VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu, notebook je pomalý

https://forum.viry.cz:443/viewtopic.php?t=140871

Stránka 1 z 1

Prosím o kontrolu logu, notebook je pomalý

Napsal: 22 říj 2014 15:07
od bastopie
Dobrý den, prosím o kontrolu logu, notebook je pomalý a systém nestálý plus to hází chybové správy při spuštění..

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by BaStoPie (administrator) on BASTOPIE-MSI on 22-10-2014 14:58:15
Running from C:\Users\BaStoPie\Desktop
Loaded Profiles: UpdatusUser & BaStoPie (Available profiles: UpdatusUser & BaStoPie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
(msi) C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Flexera Software, Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\BaStoPie\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [THXCfg64] => C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11465832 2010-09-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Cinema ProII AP] => C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [199680 2010-10-22] (Micro-Star Int'l Co., Ltd.)
HKLM-x32\...\Run: [Cinema ProII Controler] => C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [1689600 2010-06-25] (msi)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {1f56da73-46e7-11e1-ba36-6c626d2a69ef} - F:\AutoRun.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {b292dc44-4748-11e1-98f7-806e6f6e6963} - E:\CDSetup.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1001\...\Run: [Google Update] => C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-03] (Google Inc.)
HKU\S-1-5-21-1842804858-735624445-551964493-1001\...\Run: [TBHostSupport] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\BaStoPie\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [111720 2010-08-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [100968 2010-08-01] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.search.yahoo.com/?type=714647 ... got-yhp-ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {E2190C68-190B-482B-B075-907BBC32EEF7} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {18726EA5-0053-4733-8777-2E31CA7520E2} URL = http://uk.search.yahoo.com/search?fr=ch ... earchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... rms}&SSPV=
SearchScopes: HKCU - {18726EA5-0053-4733-8777-2E31CA7520E2} URL = http://uk.search.yahoo.com/search?fr=ch ... earchTerms}
SearchScopes: HKCU - {6579CBB2-7C26-47EF-8455-2879FD0B6C11} URL =
SearchScopes: HKCU - {82763C9C-1251-4DFE-92FB-6046CFC71010} URL =
SearchScopes: HKCU - {E2190C68-190B-482B-B075-907BBC32EEF7} URL = http://search.conduit.com/ResultsExt.as ... 32140&UM=2
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BaStoPie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BaStoPie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-22]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-24]
CHR Extension: (YouTube) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-22]
CHR Extension: (Vyhledávání Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-22]
CHR Extension: (Peněženka Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-22]
CHR HKCU\...\Chrome\Extension: [mgfkiacaoocnjfenegjdlccfkkgeeafg] - C:\Users\BaStoPie\AppData\Local\CRE\mgfkiacaoocnjfenegjdlccfkkgeeafg.crx [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [amhlacfinnaffmhfohbpecabbjfhkdji] - C:\Users\BaStoPie\AppData\Local\Temp\ccex.crx [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [mgfkiacaoocnjfenegjdlccfkkgeeafg] - C:\Users\BaStoPie\AppData\Local\CRE\mgfkiacaoocnjfenegjdlccfkkgeeafg.crx [2013-11-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-06-01] (Macrovision Europe Ltd.) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-14] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [40960 2010-04-23] (Motorola, Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 14:58 - 2014-10-22 15:00 - 00016461 _____ () C:\Users\BaStoPie\Desktop\FRST.txt
2014-10-22 14:56 - 2014-10-22 14:58 - 00000000 ____D () C:\FRST
2014-10-22 14:55 - 2014-10-22 14:55 - 00112640 _____ (forum.viry.cz) C:\Users\BaStoPie\Desktop\FRSTLauncher.exe
2014-10-22 14:52 - 2014-10-22 14:52 - 02110976 _____ (Farbar) C:\Users\BaStoPie\Desktop\FRST64.exe
2014-10-22 14:52 - 2014-10-22 14:52 - 00112640 _____ (forum.viry.cz) C:\Users\BaStoPie\Desktop\Nepotvrzeno 318000.crdownload
2014-10-22 13:53 - 2014-10-22 13:53 - 00003288 ____N () C:\bootsqm.dat
2014-10-16 03:02 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 03:02 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-16 03:01 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 03:01 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 03:01 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 03:01 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 03:01 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 03:01 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 03:01 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 03:01 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 03:01 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 03:01 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 03:01 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 03:01 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 03:01 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 03:01 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 03:01 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-16 03:01 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 03:01 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 03:01 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-16 03:01 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 03:01 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-16 03:01 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-16 03:01 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 03:01 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 03:01 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 03:01 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-16 03:01 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-16 03:01 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 03:01 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-16 03:01 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-16 03:01 