pc občas zpomalí, po chvíli jde normálně

Zpráva

elegan · #1 Příspěvek od **elegan** » 19 kvě 2015 10:27

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-05-19 11:25:14
Microsoft Windows 8.1
System drive C: has 791 GB (83%) free of 954 GB
Total RAM: 8191 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:25:16, on 19. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.brunova-tipovacka.cz/hraci-p ... ledky.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [4B9B38AE4C8290791A3BEA919FBE62CB47D281A8._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8591 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskhostex.exe
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {aea02fd5-f2d3-405f-bf2ba6baba49d92d}
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\alg.exe
ngservice.exe pipeserver
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe"
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
szndesktop.exe default start
"C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="920.0.1315364356\2070139087" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x1002 --gpu-device-id=0x665c --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.1.243634149\385056602" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.2.761021848\1916651700" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.4.884694194\808797413" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.5.372991527\1392749611" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.6.208764326\1348754833" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.7.2070416820\2004506247" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.8.617206532\429381685" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.9.279852886\490102008" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.11.905456322\1849606457" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="920.13.1941576541\57928825" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe" -o "C:\Users\Admin\Desktop\ZOO.ods"
"C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe" -o "C:\Users\Admin\Desktop\ZOO.ods" -calc
"C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe" "-o" "C:\Users\Admin\Desktop\ZOO.ods" "-calc" "-env:OOO_CWD=2C:\\WINDOWS\\system32"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/*SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.18.125757925\2043163610" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/*SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_16/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=920 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="920.21.1353612053\1586604877" /prefetch:673131151
taskeng.exe {1BF86310-439D-4D19-B540-FEFA901893B0}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Admin\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9qhd3mx.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1210150.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9qhd3mx.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-24 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-23 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-24 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"snp2uvc"=C:\WINDOWS\vsnp2uvc.exe [2009-08-12 662016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-09-13 6839952]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"4B9B38AE4C8290791A3BEA919FBE62CB47D281A8._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-05-05 812872]
"cz.seznam.software.autoupdate"=C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31280256]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12 5515496]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-18 19:00:10 ----A---- C:\WINDOWS\system32\drivers\stflt.sys
2015-05-13 09:25:11 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:25:11 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:36:20 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-13 08:36:19 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-13 08:36:17 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-13 08:36:17 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-13 08:36:05 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-13 08:36:05 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-13 08:36:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-13 08:36:04 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 08:36:04 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-13 08:36:03 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 08:36:03 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 08:35:59 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-13 08:35:59 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-13 08:35:59 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-13 08:35:59 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-13 08:35:58 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-13 08:35:58 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-13 08:35:57 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-13 08:35:57 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-13 08:35:57 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-13 08:35:57 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-13 08:35:57 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-13 08:35:57 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-13 08:35:56 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-13 08:35:56 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 08:35:56 ----A---- C:\WINDOWS\system32\services.exe
2015-05-13 08:35:56 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 08:35:56 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-13 08:35:55 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-13 08:35:55 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-13 08:35:55 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-13 08:35:55 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-13 08:35:54 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-13 08:35:54 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-13 08:35:54 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-13 08:35:54 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-13 08:35:54 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-13 08:35:54 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-13 08:35:53 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 08:35:50 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-13 08:35:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-13 08:35:48 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-13 08:35:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-13 08:35:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-13 08:35:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-13 08:35:46 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-13 08:35:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-13 08:35:45 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 08:35:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-04-26 13:29:32 ----D---- C:\záloha m400
2015-04-26 13:06:13 ----A---- C:\WINDOWS\system32\roboot64.exe
2015-04-23 12:31:03 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-04-23 12:30:57 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-05-19 11:25:16 ----D---- C:\Program Files\trend micro
2015-05-19 11:20:55 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2015-05-19 10:38:57 ----D---- C:\WINDOWS\Prefetch
2015-05-19 10:07:55 ----D---- C:\WINDOWS\system32\config
2015-05-19 10:04:09 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-19 10:04:07 ----D---- C:\WINDOWS\Temp
2015-05-19 10:02:02 ----D---- C:\WINDOWS\system32\sru
2015-05-19 09:19:09 ----D---- C:\Users\Admin\AppData\Roaming\Seznam.cz
2015-05-18 22:25:17 ----D---- C:\WINDOWS\system32\NDF
2015-05-18 21:04:12 ----RD---- C:\Program Files (x86)
2015-05-18 21:04:11 ----HD---- C:\ProgramData
2015-05-18 19:54:42 ----D---- C:\WINDOWS\Inf
2015-05-18 19:00:10 ----D---- C:\WINDOWS\system32\drivers
2015-05-18 18:50:00 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2015-05-17 15:45:09 ----D---- C:\WINDOWS\AppReadiness
2015-05-16 00:25:02 ----SHD---- C:\WINDOWS\Installer
2015-05-16 00:20:00 ----D---- C:\WINDOWS\Tasks
2015-05-15 14:24:36 ----RD---- C:\WINDOWS\System32
2015-05-15 14:24:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-14 14:32:21 ----D---- C:\WINDOWS\rescache
2015-05-14 11:43:06 ----D---- C:\WINDOWS\SysWOW64
2015-05-14 10:32:14 ----RSD---- C:\WINDOWS\assembly
2015-05-14 10:20:13 ----HD---- C:\Program Files\WindowsApps
2015-05-14 05:18:15 ----D---- C:\WINDOWS\WinSxS
2015-05-13 23:22:51 ----D---- C:\Program Files\Internet Explorer
2015-05-13 23:22:51 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 23:22:49 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-13 23:22:48 ----RSD---- C:\WINDOWS\Fonts
2015-05-13 23:22:48 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 23:22:46 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-13 09:26:04 ----D---- C:\WINDOWS\CbsTemp
2015-05-13 09:25:14 ----D---- C:\WINDOWS\system32\catroot2
2015-05-13 09:24:55 ----D---- C:\WINDOWS\system32\MRT
2015-05-13 08:56:36 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-13 08:56:04 ----D---- C:\WINDOWS\apppatch
2015-05-13 08:55:17 ----D---- C:\Program Files\Windows Journal
2015-05-11 17:08:18 ----SHD---- C:\System Volume Information
2015-05-09 16:55:45 ----D---- C:\Program Files (x86)\SpeedFan
2015-05-08 16:11:42 ----D---- C:\Windows
2015-05-08 12:45:37 ----D---- C:\WINDOWS\debug
2015-05-05 19:59:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-02 11:05:56 ----D---- C:\ProgramData\Skype
2015-04-26 23:55:02 ----D---- C:\WINDOWS\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-04-23 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-04-23 272248]
R0 AtiPcie;@oem12.inf,%ATIPCIE_svcdesc%;AMD PCI Express (3GIO) Filter; C:\WINDOWS\System32\drivers\AtiPcie64.sys [2012-07-16 17064]
R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-04-23 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-04-23 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-04-23 442264]
R1 VWiFiFlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-04-23 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-04-23 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-04-23 137288]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-23 273824]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-13 13207552]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-13 626176]
R3 AtiHDAudioService;@oem15.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2013-02-14 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-25 4155536]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SNP2UVC;@oem10.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2011-10-17 3567488]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-06-19 57000]
S0 amdkmafd;@oem16.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2013-03-29 21600]
S3 athur;@oem18.inf,%ATHR.Service.DispName%;Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-13 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-23 343336]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-23 4034896]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-21 114288]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 19 kvě 2015 21:48

