Program Files (x86)\2K Games
2014-08-15 20:59 - 2014-08-15 20:45 - 00000000 ____D () C:\Program Files (x86)\Call of Juarez Gunslinger
2014-08-15 20:51 - 2014-08-15 20:51 - 00000948 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Juarez Gunslinger.lnk
2014-08-15 20:51 - 2014-08-15 20:51 - 00000936 _____ () C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk
2014-08-15 20:16 - 2012-01-16 20:49 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\.minecraft
2014-08-11 07:51 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-10 07:45 - 2011-08-31 08:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-10 07:40 - 2013-05-31 16:27 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\uTorrent
2014-08-07 19:29 - 2013-06-20 14:13 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-07 19:28 - 2014-08-04 21:43 - 00000000 ____D () C:\2-click run
2014-08-06 15:42 - 2011-10-10 20:58 - 00000000 ____D () C:\ProgramData\Skype
2014-08-05 11:49 - 2014-02-20 19:00 - 00000000 ____D () C:\Games
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-04 19:23 - 2012-01-05 17:58 - 00108840 _____ () C:\Users\jonas\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 17:46 - 2009-07-14 06:45 - 00415984 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-04 17:38 - 2014-08-04 17:37 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-08-04 17:25 - 2014-08-04 17:25 - 00000000 ____D () C:\Users\jonas\Documents\Tunngle
2014-08-04 13:32 - 2012-01-05 17:58 - 00000000 ____D () C:\Users\jonas\Documents\Bluetooth Folder
2014-08-04 12:19 - 2014-08-04 12:19 - 00000000 ____D () C:\Users\jonas\AppData\Local\Electronic_Arts_Inc
2014-08-04 12:18 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
2014-08-04 12:18 - 2013-06-01 16:33 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-01 17:39 - 2012-02-20 08:50 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-01 17:39 - 2012-01-16 19:03 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-07-30 12:30 - 2013-06-05 08:34 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Origin
2014-07-30 09:19 - 2014-07-12 01:59 - 00000000 ____D () C:\Users\jonas\AppData\Roaming\Curse Client
2014-07-29 15:37 - 2014-07-29 15:37 - 31932045 _____ () C:\Users\jonas\AppData\Roaming\Roaming.rar
2014-07-27 08:36 - 2012-05-11 12:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 08:36 - 2012-05-11 12:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForJonas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\Norton Security Scan for Jonas.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\jonas\Desktop" je 30477 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001

==================== End Of Log ==============================

GuerrCZ · #12 Příspěvek od **GuerrCZ** » 27 srp 2014 12:51

Tak co? Je tam něco?

#13 Příspěvek od **vyosek** » 27 srp 2014 12:54

Omlouvam se, pracovni povinnosti

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Google Update] => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-16] (Google Inc.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-26] (Electronic Arts)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-08-20] (Raptr, Inc)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {33f57235-da28-11e1-9060-d0df9ae649f6} - D:\AutoRun.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {9225eb1a-c9fc-11e2-8605-c973f28737b8} - D:\Setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {b94d523a-4520-11e2-84f9-d0df9ae649f6} - D:\Startme.exe

BHO: No Name -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> No File

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2014-08-26 15:53 - 2014-08-26 15:27 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-26 15:31 - 2014-08-26 15:57 - 00010163 _____ () C:\zoek-results.log
2014-08-26 15:27 - 2014-08-26 15:48 - 00000000 ____D () C:\zoek_backup
2014-08-26 15:26 - 2014-08-26 15:27 - 01288704 _____ () C:\Users\jonas\Desktop\zoek.exe
2014-08-26 10:23 - 2014-08-26 15:54 - 00000642 _____ () C:\windows\PFRO.log
2014-08-26 10:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-26 10:10 - 2014-08-26 10:21 - 00000000 ____D () C:\AdwCleaner
2014-08-26 10:08 - 2014-08-26 10:08 - 00008063 _____ () C:\Users\jonas\Desktop\JRT.txt
2014-08-26 09:55 - 2014-08-26 09:55 - 00000000 ____D () C:\windows\ERUNT
2014-08-26 09:48 - 2014-08-26 15:54 - 00000168 _____ () C:\windows\setupact.log
2014-08-26 09:48 - 2014-08-26 09:48 - 00000000 _____ () C:\windows\setuperr.log
2014-08-26 09:44 - 2014-08-26 09:44 - 00057178 _____ () C:\Users\jonas\Desktop\cc_20140826_094450.reg
2014-08-26 09:42 - 2014-08-26 09:44 - 01364531 _____ () C:\Users\jonas\Desktop\adwcleaner_3.308.exe
2014-08-26 09:42 - 2014-08-26 09:42 - 01016261 _____ (Thisisu) C:\Users\jonas\Desktop\JRT.exe
2014-08-26 00:35 - 2014-08-26 00:35 - 00011262 _____ () C:\Users\jonas\Desktop\Addition.rar
2014-08-26 00:31 - 2014-08-26 16:29 - 00027375 _____ () C:\Users\jonas\Desktop\FRST.txt
2014-08-26 00:20 - 2014-08-26 00:20 - 00112640 _____ (forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
2014-08-26 00:15 - 2014-08-26 00:15 - 00000000 ____H () C:\Users\jonas\Desktop\~WRL0003.tmp