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 03:01 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 03:01 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 03:01 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 03:01 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-16 03:01 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 03:01 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 03:01 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-16 03:01 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 03:01 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-16 03:01 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 03:01 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 03:01 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 03:01 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 03:01 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-16 03:01 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-16 03:01 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-16 03:01 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 03:01 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 03:01 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-16 03:01 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 03:01 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 03:01 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 03:01 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 03:01 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-16 03:01 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 03:01 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 03:01 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-16 03:01 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 03:01 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-16 03:00 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 03:00 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 03:00 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 03:00 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 03:00 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-16 03:00 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-16 03:00 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 03:00 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-16 03:00 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-16 03:00 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-16 02:59 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 02:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-14 10:32 - 2014-10-14 10:33 - 06431728 _____ (Microsoft Corporation) C:\Users\BaStoPie\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-10-09 14:17 - 2014-10-09 14:17 - 00001586 _____ () C:\windows\PFRO.log
2014-10-09 13:17 - 2014-10-22 14:38 - 00006863 _____ () C:\windows\AutoKMS.log
2014-10-09 13:15 - 2014-10-22 14:36 - 00000840 _____ () C:\windows\setupact.log
2014-10-09 13:15 - 2014-10-09 13:15 - 00000000 _____ () C:\windows\setuperr.log
2014-10-01 16:22 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-01 16:22 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-26 15:25 - 2014-09-26 15:25 - 00000000 __SHD () C:\found.000
2014-09-24 13:53 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-24 13:53 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 15:00 - 2013-05-13 22:54 - 01286927 _____ () C:\windows\WindowsUpdate.log
2014-10-22 14:45 - 2012-06-03 13:30 - 00000974 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job
2014-10-22 14:44 - 2012-06-14 21:01 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-22 14:44 - 2009-07-14 05:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-22 14:44 - 2009-07-14 05:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-22 14:38 - 2013-04-11 13:23 - 00000206 _____ () C:\windows\Tasks\AutoKMS.job
2014-10-22 14:36 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-22 13:53 - 2012-06-03 13:30 - 00000922 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job
2014-10-18 10:56 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-17 03:38 - 2009-07-14 05:45 - 00448208 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-17 03:35 - 2014-05-07 02:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 11:32 - 2009-07-14 06:08 - 00032586 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-16 03:17 - 2012-05-21 22:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 03:09 - 2013-07-17 11:06 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 03:01 - 2012-06-01 23:35 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-09 13:47 - 2012-01-24 07:12 - 00128584 _____ () C:\Users\BaStoPie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-09 13:32 - 2012-07-28 21:36 - 00000000 ____D () C:\Users\BaStoPie\AppData\Local\Autodesk
2014-10-09 13:32 - 2012-07-28 21:35 - 00000000 ____D () C:\Program Files\Autodesk
2014-10-09 13:32 - 2012-07-28 21:12 - 00000000 ____D () C:\ProgramData\Autodesk
2014-10-09 13:26 - 2012-06-09 18:41 - 00000000 ____D () C:\ProgramData\Nero
2014-10-09 02:32 - 2012-01-24 07:07 - 00000000 ____D () C:\Users\BaStoPie
2014-10-02 15:53 - 2012-01-31 22:28 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-09-23 21:44 - 2012-06-14 21:01 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 21:44 - 2012-06-05 16:57 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 21:44 - 2012-01-24 23:14 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\BaStoPie\AppData\Local\Temp\AcDeltree.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 21:24




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS_Install) (Fixed) (Total:80.04 GB) (Free:16.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:502.99 GB) (Free:269.84 GB) NTFS

Available physical RAM: 1427.68 MB
Total physical RAM: 3886 MB
Percentage of memory in use: 63%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 04FA9A56)
Partition 1: (Active) - (Size=100 MB) - (Type=27)
Partition 2: (Not Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=503 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job => C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job => C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939

==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\BaStoPie\Desktop" je 325 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 22 říj 2014 15:49