Krasny den Vam preju

Pokud nepouzivate, odinstalujte

Seznam Listicka - muzete si tento SW do PC nainstalovat vedome, ale take jako adware http://forum.viry.cz/viewtopic.php?p=1374436#p1374436
Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928

Upozorneni: tento sken zabere od 30 minut po nekolik hodin

elegan · #3 Příspěvek od **elegan** » 19 kvě 2015 23:20

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19. 5. 2015
Čas skenování: 23:03:30
Protokol: malware.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.19.05
Databáze rootkitů: v2015.05.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Admin

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 612812
Uplynulý čas: 1 hod, 3 min, 34 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Riskware.Patcher, C:\Nero 12 Platinum FULL_CZ+serial\serial-klAÄ?\Patch.exe, , [522fbfd6b6d43df93969340116eb54ac],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#4 Příspěvek od **altrok** » 19 kvě 2015 23:24

Nalez smazte/presunte do karanteny.

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

elegan · #5 Příspěvek od **elegan** » 21 kvě 2015 13:28

# AdwCleaner v4.204 - Log vytvořen 21/05/2015 v 14:24:12
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Admin - OLDADOLE
# Spuštěno z : C:\Users\Admin\Desktop\adwcleaner_4.204 (1).exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
Složka Smazáno : C:\Program Files\FileViewPro
Složka Smazáno : C:\Users\Admin\AppData\Local\FileViewPro
Složka Smazáno : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9qhd3mx.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mbmpjbkgemhgalmeiigcdljkccfcafoj
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam
Soubor Smazáno : C:\WINDOWS\System32\roboot64.exe

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Appscion
Klíč Smazáno : HKU\.DEFAULT\Software\IBUpdaterService
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v32.0.3 (x86 cs)

-\\ Google Chrome v43.0.2357.65

*************************

AdwCleaner[R0].txt - [6075 bytů] - [17/11/2014 21:35:38]
AdwCleaner[R1].txt - [1054 bytů] - [30/11/2014 18:15:06]
AdwCleaner[R2].txt - [2178 bytů] - [20/05/2015 01:44:49]
AdwCleaner[R3].txt - [2096 bytů] - [21/05/2015 14:20:32]
AdwCleaner[S0].txt - [5580 bytů] - [17/11/2014 21:38:35]
AdwCleaner[S1].txt - [1120 bytů] - [30/11/2014 18:19:36]
AdwCleaner[S2].txt - [1960 bytů] - [21/05/2015 14:24:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2018 bytů] ##########

#6 Příspěvek od **altrok** » 21 kvě 2015 13:37

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

elegan · #7 Příspěvek od **elegan** » 21 kvě 2015 14:04

FRST launcher nejde stáhnout,PC hlásí, že je zavirován.Mohu poslat log bez launcheru?