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForJonas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\Norton Security Scan for Jonas.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

GuerrCZ · #14 Příspěvek od **GuerrCZ** » 27 srp 2014 13:45

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014 01
Ran by Jonas at 2014-08-27 14:42:34 Run:1
Running from C:\Users\jonas\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Google Update] => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-16] (Google Inc.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-26] (Electronic Arts)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-08-20] (Raptr, Inc)
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {33f57235-da28-11e1-9060-d0df9ae649f6} - D:\AutoRun.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {9225eb1a-c9fc-11e2-8605-c973f28737b8} - D:\Setup.exe
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\...\MountPoints2: {b94d523a-4520-11e2-84f9-d0df9ae649f6} - D:\Startme.exe

BHO: No Name -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> No File

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2014-08-26 15:53 - 2014-08-26 15:27 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-26 15:31 - 2014-08-26 15:57 - 00010163 _____ () C:\zoek-results.log
2014-08-26 15:27 - 2014-08-26 15:48 - 00000000 ____D () C:\zoek_backup
2014-08-26 15:26 - 2014-08-26 15:27 - 01288704 _____ () C:\Users\jonas\Desktop\zoek.exe
2014-08-26 10:23 - 2014-08-26 15:54 - 00000642 _____ () C:\windows\PFRO.log
2014-08-26 10:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-26 10:10 - 2014-08-26 10:21 - 00000000 ____D () C:\AdwCleaner
2014-08-26 10:08 - 2014-08-26 10:08 - 00008063 _____ () C:\Users\jonas\Desktop\JRT.txt
2014-08-26 09:55 - 2014-08-26 09:55 - 00000000 ____D () C:\windows\ERUNT
2014-08-26 09:48 - 2014-08-26 15:54 - 00000168 _____ () C:\windows\setupact.log
2014-08-26 09:48 - 2014-08-26 09:48 - 00000000 _____ () C:\windows\setuperr.log
2014-08-26 09:44 - 2014-08-26 09:44 - 00057178 _____ () C:\Users\jonas\Desktop\cc_20140826_094450.reg
2014-08-26 09:42 - 2014-08-26 09:44 - 01364531 _____ () C:\Users\jonas\Desktop\adwcleaner_3.308.exe
2014-08-26 09:42 - 2014-08-26 09:42 - 01016261 _____ (Thisisu) C:\Users\jonas\Desktop\JRT.exe
2014-08-26 00:35 - 2014-08-26 00:35 - 00011262 _____ () C:\Users\jonas\Desktop\Addition.rar
2014-08-26 00:31 - 2014-08-26 16:29 - 00027375 _____ () C:\Users\jonas\Desktop\FRST.txt
2014-08-26 00:20 - 2014-08-26 00:20 - 00112640 _____ (forum.viry.cz) C:\Users\jonas\Desktop\FRSTLauncher (1).exe
2014-08-26 00:15 - 2014-08-26 00:15 - 00000000 ____H () C:\Users\jonas\Desktop\~WRL0003.tmp

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job => C:\Users\jonas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForJonas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\Norton Security Scan for Jonas.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Run\\EADM => value deleted successfully.
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value deleted successfully.
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\Software\Microsoft\Windows\CurrentVersion\Run\\Raptr => value deleted successfully.
"HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2946643636-2770951452-1826361262-1149" => Key not found.
"HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33f57235-da28-11e1-9060-d0df9ae649f6}" => Key deleted successfully.
"HKCR\CLSID\{33f57235-da28-11e1-9060-d0df9ae649f6}" => Key not found.
"HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9225eb1a-c9fc-11e2-8605-c973f28737b8}" => Key deleted successfully.
"HKCR\CLSID\{9225eb1a-c9fc-11e2-8605-c973f28737b8}" => Key not found.
"HKU\S-1-5-21-2946643636-2770951452-1826361262-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b94d523a-4520-11e2-84f9-d0df9ae649f6}" => Key deleted successfully.
"HKCR\CLSID\{b94d523a-4520-11e2-84f9-d0df9ae649f6}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => Key deleted successfully.
"HKCR\CLSID\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\jonas\Desktop\zoek.exe => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\jonas\Desktop\JRT.txt => Moved successfully.
C:\windows\ERUNT => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\Users\jonas\Desktop\cc_20140826_094450.reg => Moved successfully.
C:\Users\jonas\Desktop\adwcleaner_3.308.exe => Moved successfully.
C:\Users\jonas\Desktop\JRT.exe => Moved successfully.
C:\Users\jonas\Desktop\Addition.rar => Moved successfully.
C:\Users\jonas\Desktop\FRST.txt => Moved successfully.
C:\Users\jonas\Desktop\FRSTLauncher (1).exe => Moved successfully.
C:\Users\jonas\Desktop\~WRL0003.tmp => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2946643636-2770951452-1826361262-1149UA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForJonas.job => Moved successfully.
C:\windows\Tasks\Norton Security Scan for Jonas.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog ====

#15 Příspěvek od **vyosek** » 27 srp 2014 13:48

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Preventivní prohlídka + 60-70% RAM

Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM

Re: Preventivní prohlídka + 60-70% RAM