od bastopie
Omlouvám se jsem tu nový a vložil jsem pravděpodobně chybný log tady je log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by BaStoPie at 2014-10-22 15:48:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (20%) free of 82 GB
Total RAM: 3886 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:48:08, on 22.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\BaStoPie.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.search.yahoo.com/?type=714647 ... got-yhp-ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Google Update] "C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\BaStoPie\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
O4 - HKUS\S-1-5-21-1842804858-735624445-551964493-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1842804858-735624445-551964493-1000\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1842804858-735624445-551964493-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11713 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\WLANExt.exe 38713856
\??\C:\windows\system32\conhost.exe "1769731678-1516553552841751827-11979736611324948875-1634643013-412247672-1951919394
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Windows\System32\rundll32.exe" C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\BaStoPie\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\wuauclt.exe"
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2080.0.1205558362\851000192" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2189 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="2080.2.46301919\1524914179" /prefetch:673131151
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="2080.10.1009798466\1088201120" /prefetch:673131151
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2/PasswordGeneration/Disabled/PasswordManagerUI/Bubble/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="2080.15.19322179\1943450434" /prefetch:673131151
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2/PasswordGeneration/Disabled/PasswordManagerUI/Bubble/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="2080.39.16503633\1067724043" /prefetch:673131151

taskeng.exe {7E07224C-A7FB-4100-A0C1-E1E7F9D80532}
taskeng.exe {CB740A9B-860E-45EB-8521-BD706007E381}
"C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2/PasswordGeneration/Disabled/PasswordManagerUI/Bubble/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="2080.44.635534731\1571646308" /prefetch:673131151
"C:\Users\BaStoPie\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\AutoKMS.job - C:\windows\AutoKMS.exe
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job - C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job - C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-21 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 635784]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-08-09 161304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-08-09 386584]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-08-09 415256]
"THXCfg64"=C:\windows\system32\THXCfg64.dll [2009-10-15 17920]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-09-07 11465832]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-04-22 19645704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"TBHostSupport"=C:\windows\SysWOW64\Rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2011-12-09 74752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"Cinema ProII AP"=C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [2010-10-22 199680]
"Cinema ProII Controler"=C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [2010-06-25 1689600]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-06-11 1349632]
"UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-07-28 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-10-22 14:56:59 ----D---- C:\FRST
2014-10-22 13:53:10 ----N---- C:\bootsqm.dat
2014-10-16 03:02:43 ----A---- C:\windows\system32\win32k.sys
2014-10-16 03:02:36 ----A---- C:\windows\SYSWOW64\mscorier.dll
2014-10-16 03:02:36 ----A---- C:\windows\SYSWOW64\dfshim.dll
2014-10-16 03:02:36 ----A---- C:\windows\system32\mscorier.dll
2014-10-16 03:02:36 ----A---- C:\windows\system32\dfshim.dll
2014-10-16 03:02:35 ----A---- C:\windows\SYSWOW64\mscories.dll
2014-10-16 03:02:35 ----A---- C:\windows\system32\mscories.dll
2014-10-16 03:01:59 ----A---- C:\windows\system32\generaltel.dll
2014-10-16 03:01:58 ----A---- C:\windows\system32\aepdu.dll
2014-10-16 03:01:57 ----A---- C:\windows\system32\aeinv.dll
2014-10-16 03:01:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-10-16 03:01:46 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-10-16 03:01:46 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-10-16 03:01:46 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-10-16 03:01:46 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-10-16 03:01:46 ----A---- C:\windows\system32\iernonce.dll
2014-10-16 03:01:46 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-16 03:01:45 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-10-16 03:01:45 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-10-16 03:01:45 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-10-16 03:01:45 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-16 03:01:45 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-10-16 03:01:45 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 03:01:45 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-16 03:01:44 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-10-16 03:01:44 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-10-16 03:01:44 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-10-16 03:01:44 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-10-16 03:01:44 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-10-16 03:01:44 ----A---- C:\windows\system32\urlmon.dll
2014-10-16 03:01:44 ----A---- C:\windows\system32\msfeeds.dll
2014-10-16 03:01:44 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-16 03:01:44 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-16 03:01:44 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-16 03:01:44 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-16 03:01:43 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-10-16 03:01:43 ----A---- C:\windows\system32\iesetup.dll