#8 Příspěvek od **altrok** » 21 kvě 2015 14:08

Ano, vytvorte logy pomoci samotneho FRST.exe/FRST64.exe

elegan · #9 Příspěvek od **elegan** » 21 kvě 2015 14:15

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by Admin (administrator) on OLDADOLE on 21-05-2015 15:13:52
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Admin & Věra)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Admin\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\Run: [4B9B38AE4C8290791A3BEA919FBE62CB47D281A8._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-23] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-93534635-496432027-2617682595-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.brunova-tipovacka.cz/hraci-p ... ledky.aspx
HKU\S-1-5-21-93534635-496432027-2617682595-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://novy.hokej.cz/1-liga/table
http://novy.hokej.cz/1-liga/player-stat ... ew-order=a
http://novy.hokej.cz/1-liga/zapasy?matc ... ition=4161
http://www.brunova-tipovacka.cz/hraci-p ... ledky.aspx
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-93534635-496432027-2617682595-1001 -> {365C4C9B-E56B-40CD-87C8-737A4CC462D9} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13014
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-23] (Avast Software s.r.o.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9qhd3mx.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-93534635-496432027-2617682595-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-28]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-19]
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-18]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-19]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Safe Price(Adblock Suggestions)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iebhdknplcmgbpofainnbfglhpdgdlmg [2015-04-10]
CHR Extension: (Adblock Super) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-01-09]
CHR Extension: (Star Gazer) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2014-12-19]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (No Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2015-05-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-23] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-23] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-29] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-23] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-23] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-23] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-23] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-23] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-23] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [3567488 2011-10-17] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-23] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-21 15:13 - 2015-05-21 15:14 - 00014714 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-21 15:12 - 2015-05-21 15:13 - 00000000 ____D () C:\FRST
2015-05-21 15:00 - 2015-05-21 15:00 - 02107904 _____ (Farbar) C:\Users\Admin\Desktop\FRST64 (1).exe
2015-05-21 14:19 - 2015-05-21 14:19 - 02209792 _____ () C:\Users\Admin\Desktop\adwcleaner_4.204 (1).exe
2015-05-21 03:03 - 2015-05-21 03:03 - 00000000 ____D () C:\Users\Admin\Downloads\Na českém posvícení II. - to nejlepší z české dechovky
2015-05-21 01:58 - 2015-05-21 02:05 - 121623295 _____ () C:\Users\Admin\Downloads\Na-českém-posvícení-II.---to-nejlepší-z-české-dechovky.rar
2015-05-21 01:47 - 2015-05-21 01:47 - 00000000 ____D () C:\Users\Admin\Downloads\Josef Zíma,Standa Procházka,Skovajsovy sestry & other - U muziky 1 (To nejlepší z české dechovky)
2015-05-21 01:37 - 2015-05-21 01:37 - 00000000 ____D () C:\Users\Admin\Downloads\1984 Moravanka - Od dědiny k městečku
2015-05-21 01:36 - 2015-05-21 01:46 - 174183732 _____ () C:\Users\Admin\Downloads\Josef-Zíma,Standa-Procházka,Skovajsovy-sestry-&-other---U-muziky-1-(To-nejlepší-z-české-dechovky).rar
2015-05-21 01:30 - 2015-05-21 01:36 - 105357275 _____ () C:\Users\Admin\Downloads\1984-Moravanka---Od-dědiny-k-městečku.rar
2015-05-21 01:15 - 2015-05-21 01:15 - 00000000 ____D () C:\Users\Admin\Downloads\The Kelly Family - Best of Kelly Family
2015-05-21 01:11 - 2015-05-21 01:14 - 63124267 _____ () C:\Users\Admin\Downloads\the-kelly-family-best-of-kelly-family-pres-MultiLoad.cz.rar
2015-05-20 09:47 - 2015-05-20 09:47 - 00000372 _____ () C:\WINDOWS\PFRO.log
2015-05-20 01:43 - 2015-05-20 01:43 - 02209792 _____ () C:\Users\Admin\Downloads\adwcleaner_4.204.exe
2015-05-19 23:43 - 2015-05-20 00:13 - 531495518 _____ () C:\Users\Admin\Downloads\Ordinace-v-růžové-zahradě-2-579-Silná-trojka.avi
2015-05-19 23:00 - 2015-05-19 23:00 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-19 22:59 - 2015-05-19 22:59 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-19 22:59 - 2015-05-19 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-19 22:59 - 2015-05-19 22:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-19 22:59 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-19 22:59 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-19 22:59 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-19 22:53 - 2015-05-19 22:54 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-19 22:27 - 2015-05-19 22:57 - 538595044 _____ () C:\Users\Admin\Downloads\Ordinace-v-růžové-zahradě-2-579-Překvapení-za-překvapením.avi
2015-05-19 21:02 - 2015-05-19 21:32 - 539058782 _____ () C:\Users\Admin\Downloads\Ordinace-v-růžové-zahradě-2-578.-Překvapení-za-překvapením.avi
2015-05-19 11:23 - 2015-05-19 11:23 - 01222144 _____ () C:\Users\Admin\Downloads\RSITx64.exe
2015-05-18 19:00 - 2015-05-18 19:00 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2015-05-18 18:59 - 2015-05-18 18:59 - 00937208 _____ (Crawler.com ) C:\Users\Admin\Downloads\SpywareTerminatorSetup.exe
2015-05-18 18:50 - 2015-05-18 18:50 - 00001081 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-18 16:00 - 2015-05-18 16:39 - 535614666 _____ () C:\Users\Admin\Downloads\Ordinace-v-růžové-zahradě-2-577.-Kamínek-pro-štěstí.avi
2015-05-18 14:45 - 2015-05-18 14:46 - 02107392 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-05-13 09:25 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:25 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:36 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 08:36 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 08:36 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 08:36 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 08:36 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 08:36 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 08:36 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 08:36 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 08:36 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 08:36 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 08:36 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 08:35 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 08:35 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 08:35 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 08:35 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 08:35 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 08:35 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 08:35 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 08:35 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 08:35 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 08:35 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 08:35 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 08:35 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 08:35 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 08:35 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 08:35 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 08:35 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 08:35 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 08:35 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 08:35 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 08:35 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 08:35 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 08:35 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 08:35 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 08:35 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 08:35 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 08:35 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 08:35 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 08:35 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 08:35 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 08:35 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 08:35 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 08:35 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 08:35 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 08:35 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 08:35 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 08:35 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 08:35 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 08:35 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 08:35 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 08:35 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 08:35 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 08:35 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 08:35 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 08:35 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 08:35 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 08:35 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 08:35 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 08:35 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 08:35 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 08:35 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 08:35 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 08:35 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 08:35 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 08:35 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 08:35 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 08:35 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 08:35 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 08:35 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 08:35 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 08:35 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 08:35 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 08:35 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 08:35 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 08:35 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 08:35 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 08:35 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 08:35 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 08:35 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 14:13 - 2015-05-12 14:14 - 00001629 _____ () C:\Users\Admin\Desktop\DIETA – zástupce.lnk