2014-10-16 03:01:42 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-10-16 03:01:42 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-10-16 03:01:42 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-10-16 03:01:42 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-10-16 03:01:42 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-10-16 03:01:42 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-10-16 03:01:42 ----A---- C:\windows\system32\jsproxy.dll
2014-10-16 03:01:42 ----A---- C:\windows\system32\iertutil.dll
2014-10-16 03:01:41 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-10-16 03:01:41 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-10-16 03:01:41 ----A---- C:\windows\system32\ieui.dll
2014-10-16 03:01:41 ----A---- C:\windows\system32\ieframe.dll
2014-10-16 03:01:41 ----A---- C:\windows\system32\dxtrans.dll
2014-10-16 03:01:40 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-16 03:01:40 ----A---- C:\windows\system32\mshtmled.dll
2014-10-16 03:01:40 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-16 03:01:40 ----A---- C:\windows\system32\jscript9.dll
2014-10-16 03:01:40 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-16 03:01:39 ----A---- C:\windows\system32\wininet.dll
2014-10-16 03:01:39 ----A---- C:\windows\system32\vbscript.dll
2014-10-16 03:01:39 ----A---- C:\windows\system32\msrating.dll
2014-10-16 03:01:39 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-16 03:01:39 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-16 03:01:37 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 03:01:37 ----A---- C:\windows\system32\mshtml.dll
2014-10-16 03:00:23 ----A---- C:\windows\system32\msi.dll
2014-10-16 03:00:22 ----A---- C:\windows\SYSWOW64\msi.dll
2014-10-16 03:00:11 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-10-16 03:00:11 ----A---- C:\windows\system32\rastls.dll
2014-10-16 03:00:04 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-10-16 03:00:03 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-10-16 03:00:03 ----A---- C:\windows\system32\winsta.dll
2014-10-16 03:00:03 ----A---- C:\windows\system32\termsrv.dll
2014-10-16 03:00:03 ----A---- C:\windows\system32\mstscax.dll
2014-10-16 03:00:03 ----A---- C:\windows\system32\mstsc.exe
2014-10-16 03:00:02 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-10-16 03:00:02 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-10-16 03:00:02 ----A---- C:\windows\system32\winlogon.exe
2014-10-16 03:00:02 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-10-16 03:00:02 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-10-16 03:00:01 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-10-16 03:00:01 ----A---- C:\windows\system32\TSpkg.dll
2014-10-16 03:00:01 ----A---- C:\windows\system32\credssp.dll
2014-10-16 03:00:00 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-10-16 03:00:00 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-10-16 02:59:37 ----A---- C:\windows\SYSWOW64\packager.dll
2014-10-16 02:59:37 ----A---- C:\windows\system32\packager.dll
2014-10-01 16:22:59 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-10-01 16:22:59 ----A---- C:\windows\system32\qdvd.dll
2014-09-26 15:25:07 ----SHD---- C:\found.000
2014-09-24 13:53:50 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-09-24 13:53:50 ----A---- C:\windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-22 15:48:03 ----D---- C:\windows\temp
2014-10-22 15:48:03 ----D---- C:\Program Files\trend micro
2014-10-22 15:09:59 ----D---- C:\windows\system32\config
2014-10-22 15:00:52 ----D---- C:\Windows
2014-10-22 14:39:10 ----A---- C:\windows\SYSWOW64\log.txt
2014-10-22 14:16:51 ----D---- C:\windows\Prefetch
2014-10-22 14:00:09 ----SHD---- C:\System Volume Information
2014-10-22 13:54:20 ----D---- C:\windows\system32\catroot2
2014-10-18 10:56:20 ----D---- C:\windows\rescache
2014-10-17 03:55:44 ----D---- C:\windows\Microsoft.NET
2014-10-17 03:55:40 ----RSD---- C:\windows\assembly
2014-10-17 03:39:11 ----D---- C:\windows\winsxs
2014-10-17 03:35:05 ----D---- C:\windows\System32
2014-10-17 03:35:04 ----SD---- C:\windows\system32\CompatTel
2014-10-17 03:35:04 ----D---- C:\windows\SysWOW64
2014-10-17 03:35:03 ----D---- C:\Program Files\Internet Explorer
2014-10-17 03:35:02 ----D---- C:\windows\SYSWOW64\en-US
2014-10-17 03:35:02 ----D---- C:\windows\system32\en-US
2014-10-17 03:35:00 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-10-17 03:35:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-17 03:34:59 ----D---- C:\windows\system32\drivers
2014-10-17 03:34:59 ----D---- C:\windows\system32\cs-CZ
2014-10-16 03:18:36 ----SHD---- C:\windows\Installer
2014-10-16 03:17:01 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 03:09:31 ----D---- C:\windows\system32\MRT
2014-10-16 03:01:16 ----D---- C:\windows\debug
2014-10-16 03:01:13 ----A---- C:\windows\system32\MRT.exe
2014-10-16 02:59:32 ----D---- C:\windows\system32\catroot
2014-10-09 13:56:05 ----RD---- C:\Program Files (x86)
2014-10-09 13:56:04 ----D---- C:\windows\system32\DriverStore
2014-10-09 13:56:04 ----D---- C:\windows\inf
2014-10-09 13:32:37 ----RSD---- C:\windows\Fonts
2014-10-09 13:32:37 ----D---- C:\Program Files\Common Files
2014-10-09 13:32:37 ----D---- C:\Program Files\Autodesk
2014-10-09 13:32:35 ----D---- C:\ProgramData\Autodesk
2014-10-09 13:26:32 ----D---- C:\Program Files (x86)\Common Files
2014-10-09 13:26:17 ----D---- C:\ProgramData\Nero
2014-10-02 15:53:02 ----N---- C:\windows\system32\MpSigStub.exe
2014-09-23 21:44:11 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2010-08-01 24680]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-01-18 128512]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-09-07 2484072]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S1 SBRE;SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2010-04-23 40960]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-09 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-04-15 3231104]
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\windows\syswow64\pwdspio.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RTSUVSTOR.sys [2010-08-03 290920]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-01-19 1420560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-04-15 325656]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-08-01 159336]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-08-01 1620584]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-01-19 831760]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-15 2533400]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-07-28 1432400]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-06-01 647680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------


Děkuji

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 22 říj 2014 16:51
od vyosek
Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 23 říj 2014 03:56
od bastopie
Tady je log z Junkware Removal:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by BaStoPie on źt 23.10.2014 at 3:51:15,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
TBHostSupport REG_SZ "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\BaStoPie\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT1269415
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT3306060
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1269415
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3306060
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E2190C68-190B-482B-B075-907BBC32EEF7}



~~~ Files

Successfully deleted: [File] "C:\Users\BaStoPie\appdata\local\google\chrome\user data\default\local storage\http_www.azlyrics.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\BaStoPie\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsfreak.com_0.localstorage-journal"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\BaStoPie\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\BaStoPie\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\BaStoPie\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 23.10.2014 at 3:53:52,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 23 říj 2014 04:06
od bastopie
A tady je log z Adwcleaner

# AdwCleaner v4.001 - Report created 23/10/2014 at 04:01:34
# DB v2014-10-21.1
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : BaStoPie - BASTOPIE-MSI
# Running from : C:\Users\BaStoPie\Desktop\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\BaStoPie\AppData\Local\NativeMessaging
Folder Deleted : C:\windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\BaStoPie\AppData\Local\TBHostSupport

***** [ Scheduled Tasks ] *****

Task Deleted : BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [TBHostSupport]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2275 octets] - [23/10/2014 03:58:27]
AdwCleaner[S0].txt - [2124 octets] - [23/10/2014 04:01:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2184 octets] ##########

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 23 říj 2014 07:48
od vyosek
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 24 říj 2014 10:58
od bastopie
Tady je Zoex log:


Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by BaStoPie on p  24.10.2014 at 1:22:46,26.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\BaStoPie\AppData\Local\Temp\Rar$EX00.519\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24.10.2014 1:24:03 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1001\Software\Microsoft\Internet Explorer\SearchScopes\{18726EA5-0053-4733-8777-2E31CA7520E2} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully
HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully

==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================

C:\windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\windows\syswow64\appdata deleted
C:\found.000 deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\Syswow64\shoF6D9.tmp deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
amhlacfinnaffmhfohbpecabbjfhkdji - C:\Users\BaStoPie\AppData\Local\Temp\ccex.crx[]
mgfkiacaoocnjfenegjdlccfkkgeeafg - C:\Users\BaStoPie\AppData\Local\CRE\mgfkiacaoocnjfenegjdlccfkkgeeafg.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mgfkiacaoocnjfenegjdlccfkkgeeafg - C:\Users\BaStoPie\AppData\Local\CRE\mgfkiacaoocnjfenegjdlccfkkgeeafg.crx[]

Seznam Lištička - Slovník - BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd

==== Chromium Fix ======================

C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_uk.ask.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6579CBB2-7C26-47EF-8455-2879FD0B6C11} Unknown Url="Not_Found"
{82763C9C-1251-4DFE-92FB-6046CFC71010} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6579CBB2-7C26-47EF-8455-2879FD0B6C11} deleted successfully
HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6579CBB2-7C26-47EF-8455-2879FD0B6C11} deleted successfully
HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1000\Software\Microsoft\Internet Explorer\SearchScopes\{82763C9C-1251-4DFE-92FB-6046CFC71010} deleted successfully
HKEY_USERS\S-1-5-21-1842804858-735624445-551964493-1001\Software\Microsoft\Internet Explorer\SearchScopes\{82763C9C-1251-4DFE-92FB-6046CFC71010} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mgfkiacaoocnjfenegjdlccfkkgeeafg deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mgfkiacaoocnjfenegjdlccfkkgeeafg deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\BaStoPie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=8 folders=6 77378 bytes)

==== Empty Temp Folders ======================

C:\Users\BaStoPie\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\BaStoPie\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on p  24.10.2014 at 10:37:22,28 ======================

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 24 říj 2014 12:52
od vyosek
Poprosim o novy log z FRST

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 24 říj 2014 14:33
od bastopie
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by BaStoPie (administrator) on BASTOPIE-MSI on 24-10-2014 14:30:57
Running from C:\Users\BaStoPie\Desktop
Loaded Profiles: UpdatusUser & BaStoPie (Available profiles: UpdatusUser & BaStoPie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Flexera Software, Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
(msi) C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\BaStoPie\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [THXCfg64] => C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11465832 2010-09-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Cinema ProII AP] => C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [199680 2010-10-22] (Micro-Star Int'l Co., Ltd.)