2015-05-09 02:57 - 2015-05-15 13:18 - 00000000 ____D () C:\Users\Admin\Downloads\KOLLER DAVID - CeskosLOVEnsko (CZ 2015)[MP3.CBR.320]
2015-05-09 02:55 - 2015-05-09 02:56 - 96848610 _____ () C:\Users\Admin\Downloads\Chinaski - Rockfield.rar
2015-05-09 02:54 - 2015-05-09 02:55 - 190258741 _____ () C:\Users\Admin\Downloads\Nightwish – Endless Forms Most Beautiful (2015).rar
2015-05-09 02:54 - 2015-05-09 02:54 - 122033789 _____ () C:\Users\Admin\Downloads\KOLLER DAVID - CeskosLOVEnsko (CZ 2015)[MP3.CBR.320].rar
2015-05-09 02:27 - 2015-05-09 02:27 - 00000000 ____D () C:\Users\Admin\Downloads\Elán Best Of 2CD
2015-05-09 02:26 - 2015-05-09 02:27 - 151888385 _____ () C:\Users\Admin\Downloads\Elán Best Of 2CD.rar
2015-05-09 02:26 - 2015-05-09 02:26 - 00000000 ____D () C:\Users\Admin\Downloads\Rapmasters - Best Of
2015-05-09 02:26 - 2015-05-09 02:26 - 00000000 ____D () C:\Users\Admin\Downloads\Jindra Štáhlavský - Muj vyber - Best Of
2015-05-09 02:25 - 2015-05-09 02:25 - 103973937 _____ () C:\Users\Admin\Downloads\Rapmasters - Best Of.rar
2015-05-09 02:24 - 2015-05-09 02:25 - 147975870 _____ () C:\Users\Admin\Downloads\Jindra Štáhlavský - Muj vyber - Best Of.zip
2015-05-09 02:15 - 2015-05-09 02:15 - 00000000 ____D () C:\Users\Admin\Downloads\Lucie - Vše nejlepší ,88 - [99)
2015-05-09 02:14 - 2015-05-09 02:15 - 114708915 _____ () C:\Users\Admin\Downloads\Lucie - Vše nejlepší ,88 - [99).rar
2015-05-09 02:11 - 2015-05-09 02:12 - 176243520 _____ () C:\Users\Admin\Downloads\Lucie.mp4
2015-05-09 01:03 - 2015-05-09 01:07 - 73367616 _____ () C:\Users\Admin\Downloads\Cesky-Vyber-Vol.4.7z
2015-05-09 01:02 - 2015-05-09 01:02 - 00000000 ____D () C:\Users\Admin\Downloads\Cesky-Vyber-Vol.3
2015-05-09 00:58 - 2015-05-09 00:58 - 00000000 ____D () C:\Users\Admin\Downloads\Cesky-Vyber-Vol.1
2015-05-09 00:44 - 2013-12-23 14:40 - 00000000 ____D () C:\Users\Admin\Downloads\Cesky Vyber-Vol.2
2015-05-09 00:06 - 2015-05-09 00:36 - 532188372 _____ () C:\Users\Admin\Downloads\Ordinace-v-růžové-zahradě-2-576-Děkuju,-sestřičko!.avi
2015-05-09 00:00 - 2015-05-09 00:16 - 1052238020 _____ () C:\Users\Admin\Downloads\Darkman 2-Durantův návrat-akcni.scifi.USA.1995.CZdab.avi
2015-05-09 00:00 - 2015-05-09 00:13 - 1040332578 _____ () C:\Users\Admin\Downloads\Darkman 3 -Na život a na smrt-scifi.USA.1996.CZdab.avi
2015-05-08 23:53 - 2015-05-08 23:59 - 733904896 _____ () C:\Users\Admin\Downloads\Darkman.avi
2015-05-08 16:11 - 2015-05-21 14:25 - 00006463 _____ () C:\WINDOWS\setupact.log
2015-05-08 16:11 - 2015-05-08 16:11 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-08 12:56 - 2015-05-15 13:18 - 00123904 ___SH () C:\Users\Admin\Downloads\Thumbs.db
2015-05-07 15:28 - 2015-05-07 15:32 - 538564468 _____ () C:\Users\Admin\Downloads\Ordinace-v-růžové-zahradě-2-575-Já-to-nevzdám.avi
2015-05-04 01:53 - 2015-05-04 01:54 - 47947011 _____ (myWOTmods.com ) C:\Users\Admin\Downloads\webium-modpack-installer-0.9.7-v9.7.5.exe
2015-05-04 01:29 - 2015-05-06 12:13 - 00002034 _____ () C:\Users\Public\Desktop\Webium's Modpack.lnk
2015-05-04 01:29 - 2015-05-06 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2015-05-04 01:16 - 2015-05-04 01:16 - 49809916 _____ (myWOTmods.com ) C:\Users\Admin\Downloads\webium-modpack-installer-0-9-6-v9-6-8[WoTportal.cz].exe
2015-05-04 00:16 - 2015-05-04 00:17 - 09578028 _____ () C:\Users\Admin\Downloads\installspeedfan.exe
2015-05-03 22:43 - 2015-05-03 22:43 - 66864113 _____ (Aslain ) C:\Users\Admin\Downloads\Aslains_XVM_Mod_Installer_v.4.3.10_97.exe
2015-04-28 17:19 - 2015-04-28 17:19 - 00000784 _____ () C:\Users\Admin\Desktop\World of Tanks.lnk
2015-04-28 17:19 - 2015-04-28 17:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-04-26 13:29 - 2015-04-26 13:31 - 00000000 ____D () C:\záloha m400
2015-04-26 12:51 - 2015-04-26 16:46 - 662354184 _____ () C:\Users\Admin\Downloads\Mio-Mireo-2010.09-full-EU-mapslic.part1.rar.crdownload
2015-04-24 22:05 - 2015-04-24 22:28 - 1442211840 _____ () C:\Users\Admin\Downloads\Interstellar.avi
2015-04-24 22:03 - 2015-04-24 22:25 - 992569344 _____ () C:\Users\Admin\Downloads\Hunger games 2012 CZ.avi
2015-04-24 22:02 - 2015-04-24 22:20 - 752836708 _____ () C:\Users\Admin\Downloads\Srážka planet Sci-Fi 2011 cz.avi
2015-04-23 12:31 - 2015-04-23 12:31 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-23 12:30 - 2015-04-23 12:30 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-21 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-21 15:00 - 2013-05-31 14:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-05-21 14:38 - 2015-04-19 21:29 - 01302167 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-21 14:36 - 2013-05-28 11:35 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-93534635-496432027-2617682595-1001
2015-05-21 14:25 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-21 14:25 - 2013-05-28 11:41 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 14:24 - 2014-11-17 21:35 - 00000000 ____D () C:\AdwCleaner
2015-05-21 14:19 - 2013-05-30 00:33 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-21 03:27 - 2013-05-28 11:41 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-20 21:35 - 2013-05-28 12:51 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-20 13:58 - 2015-04-15 13:01 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-20 13:58 - 2015-04-15 13:01 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-20 13:58 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-20 13:28 - 2013-11-29 20:09 - 00055566 _____ () C:\Users\Admin\Desktop\WOT.ods_0.ods
2015-05-20 10:28 - 2013-11-14 14:40 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-20 10:28 - 2013-11-14 14:24 - 00738682 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-20 10:28 - 2013-11-14 14:24 - 00151404 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-20 02:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-19 23:42 - 2013-08-03 23:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2015-05-19 22:58 - 2014-09-17 07:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-19 22:51 - 2014-05-26 21:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Seznam.cz
2015-05-19 11:46 - 2013-11-24 15:26 - 00022077 _____ () C:\Users\Admin\Desktop\ZOO.ods
2015-05-19 11:25 - 2013-12-27 00:42 - 00000000 ____D () C:\Program Files\trend micro
2015-05-18 22:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-18 19:54 - 2014-03-07 02:44 - 00000000 ____D () C:\Users\Admin
2015-05-17 15:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-16 00:20 - 2013-05-28 11:41 - 00003950 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 00:20 - 2013-05-28 11:41 - 00003714 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 13:18 - 2014-12-07 14:18 - 00064000 ___SH () C:\Users\Admin\Documents\Thumbs.db
2015-05-14 14:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-14 11:43 - 2013-05-28 12:49 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 05:17 - 2013-08-22 16:44 - 00371224 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-13 23:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-13 23:22 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 09:24 - 2013-09-04 14:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 08:56 - 2013-05-28 11:51 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 08:55 - 2013-11-14 14:26 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 14:29 - 2013-06-13 09:45 - 00162304 _____ () C:\Users\Admin\Documents\DIETA.xls
2015-05-09 16:55 - 2013-12-29 23:28 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-05-09 12:32 - 2013-06-05 00:18 - 00502272 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-04 00:19 - 2013-12-29 23:28 - 00001018 _____ () C:\Users\Admin\Desktop\SpeedFan.lnk
2015-05-04 00:19 - 2013-12-29 23:28 - 00000045 _____ () C:\WINDOWS\SysWOW64\initdebug.nfo
2015-05-04 00:19 - 2013-12-29 23:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-05-02 11:05 - 2013-05-31 14:26 - 00000000 ____D () C:\ProgramData\Skype
2015-04-24 10:00 - 2014-01-03 19:47 - 00009072 _____ () C:\Users\Admin\Desktop\voda,platby.ods
2015-04-23 12:31 - 2015-03-12 21:57 - 00000000 ____D () C:\Users\Věra
2015-04-23 12:31 - 2014-08-08 19:34 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-23 12:31 - 2014-01-10 15:20 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-04-23 12:31 - 2013-05-28 12:51 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-23 12:31 - 2013-05-28 12:51 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-23 12:31 - 2013-05-28 12:51 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-04-23 12:31 - 2013-05-28 12:51 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-23 12:31 - 2013-05-28 12:51 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-23 12:30 - 2013-05-28 12:51 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2014-05-26 21:42 - 2014-05-26 21:42 - 0099384 _____ () C:\Users\Admin\AppData\Roaming\inst.exe
2014-05-26 21:42 - 2014-05-26 21:42 - 0007859 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.cat
2014-05-26 21:42 - 2014-05-26 21:42 - 0001167 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.inf
2014-05-26 21:42 - 2014-05-26 21:42 - 0000055 _____ () C:\Users\Admin\AppData\Roaming\pcouffin.log
2014-05-26 21:42 - 2014-05-26 21:42 - 0082816 _____ (VSO Software) C:\Users\Admin\AppData\Roaming\pcouffin.sys
2013-08-06 22:59 - 2013-08-06 23:27 - 0099678 _____ () C:\Users\Admin\AppData\Roaming\seesimilar.ico
2014-06-17 10:42 - 2015-04-08 10:56 - 0028160 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-28 13:32 - 2013-05-28 13:32 - 1065984 _____ () C:\Users\Admin\AppData\Local\file__0.localstorage
2014-04-15 14:58 - 2015-03-02 10:03 - 0000181 _____ () C:\Users\Admin\AppData\Local\MRDownloader (1).err
2014-04-15 14:57 - 2015-03-02 10:06 - 0001296 _____ () C:\Users\Admin\AppData\Local\MRDownloader (1).nast
2014-05-05 22:51 - 2015-03-10 15:59 - 0000257 _____ () C:\Users\Admin\AppData\Local\MRDownloader (2).err
2014-05-05 22:54 - 2015-03-10 16:00 - 0001088 _____ () C:\Users\Admin\AppData\Local\MRDownloader (2).nast
2014-05-20 22:35 - 2014-05-20 22:35 - 0001048 _____ () C:\Users\Admin\AppData\Local\MRDownloader (3).nast
2014-04-10 21:54 - 2015-02-10 02:25 - 0001048 _____ () C:\Users\Admin\AppData\Local\MRDownloader.nast
2013-09-16 07:23 - 2013-09-16 07:23 - 0000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg
2013-08-29 23:58 - 2013-08-29 23:58 - 0001040 _____ () C:\Users\Admin\AppData\Local\SRDownloader.nast
2014-11-06 10:45 - 2014-11-15 17:51 - 0000801 _____ () C:\Users\Admin\AppData\Local\TwitchModCfg.txt

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Admin\AppData\Local\Temp\sfareca00001.dll
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Admin\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-21 14:36

==================== End Of Log ============================

elegan · #10 Příspěvek od **elegan** » 21 kvě 2015 14:16

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Admin at 2015-05-21 15:14:32
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Admin (S-1-5-21-93534635-496432027-2617682595-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-93534635-496432027-2617682595-500 - Administrator - Disabled)
Guest (S-1-5-21-93534635-496432027-2617682595-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-93534635-496432027-2617682595-1149 - Limited - Enabled)
Věra (S-1-5-21-93534635-496432027-2617682595-1151 - Limited - Enabled) => C:\Users\Věra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
AVI ReComp 1.5.5 (HKLM-x32\...\AVI ReComp) (Version: 1.5.5 - Mateusz Gola (aka Prozac))
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version: - convertavitomp4.com)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
EVEREST Home Edition v1.51 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: - Lavalys Inc)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
ffdshow [rev 3299] [2010-03-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3299 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Happy Cloud Client (HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
LG Burning Tools (HKLM-x32\...\{567C9882-843D-4188-A181-00E2CC3E1029}) (Version: 8.3.568 - Nero AG)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 cs)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Unknown Device Identifier 8.00 (HKLM\...\Unknown Device Identifier_is1) (Version: - Huntersoft)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 9.15 - Ecom)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.14 - VSO Software)
webiums modpack 0.9.7 v9.7.5 (HKLM-x32\...\{B64D8CE9-11B2-469D-A347-9A13C2BCA423}_is1) (Version: 9.7.5 - myWOTmods.com)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
World of Tanks (HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zoner Photo Studio 9 (HKLM-x32\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

03-05-2015 20:26:42 Naplánovaný kontrolní bod
11-05-2015 17:08:01 Naplánovaný kontrolní bod
19-05-2015 12:48:21 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {077865F8-3649-4FF2-A223-1C8FABB7ECF8} - System32\Tasks\{123E64A3-0E3D-4682-AC85-50A187D58860} => pcalua.exe -a E:\instalace\Total_comander\tcmdr601.exe -d E:\instalace\Total_comander
Task: {0B65B5D0-5DFF-4624-8353-205150B5DDAD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {1AB3530B-B995-478C-8222-B04086B15589} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {221D5A0C-0078-48CF-97B0-01BB2B7AD511} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {30755966-5DF8-4B11-89BD-05CB3C628C88} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {34039024-6503-48E0-A77A-BA32983FF587} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {40DB4A35-402C-430D-9B5E-DCDD5F065259} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-23] (Avast Software s.r.o.)
Task: {52097BCD-F351-40C2-B86E-3FEDA45889E5} - System32\Tasks\{5EB7B9AA-9A41-4145-A9C3-50ABC030AD88} => pcalua.exe -a "C:\Users\Admin\AppData\Roaming\0S1H1T1C2Z0T2W1P1T1J1V0U0M0D\UpdateMyDrivers Packages\uninstaller.exe" -c /Uninstall /NM="UpdateMyDrivers Packages" /AN="0S1H1T1C2Z0T2W1P1T1J1V0U0M0D" /MBN="UpdateMyDrivers Packages"
Task: {70743FD9-F7C0-4C17-9802-43360323D4DA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2015-05-13] (Microsoft Corporation)
Task: {B2D15CFC-7721-41F8-9113-68DF7DB54212} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-06 16:06 - 2013-12-06 16:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-04-23 12:30 - 2015-04-23 12:30 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-23 12:30 - 2015-04-23 12:30 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-21 13:46 - 2015-05-21 13:46 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15052100\algo.dll
2015-04-23 12:30 - 2015-04-23 12:30 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-21 03:27 - 2015-05-13 18:48 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libglesv2.dll
2015-05-21 03:27 - 2015-05-13 18:48 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libegl.dll
2015-05-21 03:27 - 2015-05-13 18:48 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Admin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Admin\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Admin\Documents\registrace viphone.eml:OECustomProperty
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-93534635-496432027-2617682595-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\IMG_0177.JPG
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{63F8D82E-3643-40CA-8F08-371F523BC734}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{2EDA11A7-E623-4D4D-833F-22D7E1234B80}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{E16A727B-C3F2-4876-B200-500A267AB3C5}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{A04483F1-9C8C-483F-8836-F53D5E9E2909}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [UDP Query User{2040675E-22B4-4833-AF5C-8B8274F35320}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{2CB9F9F9-199A-4AB8-A76E-F4AD659D546F}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{4FA75872-DD46-4DD2-8781-320EB4B98B51}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{5EB5B1F9-2E0D-4F11-A56D-7635582F8EAB}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1D50C66D-26FA-406F-83D4-ADD4F6D5B872}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{351B858C-8217-447B-8091-78585496EB6E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{38F2F38A-903F-458A-87C5-09417EC5E9DF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{DD95B5C8-D7E3-4696-B227-04F9BE65C616}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{988B2C53-C6D8-4A4A-87E7-CF12D8C9D4A4}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{678052B0-6A34-49B6-A58E-EED8F5687FB5}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{37D1FE38-D8F6-4E5E-8F26-3A0D1CFFF1FA}] => (Block) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{F513729D-8CAE-4823-8EEF-577977C83A66}] => (Block) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{82608900-CC01-48F1-9DF3-A1E8100ECA69}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{2E2B89F9-0D8C-4CC6-A47F-B90437ADCC8A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F4DFE226-3871-4F63-9286-682929C3E597}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{4A075F1A-0304-4CE4-B5CB-2B89BE628B4C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{73AC9C85-6054-400E-941F-DABBE3CCC40D}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{13118CD6-0326-4F32-9D4C-3C866C2589ED}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{D36CCB64-7152-40D1-A814-D077C711D332}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0DF0E936-A73B-4494-9010-435A724434CA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{57C78506-38C4-4611-A818-18CB9B926CF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2015 11:41:45 AM) (Source: MsiInstaller) (EventID: 1024) (User: OLDADOLE)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011011} produktu Adobe Reader XI (11.0.10) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/08/2015 00:55:08 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (05/03/2015 10:47:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp, verze: 51.1052.0.0, časové razítko: 0x53bcf616
Název chybujícího modulu: isslideshow.dll_unloaded, verze: 1.0.2.0, časové razítko: 0x2a425e19
Kód výjimky: 0xc000041d
Posun chyby: 0x00023e38
ID chybujícího procesu: 0xf74
Čas spuštění chybující aplikace: 0xAslains_XVM_Mod_Installer_v.4.3.10_97.tmp0
Cesta k chybující aplikaci: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp1
Cesta k chybujícímu modulu: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp2
ID zprávy: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp3
Úplný název chybujícího balíčku: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp4
ID aplikace související s chybujícím balíčkem: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp5