HKLM-x32\...\Run: [Cinema ProII Controler] => C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [1689600 2010-06-25] (msi)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {1f56da73-46e7-11e1-ba36-6c626d2a69ef} - F:\AutoRun.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {b292dc44-4748-11e1-98f7-806e6f6e6963} - E:\CDSetup.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1001\...\Run: [Google Update] => C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-03] (Google Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [111720 2010-08-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [100968 2010-08-01] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BaStoPie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BaStoPie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-24]
CHR Extension: (Dokumenty Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-24]
CHR Extension: (Disk Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-22]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-24]
CHR Extension: (YouTube) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-22]
CHR Extension: (Vyhledávání Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-22]
CHR Extension: (Tabulky Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-24]
CHR Extension: (Peněženka Google) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\BaStoPie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-06-01] (Macrovision Europe Ltd.) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-14] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [40960 2010-04-23] (Motorola, Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 14:30 - 2014-10-24 14:30 - 00000000 ____D () C:\Users\BaStoPie\Desktop\FRST-OlderVersion
2014-10-24 01:43 - 2014-10-24 01:22 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-24 01:23 - 2014-10-24 10:37 - 00008488 _____ () C:\zoek-results.log
2014-10-24 01:22 - 2014-10-24 01:39 - 00000000 ____D () C:\zoek_backup
2014-10-24 01:20 - 2014-10-24 01:21 - 04114148 _____ () C:\Users\BaStoPie\Desktop\zoek.zip
2014-10-23 03:57 - 2014-10-23 04:01 - 00000000 ____D () C:\AdwCleaner
2014-10-23 03:57 - 2014-10-23 03:57 - 01962496 _____ () C:\Users\BaStoPie\Desktop\adwcleaner_4.001.exe
2014-10-23 03:53 - 2014-10-23 03:53 - 00004361 _____ () C:\Users\BaStoPie\Desktop\JRT.txt
2014-10-23 03:51 - 2014-10-23 03:51 - 00000000 ____D () C:\windows\ERUNT
2014-10-23 03:50 - 2014-10-23 03:50 - 01706144 _____ (Thisisu) C:\Users\BaStoPie\Desktop\JRT.exe
2014-10-22 15:45 - 2014-10-22 15:45 - 01222144 _____ () C:\Users\BaStoPie\Desktop\RSITx64.exe
2014-10-22 15:00 - 2014-10-22 15:01 - 00053748 _____ () C:\Users\BaStoPie\Desktop\Addition.txt
2014-10-22 14:58 - 2014-10-24 14:30 - 00014690 _____ () C:\Users\BaStoPie\Desktop\FRST.txt
2014-10-22 14:56 - 2014-10-24 14:31 - 00000000 ____D () C:\FRST
2014-10-22 14:52 - 2014-10-24 14:30 - 02112000 _____ (Farbar) C:\Users\BaStoPie\Desktop\FRST64.exe
2014-10-16 03:02 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 03:02 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-16 03:02 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-16 03:01 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 03:01 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 03:01 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 03:01 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 03:01 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 03:01 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 03:01 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 03:01 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 03:01 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 03:01 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 03:01 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 03:01 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 03:01 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 03:01 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 03:01 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-16 03:01 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 03:01 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 03:01 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-16 03:01 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 03:01 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-16 03:01 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-16 03:01 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 03:01 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 03:01 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 03:01 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-16 03:01 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-16 03:01 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 03:01 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-16 03:01 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-16 03:01 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 03:01 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 03:01 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 03:01 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 03:01 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-16 03:01 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 03:01 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 03:01 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-16 03:01 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 03:01 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-16 03:01 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 03:01 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 03:01 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 03:01 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 03:01 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-16 03:01 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-16 03:01 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-16 03:01 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 03:01 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 03:01 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-16 03:01 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 03:01 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 03:01 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 03:01 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 03:01 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-16 03:01 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 03:01 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 03:01 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-16 03:01 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 03:01 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-16 03:00 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 03:00 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 03:00 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 03:00 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 03:00 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-16 03:00 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-16 03:00 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-16 03:00 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 03:00 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-16 03:00 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-16 03:00 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-16 03:00 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-16 02:59 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 02:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-14 10:32 - 2014-10-14 10:33 - 06431728 _____ (Microsoft Corporation) C:\Users\BaStoPie\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-10-09 14:17 - 2014-10-24 10:36 - 00002238 _____ () C:\windows\PFRO.log
2014-10-09 13:17 - 2014-10-24 10:38 - 00008692 _____ () C:\windows\AutoKMS.log
2014-10-09 13:15 - 2014-10-24 10:36 - 00001064 _____ () C:\windows\setupact.log
2014-10-09 13:15 - 2014-10-09 13:15 - 00000000 _____ () C:\windows\setuperr.log
2014-10-01 16:22 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-01 16:22 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-24 13:53 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-24 13:53 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 14:28 - 2013-05-13 22:54 - 01715026 _____ () C:\windows\WindowsUpdate.log
2014-10-24 14:28 - 2012-06-14 21:01 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 14:28 - 2012-06-03 13:30 - 00000974 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job
2014-10-24 10:44 - 2009-07-14 05:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 10:44 - 2009-07-14 05:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 10:38 - 2013-04-11 13:23 - 00000206 _____ () C:\windows\Tasks\AutoKMS.job
2014-10-24 10:36 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-24 10:30 - 2012-06-03 13:30 - 00000922 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job
2014-10-23 04:08 - 2010-12-03 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-10-23 04:08 - 2010-12-03 13:34 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-10-23 03:49 - 2012-06-03 13:30 - 00003950 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA
2014-10-23 03:49 - 2012-06-03 13:30 - 00003554 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core
2014-10-22 15:48 - 2012-05-16 18:53 - 00000000 ____D () C:\Program Files\trend micro
2014-10-18 10:56 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-17 03:38 - 2009-07-14 05:45 - 00448208 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-17 03:35 - 2014-05-07 02:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 11:32 - 2009-07-14 06:08 - 00032586 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-16 03:17 - 2012-05-21 22:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 03:09 - 2013-07-17 11:06 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 03:01 - 2012-06-01 23:35 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-09 13:47 - 2012-01-24 07:12 - 00128584 _____ () C:\Users\BaStoPie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-09 13:32 - 2012-07-28 21:36 - 00000000 ____D () C:\Users\BaStoPie\AppData\Local\Autodesk
2014-10-09 13:32 - 2012-07-28 21:35 - 00000000 ____D () C:\Program Files\Autodesk
2014-10-09 13:32 - 2012-07-28 21:12 - 00000000 ____D () C:\ProgramData\Autodesk
2014-10-09 13:26 - 2012-06-09 18:41 - 00000000 ____D () C:\ProgramData\Nero
2014-10-09 02:32 - 2012-01-24 07:07 - 00000000 ____D () C:\Users\BaStoPie
2014-10-02 15:53 - 2012-01-31 22:28 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 21:24

==================== End Of Log ============================

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 24 říj 2014 18:45
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {1f56da73-46e7-11e1-ba36-6c626d2a69ef} - F:\AutoRun.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {b292dc44-4748-11e1-98f7-806e6f6e6963} - E:\CDSetup.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1001\...\Run: [Google Update] => C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-03] (Google Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

2014-10-24 14:30 - 2014-10-24 14:30 - 00000000 ____D () C:\Users\BaStoPie\Desktop\FRST-OlderVersion
2014-10-24 01:43 - 2014-10-24 01:22 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-24 01:23 - 2014-10-24 10:37 - 00008488 _____ () C:\zoek-results.log
2014-10-24 01:22 - 2014-10-24 01:39 - 00000000 ____D () C:\zoek_backup
2014-10-24 01:20 - 2014-10-24 01:21 - 04114148 _____ () C:\Users\BaStoPie\Desktop\zoek.zip
2014-10-23 03:57 - 2014-10-23 04:01 - 00000000 ____D () C:\AdwCleaner