Error: (05/03/2015 10:47:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp, verze: 51.1052.0.0, časové razítko: 0x53bcf616
Název chybujícího modulu: isslideshow.dll_unloaded, verze: 1.0.2.0, časové razítko: 0x2a425e19
Kód výjimky: 0xc0000005
Posun chyby: 0x00023e38
ID chybujícího procesu: 0xf74
Čas spuštění chybující aplikace: 0xAslains_XVM_Mod_Installer_v.4.3.10_97.tmp0
Cesta k chybující aplikaci: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp1
Cesta k chybujícímu modulu: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp2
ID zprávy: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp3
Úplný název chybujícího balíčku: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp4
ID aplikace související s chybujícím balíčkem: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp5

Error: (04/30/2015 02:22:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mmc.exe, verze: 6.3.9600.17415, časové razítko: 0x54504e26
Název chybujícího modulu: MFC42u.dll, verze: 6.6.8063.0, časové razítko: 0x54cae676
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000004396a
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0xmmc.exe0
Cesta k chybující aplikaci: mmc.exe1
Cesta k chybujícímu modulu: mmc.exe2
ID zprávy: mmc.exe3
Úplný název chybujícího balíčku: mmc.exe4
ID aplikace související s chybujícím balíčkem: mmc.exe5

Error: (04/30/2015 02:22:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mmc.exe, verze: 6.3.9600.17415, časové razítko: 0x54504e26
Název chybujícího modulu: MFC42u.dll, verze: 6.6.8063.0, časové razítko: 0x54cae676
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004396a
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0xmmc.exe0
Cesta k chybující aplikaci: mmc.exe1
Cesta k chybujícímu modulu: mmc.exe2
ID zprávy: mmc.exe3
Úplný název chybujícího balíčku: mmc.exe4
ID aplikace související s chybujícím balíčkem: mmc.exe5

Error: (04/30/2015 02:22:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: mmc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FF8B143396A
Zásobník:

Error: (04/29/2015 11:16:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp, verze: 51.1052.0.0, časové razítko: 0x53bcf616
Název chybujícího modulu: isslideshow.dll_unloaded, verze: 1.0.2.0, časové razítko: 0x2a425e19
Kód výjimky: 0xc000041d
Posun chyby: 0x00023e38
ID chybujícího procesu: 0x780
Čas spuštění chybující aplikace: 0xAslains_XVM_Mod_Installer_v.4.3.4_97.tmp0
Cesta k chybující aplikaci: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp1
Cesta k chybujícímu modulu: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp2
ID zprávy: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp3
Úplný název chybujícího balíčku: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp4
ID aplikace související s chybujícím balíčkem: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp5

Error: (04/29/2015 11:16:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp, verze: 51.1052.0.0, časové razítko: 0x53bcf616
Název chybujícího modulu: isslideshow.dll_unloaded, verze: 1.0.2.0, časové razítko: 0x2a425e19
Kód výjimky: 0xc0000005
Posun chyby: 0x00023e38
ID chybujícího procesu: 0x780
Čas spuštění chybující aplikace: 0xAslains_XVM_Mod_Installer_v.4.3.4_97.tmp0
Cesta k chybující aplikaci: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp1
Cesta k chybujícímu modulu: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp2
ID zprávy: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp3
Úplný název chybujícího balíčku: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp4
ID aplikace související s chybujícím balíčkem: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp5

Error: (04/29/2015 10:58:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp, verze: 51.1052.0.0, časové razítko: 0x53bcf616
Název chybujícího modulu: isslideshow.dll_unloaded, verze: 1.0.2.0, časové razítko: 0x2a425e19
Kód výjimky: 0xc000041d
Posun chyby: 0x00023e38
ID chybujícího procesu: 0x14ec
Čas spuštění chybující aplikace: 0xAslains_XVM_Mod_Installer_v.4.3.4_97.tmp0
Cesta k chybující aplikaci: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp1
Cesta k chybujícímu modulu: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp2
ID zprávy: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp3
Úplný název chybujícího balíčku: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp4
ID aplikace související s chybujícím balíčkem: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp5

System errors:
=============
Error: (05/21/2015 03:10:05 PM) (Source: DCOM) (EventID: 10010) (User: OLDADOLE)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/21/2015 03:09:28 PM) (Source: DCOM) (EventID: 10010) (User: OLDADOLE)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/21/2015 02:37:32 PM) (Source: DCOM) (EventID: 10010) (User: OLDADOLE)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/21/2015 02:37:02 PM) (Source: DCOM) (EventID: 10010) (User: OLDADOLE)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/21/2015 02:25:50 PM) (Source: DCOM) (EventID: 10016) (User: OLDADOLE)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}OLDADOLEAdminS-1-5-21-93534635-496432027-2617682595-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (05/21/2015 02:25:51 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (05/21/2015 02:25:51 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (05/21/2015 02:24:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (05/21/2015 02:24:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/21/2015 02:24:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Microsoft Office Sessions:
=========================
Error: (05/14/2015 11:41:45 AM) (Source: MsiInstaller) (EventID: 1024) (User: OLDADOLE)
Description: Adobe Reader XI (11.0.10) - Czech{AC76BA86-7AD7-0000-2550-7A8C40011011}1625(NULL)(NULL)(NULL)

Error: (05/08/2015 00:55:08 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883

Error: (05/03/2015 10:47:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp51.1052.0.053bcf616isslideshow.dll_unloaded1.0.2.02a425e19c000041d00023e38f7401d085e1edaa6a43C:\Users\Admin\AppData\Local\Temp\is-58QMD.tmp\Aslains_XVM_Mod_Installer_v.4.3.10_97.tmpisslideshow.dll9a60ddf4-f1d5-11e4-bfe7-d43d7e5271ef

Error: (05/03/2015 10:47:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aslains_XVM_Mod_Installer_v.4.3.10_97.tmp51.1052.0.053bcf616isslideshow.dll_unloaded1.0.2.02a425e19c000000500023e38f7401d085e1edaa6a43C:\Users\Admin\AppData\Local\Temp\is-58QMD.tmp\Aslains_XVM_Mod_Installer_v.4.3.10_97.tmpisslideshow.dll9970d93f-f1d5-11e4-bfe7-d43d7e5271ef

Error: (04/30/2015 02:22:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmc.exe6.3.9600.1741554504e26MFC42u.dll6.6.8063.054cae676c000041d000000000004396a75001d082644ccf2c81C:\WINDOWS\system32\mmc.exeC:\WINDOWS\system32\MFC42u.dllf86bbbe5-eece-11e4-bfdd-d43d7e5271ef

Error: (04/30/2015 02:22:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mmc.exe6.3.9600.1741554504e26MFC42u.dll6.6.8063.054cae676c0000005000000000004396a75001d082644ccf2c81C:\WINDOWS\system32\mmc.exeC:\WINDOWS\system32\MFC42u.dllf6fb6767-eece-11e4-bfdd-d43d7e5271ef

Error: (04/30/2015 02:22:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: mmc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FF8B143396A
Zásobník:

Error: (04/29/2015 11:16:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp51.1052.0.053bcf616isslideshow.dll_unloaded1.0.2.02a425e19c000041d00023e3878001d0825c51f39345C:\Users\Admin\AppData\Local\Temp\is-8JPUF.tmp\Aslains_XVM_Mod_Installer_v.4.3.4_97.tmpisslideshow.dll71883d32-ee50-11e4-bfdc-d43d7e5271ef

Error: (04/29/2015 11:16:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp51.1052.0.053bcf616isslideshow.dll_unloaded1.0.2.02a425e19c000000500023e3878001d0825c51f39345C:\Users\Admin\AppData\Local\Temp\is-8JPUF.tmp\Aslains_XVM_Mod_Installer_v.4.3.4_97.tmpisslideshow.dll70dd823d-ee50-11e4-bfdc-d43d7e5271ef

Error: (04/29/2015 10:58:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aslains_XVM_Mod_Installer_v.4.3.4_97.tmp51.1052.0.053bcf616isslideshow.dll_unloaded1.0.2.02a425e19c000041d00023e3814ec01d08255344537ecC:\Users\Admin\AppData\Local\Temp\is-7GECH.tmp\Aslains_XVM_Mod_Installer_v.4.3.4_97.tmpisslideshow.dllf5c750d7-ee4d-11e4-bfdc-d43d7e5271ef

CodeIntegrity Errors:
===================================
Date: 2015-02-08 04:51:15.962
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:15.790
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:15.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:13.993
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:13.743
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:13.384
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:13.118
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:12.759
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:12.509
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-08 04:51:12.165
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 32%
Total physical RAM: 8191.18 MB
Available physical RAM: 5495.2 MB
Total Pagefile: 9471.18 MB
Available Pagefile: 6044.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (HDD) (Fixed) (Total:931.17 GB) (Free:766.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EED5F060)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#11 Příspěvek od **altrok** » 21 kvě 2015 14:24

Odinstalujte starou a zranitelnou verzi javy Java 7 Update 67. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

2015-05-21 14:19 - 2015-05-21 14:19 - 02209792 _____ () C:\Users\Admin\Desktop\adwcleaner_4.204 (1).exe
2015-05-20 01:43 - 2015-05-20 01:43 - 02209792 _____ () C:\Users\Admin\Downloads\adwcleaner_4.204.exe
2015-05-19 11:23 - 2015-05-19 11:23 - 01222144 _____ () C:\Users\Admin\Downloads\RSITx64.exe
2015-05-21 14:24 - 2014-11-17 21:35 - 00000000 ____D () C:\AdwCleaner
2015-05-19 11:25 - 2013-12-27 00:42 - 00000000 ____D () C:\Program Files\trend micro
2015-05-19 22:51 - 2014-05-26 21:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Seznam.cz

Task: {077865F8-3649-4FF2-A223-1C8FABB7ECF8} - System32\Tasks\{123E64A3-0E3D-4682-AC85-50A187D58860} => pcalua.exe -a E:\instalace\Total_comander\tcmdr601.exe -d E:\instalace\Total_comander
Task: {52097BCD-F351-40C2-B86E-3FEDA45889E5} - System32\Tasks\{5EB7B9AA-9A41-4145-A9C3-50ABC030AD88} => pcalua.exe -a "C:\Users\Admin\AppData\Roaming\0S1H1T1C2Z0T2W1P1T1J1V0U0M0D\UpdateMyDrivers Packages\uninstaller.exe" -c /Uninstall /NM="UpdateMyDrivers Packages" /AN="0S1H1T1C2Z0T2W1P1T1J1V0U0M0D" /MBN="UpdateMyDrivers Packages"
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
Hosts:
EmptyTemp:
End

elegan · #12 Příspěvek od **elegan** » 21 kvě 2015 15:10

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-05-2015
Ran by Admin at 2015-05-21 16:05:28 Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Admin & Věra)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-93534635-496432027-2617682595-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

2015-05-21 14:19 - 2015-05-21 14:19 - 02209792 _____ () C:\Users\Admin\Desktop\adwcleaner_4.204 (1).exe
2015-05-20 01:43 - 2015-05-20 01:43 - 02209792 _____ () C:\Users\Admin\Downloads\adwcleaner_4.204.exe
2015-05-19 11:23 - 2015-05-19 11:23 - 01222144 _____ () C:\Users\Admin\Downloads\RSITx64.exe
2015-05-21 14:24 - 2014-11-17 21:35 - 00000000 ____D () C:\AdwCleaner
2015-05-19 11:25 - 2013-12-27 00:42 - 00000000 ____D () C:\Program Files\trend micro
2015-05-19 22:51 - 2014-05-26 21:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Seznam.cz

Task: {077865F8-3649-4FF2-A223-1C8FABB7ECF8} - System32\Tasks\{123E64A3-0E3D-4682-AC85-50A187D58860} => pcalua.exe -a E:\instalace\Total_comander\tcmdr601.exe -d E:\instalace\Total_comander
Task: {52097BCD-F351-40C2-B86E-3FEDA45889E5} - System32\Tasks\{5EB7B9AA-9A41-4145-A9C3-50ABC030AD88} => pcalua.exe -a "C:\Users\Admin\AppData\Roaming\0S1H1T1C2Z0T2W1P1T1J1V0U0M0D\UpdateMyDrivers Packages\uninstaller.exe" -c /Uninstall /NM="UpdateMyDrivers Packages" /AN="0S1H1T1C2Z0T2W1P1T1J1V0U0M0D" /MBN="UpdateMyDrivers Packages"
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-93534635-496432027-2617682595-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
C:\Users\Admin\Desktop\adwcleaner_4.204 (1).exe => Moved successfully.
C:\Users\Admin\Downloads\adwcleaner_4.204.exe => Moved successfully.
C:\Users\Admin\Downloads\RSITx64.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Admin\AppData\Roaming\Seznam.cz => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077865F8-3649-4FF2-A223-1C8FABB7ECF8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077865F8-3649-4FF2-A223-1C8FABB7ECF8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{123E64A3-0E3D-4682-AC85-50A187D58860} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{123E64A3-0E3D-4682-AC85-50A187D58860}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52097BCD-F351-40C2-B86E-3FEDA45889E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52097BCD-F351-40C2-B86E-3FEDA45889E5}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5EB7B9AA-9A41-4145-A9C3-50ABC030AD88} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5EB7B9AA-9A41-4145-A9C3-50ABC030AD88}" => Key deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 836.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog 16:05:38 ====

#13 Příspěvek od **altrok** » 21 kvě 2015 15:13

Fixlist probehl v poradku. Otestujte, zda uvodni problem (zpomaleni) pretrvava.

Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

elegan · #14 Příspěvek od **elegan** » 21 kvě 2015 16:06

PC je o poznání rychlejší.Přikládám log:
----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2015/05/21 17:06:02

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- ST1000DM003-1CH162 ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVDRAM GH24NS95 ATA Device
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1CH162 : 1000,2 GB [0/0/0, pd1] - st
(2) SAMSUNG HD103SI : 1000,2 GB [1/0/0, sp1]

----------------------------------------------------------------------------
(1) ST1000DM003-1CH162
----------------------------------------------------------------------------
Model : ST1000DM003-1CH162
Firmware : CC46
Serial Number : Z1D4DSN4
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 8893 hod.
Power On Count : 1299 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000D4F88F8 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 000000000513 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _82 _60 _30 000216AFB40E Počet chybných hledání
09 _90 _90 __0 0000000022BD Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 000000000513 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000006 Časový limit příkazu
BD _98 _98 __0 000000000002 Vysoká rychlost zápisu
BE _69 _47 _45 00002215001F Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000006B Počet vypnutí disku
C1 _99 _99 __0 000000000AC3 Počet cyklů načítání/vymazání
C2 _31 _53 __0 00110000001F Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 18B6000022E8 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0005461E384C Total Host Writes
F2 100 253 __0 000746BB6FCD Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A31 4434 4453 4E34
020: 0000 0000 0004 4343 3436 2020 2020 5354 3130 3030
030: 444D 3030 332D 3143 4831 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 004C 0040
080: 01F0 0029 346B 7D09 4163 3469 BC09 4163 407F 0033
090: 0033 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 507F 732D 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 48A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 77 63 F8 88 4F 0D 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 63 63 13
020: 05 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 52 3C 0E B4 AF 16 02 00 00 09 32
040: 00 5A 5A BD 22 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 13 05 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 63 06 00 00 00 00
090: 00 00 BD 3A 00 62 62 02 00 00 00 00 00 00 BE 22
0A0: 00 45 2F 1F 00 15 22 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 6B 00 00 00 00
0C0: 00 00 C1 32 00 63 63 C3 0A 00 00 00 00 00 C2 22
0D0: 00 1F 35 1F 00 00 00 11 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD E8 22 00 00 B6 18 18 F1 00 00 64 FD 4C
110: 38 1E 46 05 00 00 F2 00 00 64 FD CD 6F BB 46 07
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 48 02 00 73
170: 03 00 01 00 01 6A 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 61 01 00 00 03 03 03 03 02 02 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 B3 DE 6E 36 1E 1D 00 00
1B0: 00 00 00 00 01 00 9F 43 4C 38 1E 46 05 00 00 00
1C0: CD 6F BB 46 07 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 7C 0A 00 00 01 00 00 00
1E0: 00 00 00 00 E8 40 00 00 00 00 00 00 00 00 00 02
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

----------------------------------------------------------------------------
(2) SAMSUNG HD103SI
----------------------------------------------------------------------------
Enclosure : SAMSUNG HD103SI USB Device (V=0C0B, P=B159, sp1)
Model : SAMSUNG HD103SI
Firmware : 1AG01118
Serial Number : S1VSJ9ASA02807
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : USB (Serial ATA)
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 6276 hod.
Power On Count : 1041 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _82 _82 _11 000000001874 Čas na roztočení ploten
04 _98 _98 __0 0000000006BC Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _99 _99 __0 000000001884 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000001 Počet pokusů o překalibrování
0C _99 _99 __0 000000000411 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _75 _59 __0 000019100019 Teplota toku vzduchu
C2 _69 _60 __0 00001F10001F Teplota
C3 100 100 __0 000000102B4B Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 5653 4A39 4153 4130 3238 3037 2020 2020 2020
020: 0003 FFFF 0004 3141 4730 3131 3138 5341 4D53 554E
030: 4720 4844 3130 3353 4920 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 40FF 006D
090: 006D 0000 FFFE 0000 FE00 0008 0007 006C 86A0 0001
100: 6DB0 7470 0000 0000 0064 0000 0000 0000 5002 4E92
110: 0126 055F 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 47A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 52 52 74 18 00 00 00 00 00 04 32 00 62 62 BC
020: 06 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 FD FD 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 63 63 84
050: 18 00 00 00 00 00 0A 33 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 01 00 00 00 00 00 00 0C 32
070: 00 63 63 11 04 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 4B 3B 19 00 10 19 00
0C0: 00 00 C2 22 00 45 3C 1F 00 10 1F 00 00 00 C3 1A
0D0: 00 64 64 4B 2B 10 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 93 33 00 7B
170: 03 00 01 00 02 DD 17 DD 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DD

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10

#15 Příspěvek od **altrok** » 21 kvě 2015 17:28

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

VIRY.CZ

pc občas zpomalí, po chvíli jde normálně

pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně

Re: pc občas zpomalí, po chvíli jde normálně