2014-10-23 03:57 - 2014-10-23 03:57 - 01962496 _____ () C:\Users\BaStoPie\Desktop\adwcleaner_4.001.exe
2014-10-23 03:53 - 2014-10-23 03:53 - 00004361 _____ () C:\Users\BaStoPie\Desktop\JRT.txt
2014-10-23 03:51 - 2014-10-23 03:51 - 00000000 ____D () C:\windows\ERUNT
2014-10-23 03:50 - 2014-10-23 03:50 - 01706144 _____ (Thisisu) C:\Users\BaStoPie\Desktop\JRT.exe
2014-10-22 15:45 - 2014-10-22 15:45 - 01222144 _____ () C:\Users\BaStoPie\Desktop\RSITx64.exe
2014-10-22 15:00 - 2014-10-22 15:01 - 00053748 _____ () C:\Users\BaStoPie\Desktop\Addition.txt
2014-10-22 14:58 - 2014-10-24 14:30 - 00014690 _____ () C:\Users\BaStoPie\Desktop\FRST.txt
2014-10-09 14:17 - 2014-10-24 10:36 - 00002238 _____ () C:\windows\PFRO.log
2014-10-09 13:17 - 2014-10-24 10:38 - 00008692 _____ () C:\windows\AutoKMS.log
2014-10-09 13:15 - 2014-10-24 10:36 - 00001064 _____ () C:\windows\setupact.log
2014-10-09 13:15 - 2014-10-09 13:15 - 00000000 _____ () C:\windows\setuperr.log
C:\windows\AutoKMS.exe

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AutoKMS.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 26 říj 2014 05:59
od bastopie
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-10-2014
Ran by BaStoPie at 2014-10-26 04:54:09 Run:1
Running from C:\Users\BaStoPie\Desktop
Loaded Profiles: UpdatusUser & BaStoPie (Available profiles: UpdatusUser & BaStoPie)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {1f56da73-46e7-11e1-ba36-6c626d2a69ef} - F:\AutoRun.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1000\...\MountPoints2: {b292dc44-4748-11e1-98f7-806e6f6e6963} - E:\CDSetup.exe
HKU\S-1-5-21-1842804858-735624445-551964493-1001\...\Run: [Google Update] => C:\Users\BaStoPie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-03] (Google Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

2014-10-24 14:30 - 2014-10-24 14:30 - 00000000 ____D () C:\Users\BaStoPie\Desktop\FRST-OlderVersion
2014-10-24 01:43 - 2014-10-24 01:22 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-10-24 01:23 - 2014-10-24 10:37 - 00008488 _____ () C:\zoek-results.log
2014-10-24 01:22 - 2014-10-24 01:39 - 00000000 ____D () C:\zoek_backup
2014-10-24 01:20 - 2014-10-24 01:21 - 04114148 _____ () C:\Users\BaStoPie\Desktop\zoek.zip
2014-10-23 03:57 - 2014-10-23 04:01 - 00000000 ____D () C:\AdwCleaner
2014-10-23 03:57 - 2014-10-23 03:57 - 01962496 _____ () C:\Users\BaStoPie\Desktop\adwcleaner_4.001.exe
2014-10-23 03:53 - 2014-10-23 03:53 - 00004361 _____ () C:\Users\BaStoPie\Desktop\JRT.txt
2014-10-23 03:51 - 2014-10-23 03:51 - 00000000 ____D () C:\windows\ERUNT
2014-10-23 03:50 - 2014-10-23 03:50 - 01706144 _____ (Thisisu) C:\Users\BaStoPie\Desktop\JRT.exe
2014-10-22 15:45 - 2014-10-22 15:45 - 01222144 _____ () C:\Users\BaStoPie\Desktop\RSITx64.exe
2014-10-22 15:00 - 2014-10-22 15:01 - 00053748 _____ () C:\Users\BaStoPie\Desktop\Addition.txt
2014-10-22 14:58 - 2014-10-24 14:30 - 00014690 _____ () C:\Users\BaStoPie\Desktop\FRST.txt
2014-10-09 14:17 - 2014-10-24 10:36 - 00002238 _____ () C:\windows\PFRO.log
2014-10-09 13:17 - 2014-10-24 10:38 - 00008692 _____ () C:\windows\AutoKMS.log
2014-10-09 13:15 - 2014-10-24 10:36 - 00001064 _____ () C:\windows\setupact.log
2014-10-09 13:15 - 2014-10-09 13:15 - 00000000 _____ () C:\windows\setuperr.log
C:\windows\AutoKMS.exe

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AutoKMS.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKU\S-1-5-21-1842804858-735624445-551964493-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => value deleted successfully.
"HKU\S-1-5-21-1842804858-735624445-551964493-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f56da73-46e7-11e1-ba36-6c626d2a69ef}" => Key deleted successfully.
"HKCR\CLSID\{1f56da73-46e7-11e1-ba36-6c626d2a69ef}" => Key not found.
"HKU\S-1-5-21-1842804858-735624445-551964493-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b292dc44-4748-11e1-98f7-806e6f6e6963}" => Key not found.
"HKCR\CLSID\{b292dc44-4748-11e1-98f7-806e6f6e6963}" => Key not found.
HKU\S-1-5-21-1842804858-735624445-551964493-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
MGHwCtrl => Service deleted successfully.
SBRE => Service deleted successfully.
C:\Users\BaStoPie\Desktop\FRST-OlderVersion => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\BaStoPie\Desktop\zoek.zip => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\BaStoPie\Desktop\adwcleaner_4.001.exe => Moved successfully.
C:\Users\BaStoPie\Desktop\JRT.txt => Moved successfully.
C:\windows\ERUNT => Moved successfully.
C:\Users\BaStoPie\Desktop\JRT.exe => Moved successfully.
C:\Users\BaStoPie\Desktop\RSITx64.exe => Moved successfully.
C:\Users\BaStoPie\Desktop\Addition.txt => Moved successfully.
C:\Users\BaStoPie\Desktop\FRST.txt => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\windows\AutoKMS.log => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\windows\AutoKMS.exe => Moved successfully.
C:\windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\tasks\AutoKMS.job => Moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001Core.job => Moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1842804858-735624445-551964493-1001UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 325.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 26 říj 2014 08:21
od vyosek
Jak se chova notebook :???: :???:

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 31 říj 2014 05:02
od bastopie
Notebook je podstatně mnohem rychlejší a plynulejší..
Moc Vám děkuji za pomoc!! Všechna čest..
Jako poděkování jsem vás podpořil pomocí paypalu..
Děkuji

Re: Prosím o kontrolu logu, notebook je pomalý

Napsal: 31 říj 2014 09:01
od vyosek
Tak jeste uklidime :James008:

:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Za podporu fora jmenem celeho tymu dekuji :thumbsup:

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz