VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

pomalý ntb, podivné chování

https://forum.viry.cz:443/viewtopic.php?t=145349

Stránka 1 z 2

pomalý ntb, podivné chování

Napsal: 23 črc 2015 19:56
od elina
zdravím a prosím o kontrolu logu. děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Nakloši (ATTENTION: The logged in user is not administrator) on OKAY-TOSH on 23-07-2015 20:37:48
Running from C:\Users\Nakloši\Desktop
Loaded Profiles: Nakloši (Available Profiles: okay & Nakloši)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> winlogon.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> AvastSvc.exe
Failed to access process -> GFNEXSrv.exe
Failed to access process -> taskeng.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> apnmcp.exe
Failed to access process -> HD-LogRotatorService.exe
Failed to access process -> SkypeC2CAutoUpdateSvc.exe
Failed to access process -> SkypeC2CPNRSvc.exe
Failed to access process -> svchost.exe
Failed to access process -> HeciServer.exe
Failed to access process -> IntelMeFWService.exe
Failed to access process -> Jhi_service.exe
Failed to access process -> PnkBstrA.exe
Failed to access process -> sftvsa.exe
Failed to access process -> svchost.exe
Failed to access process -> Thorn.exe
Failed to access process -> TODDSrv.exe
Failed to access process -> tor.exe
Failed to access process -> TosCoSrv.exe
Failed to access process -> WLIDSVC.EXE
Failed to access process -> ThornHelper.exe
Failed to access process -> WLIDSVCM.EXE
Failed to access process -> WmiPrvSE.exe
Failed to access process -> sftlist.exe
Failed to access process -> unsecapp.exe
Failed to access process -> TecoService.exe
Failed to access process -> CVHSVC.EXE
Failed to access process -> TrustedInstaller.exe
Failed to access process -> svchost.exe
Failed to access process -> GoogleUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
Failed to access process -> SearchIndexer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
Failed to access process -> sppsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
Failed to access process -> LMS.exe
Failed to access process -> NASvc.exe
Failed to access process -> svchost.exe
Failed to access process -> TMachInfo.exe
Failed to access process -> wmpnetwk.exe
Failed to access process -> AvastEmUpdate.exe
Failed to access process -> TPCHSrv.exe
Failed to access process -> TosSmartSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
Failed to access process -> UNS.exe
Failed to access process -> svchost.exe
Failed to access process -> AvastEmUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
Failed to access process -> instup.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\setup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
Failed to access process -> GoogleUpdate.exe
Failed to access process -> GoogleUpdate.exe
Failed to access process -> WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Failed to access process -> SearchFilterHost.exe
Failed to access process -> SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-16] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-05-13] (Toshiba Europe GmbH)
HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-02] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-12] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SweetIM] => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1003\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2012-05-13]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2012-08-10]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2012-08-10]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Nakloši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2015-02-22]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-06] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
SearchScopes: HKLM -> DefaultScope {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... lz=1I7TEUA;
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM -> {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... lz=1I7TEUA;
SearchScopes: HKLM-x32 -> DefaultScope {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... lz=1I7TEUA;
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2448} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 -> {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... lz=1I7TEUA;
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 72B97D3158}
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1003 -> DefaultScope {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL =
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1003 -> {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL =
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120514000649.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-11-03] (<TOSHIBA>)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120514000649.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06] (SweetIM Technologies Ltd.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-11-03] (<TOSHIBA>)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06] (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{5B47D0E5-CD98-4B0F-B474-1E4D315A0F8C}: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C4A7203F-FE3C-47E6-A6CF-27C1BAA3B867}: [DhcpNameServer] 217.170.96.24 217.170.96.2

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-01-13] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha270.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta745.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha2054.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2426.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home668.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff [not found]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2015-06-04]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\okay\AppData\Local\torchimeshmoviestoolbar\GC\toolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\okay\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bhfbhjmaihhiaeomkhaclnjkkdpeaoda] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ch\WebexpEnhancedV1alpha270.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cinjoofaljijhdgjdhlhmgpnnogohoof] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ch\MediaWatchV1home668.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [emchhmbhaanhldpfkjigehhnkdijijcc] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ch\VideoPlayerV3beta745.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\okay\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [hbkndlbkicghdmapkohkcbmommggooei] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ch\MediaViewV1alpha2426.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hkkoojlbbjfjlljffbihmpjjipicnmkg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ch\MediaViewerV1alpha2054.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx [2014-06-24]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2015-06-04]
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-10] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [21504 2011-03-01] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [21504 2011-03-01] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [21504 2011-03-01] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-06-22] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed] <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Thorn; C:\Users\okay\AppData\Local\THORN\Thorn.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-14] (Symantec Corporation)
R1 nethfdrv; C:\windows\system32\drivers\nethfdrv.sys [46160 2014-09-08] (nethfdrv)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [21096 2012-01-05] (Realtek Microelectronics)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1082472 2012-01-17] (Realtek Semiconductor Corporation )
U3 Thetta; C:\Windows\System32\DRIVERS\Thetta64.sys [333016 2014-04-14] (Windows (R) Win 7 DDK provider)
S3 Tosrfcom; No ImagePath
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 TDEIO; \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 20:37 - 2015-07-23 20:38 - 00031389 _____ C:\Users\Nakloši\Desktop\FRST.txt
2015-07-23 20:37 - 2015-07-23 20:37 - 00000000 ____D C:\FRST
2015-07-23 20:36 - 2015-07-23 20:36 - 02135552 _____ (Farbar) C:\Users\Nakloši\Desktop\FRST64.exe
2015-07-23 20:34 - 2015-07-23 20:34 - 00401720 _____ (Trend Micro Inc.) C:\Users\Nakloši\Desktop\HijackThis.exe
2015-06-26 13:50 - 2015-06-26 13:50 - 523858530 _____ C:\windows\MEMORY.DMP
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\windows\Minidump
2015-06-26 07:14 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-26 07:14 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-26 07:14 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-26 07:14 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-26 07:14 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-26 07:14 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-26 07:14 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-26 07:14 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-26 07:14 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-26 07:14 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-26 07:10 - 2013-09-24 18:05 - 00004639 _____ C:\Users\Nakloši\Desktop\NAKLÁDAL_LADISLAV.p12
2015-06-26 06:46 - 2015-06-26 06:46 - 00002270 _____ C:\Users\Nakloši\Desktop\Google Chrome.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 20:38 - 2012-05-14 00:01 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-23 20:33 - 2012-08-10 21:10 - 01436578 _____ C:\windows\WindowsUpdate.log
2015-07-23 20:23 - 2014-03-11 19:07 - 00003110 _____ C:\windows\Tasks\FLV Player Addon-chromeinstaller.job
2015-07-23 20:23 - 2014-03-11 19:07 - 00002332 _____ C:\windows\Tasks\FLV Player Addon-firefoxinstaller.job
2015-07-23 20:23 - 2012-12-27 08:56 - 00000360 _____ C:\windows\Tasks\AmiUpdXp.job
2015-07-23 20:23 - 2012-08-10 21:16 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-07-23 20:23 - 2012-05-14 00:01 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-23 20:22 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-23 20:21 - 2009-07-14 06:51 - 00111841 _____ C:\windows\setupact.log
2015-06-27 10:58 - 2013-01-05 14:53 - 00000924 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000UA.job
2015-06-27 10:27 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-27 10:27 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-27 10:06 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-27 09:54 - 2011-02-14 10:37 - 00694804 _____ C:\windows\system32\perfh005.dat
2015-06-27 09:54 - 2011-02-14 10:37 - 00150746 _____ C:\windows\system32\perfc005.dat
2015-06-27 09:54 - 2009-07-14 07:13 - 01639094 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-27 09:24 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-26 16:36 - 2012-08-10 21:16 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-06-26 14:27 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-06-26 13:58 - 2013-01-05 14:53 - 00000902 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000Core.job
2015-06-26 08:52 - 2014-06-21 21:49 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-26 08:03 - 2009-07-14 06:45 - 00267368 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-26 07:56 - 2015-04-10 03:10 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-06-26 07:56 - 2015-04-10 03:10 - 00000000 ___SD C:\windows\system32\GWX
2015-06-26 07:56 - 2014-12-11 04:26 - 00000000 ____D C:\windows\system32\appraiser
2015-06-26 07:56 - 2014-05-07 06:02 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-26 07:56 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-26 07:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-06-26 06:58 - 2013-01-17 22:17 - 01664190 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-06-26 06:58 - 2013-01-17 22:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-06-24 12:46 - 2013-04-15 14:51 - 00000450 ____H C:\windows\Tasks\Norton Security Scan for okay.job
2015-06-24 10:59 - 2015-02-22 09:06 - 00000000 __SHD C:\Users\Nakloši\AppData\Local\EmieUserList
2015-06-24 10:59 - 2015-02-22 09:06 - 00000000 __SHD C:\Users\Nakloši\AppData\Local\EmieSiteList
2015-06-24 10:59 - 2015-02-22 09:06 - 00000000 __SHD C:\Users\Nakloši\AppData\Local\EmieBrowserModeList
2015-06-24 10:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-24 10:55 - 2014-02-27 18:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-24 10:55 - 2014-02-27 18:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-24 10:55 - 2010-11-21 05:47 - 00545466 _____ C:\windows\PFRO.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

Re: pomalý ntb, podivné chování

Napsal: 23 črc 2015 20:19
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: pomalý ntb, podivné chování

Napsal: 23 črc 2015 21:47
od elina
zde je log z adwcleaner
# AdwCleaner v4.208 - Log vytvořen 23/07/2015 v 22:39:10
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Nakloši - OKAY-TOSH
# Spuštěno z : C:\Users\Nakloši\Desktop\AdwCleaner.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

[!] Složka Smazáno : C:\ProgramData\apn
[!] Složka Smazáno : C:\ProgramData\Ask
[!] Složka Smazáno : C:\ProgramData\AskPartnerNetwork
[!] Složka Smazáno : C:\ProgramData\Babylon
[!] Složka Smazáno : C:\ProgramData\BitGuard
[!] Složka Smazáno : C:\ProgramData\Browser Manager
[!] Složka Smazáno : C:\ProgramData\BrowserProtect
[!] Složka Smazáno : C:\ProgramData\Partner
[!] Složka Smazáno : C:\ProgramData\SafetyNut
[!] Složka Smazáno : C:\ProgramData\SweetIM
[!] Složka Smazáno : C:\ProgramData\torchcrashhandler
[!] Složka Smazáno : C:\ProgramData\wincert
[!] Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
[!] Složka Smazáno : C:\Program Files (x86)\FilesFrog Update Checker
[!] Složka Smazáno : C:\Program Files (x86)\SweetIM
[!] Složka Smazáno : C:\Program Files (x86)\GotClip
[!] Složka Smazáno : C:\Program Files (x86)\FLV Player
[!] Složka Smazáno : C:\Program Files (x86)\FLV Player Addon
[!] Složka Smazáno : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
[!] Složka Smazáno : C:\windows\SysWOW64\ARFC
[!] Složka Smazáno : C:\windows\SysWOW64\jmdp
[!] Složka Smazáno : C:\windows\SysWOW64\WNLT
Složka Smazáno : C:\Users\NAKLOI~1\AppData\Local\Temp\apn
[!] Složka Smazáno : C:\windows\System32\ljkb
[!] Složka Smazáno : C:\Users\okay\AppData\Local\SwvUpdater
Soubor Smazáno : C:\windows\SysWOW64\hfpapi.dll
Soubor Smazáno : C:\windows\System32\dmwu.exe
Soubor Smazáno : C:\windows\System32\ImhxxpComm.dll
Soubor Smazáno : C:\windows\System32\drivers\nethfdrv.sys

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\AskPartnerNetwork

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.130


*************************

AdwCleaner[R].txt - [28136 bytů] - [23/07/2015 22:38:00]
AdwCleaner[S].txt - [2713 bytů] - [23/07/2015 22:39:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S].txt - [2770 bytů] ##########

ještě přidám log z druhého účtu(admin), pokud se mi ho vůbec podaří vytvořit

Re: pomalý ntb, podivné chování

Napsal: 24 črc 2015 07:45
od elina
tady je log z druhého účtu, chod na něm je extrémě pomalý v podstatě nepoužitelný
# AdwCleaner v4.208 - Log vytvořen 23/07/2015 v 23:30:05
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : okay - OKAY-TOSH
# Spuštěno z : C:\Users\okay\Desktop\AdwCleaner.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : APNMCP
Služba Smazáno : nethfdrv

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\Ask
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\Babylon
[#] Složka Smazáno : C:\ProgramData\BitGuard
[#] Složka Smazáno : C:\ProgramData\Browser Manager
[#] Složka Smazáno : C:\ProgramData\BrowserProtect
Složka Smazáno : C:\ProgramData\Partner
Složka Smazáno : C:\ProgramData\SafetyNut
[#] Složka Smazáno : C:\ProgramData\SweetIM
Složka Smazáno : C:\ProgramData\torchcrashhandler
Složka Smazáno : C:\ProgramData\wincert
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\FilesFrog Update Checker
Složka Smazáno : C:\Program Files (x86)\SweetIM
Složka Smazáno : C:\Program Files (x86)\GotClip
Složka Smazáno : C:\Program Files (x86)\FLV Player
Složka Smazáno : C:\Program Files (x86)\FLV Player Addon
Složka Smazáno : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Smazáno : C:\windows\SysWOW64\ARFC
Složka Smazáno : C:\windows\SysWOW64\jmdp
Složka Smazáno : C:\windows\SysWOW64\WNLT
Složka Smazáno : C:\Users\okay\AppData\Local\Temp\apn
Složka Smazáno : C:\windows\System32\ljkb
Složka Smazáno : C:\Users\okay\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\okay\AppData\Local\onlysearch
Složka Smazáno : C:\Users\okay\AppData\Local\somotomoviestoolbar1
[#] Složka Smazáno : C:\Users\okay\AppData\Local\SwvUpdater
Složka Smazáno : C:\Users\okay\AppData\Local\torch
Složka Smazáno : C:\Users\okay\AppData\Local\webplayer
Složka Smazáno : C:\Users\okay\AppData\Local\torchimeshmoviestoolbar
Složka Smazáno : C:\Users\okay\AppData\LocalLow\somotomoviestoolbar1
Složka Smazáno : C:\Users\okay\AppData\LocalLow\SweetIM
Složka Smazáno : C:\Users\okay\AppData\LocalLow\torchimeshmoviestoolbar
Složka Smazáno : C:\Users\okay\AppData\Roaming\BabSolution
Složka Smazáno : C:\Users\okay\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Složka Smazáno : C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Složka Smazáno : C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Složka Smazáno : C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Složka Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Složka Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp
Složka Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgonpmchaeokedifbjenbcnjcdefdceg
Složka Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Složka Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Složka Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn
[/!\] Ne Smazáno ( Junction ) : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgonpmchaeokedifbjenbcnjcdefdceg
[/!\] Ne Smazáno ( Junction ) : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgonpmchaeokedifbjenbcnjcdefdceg
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhhjmlmdpcpiojiffodbldlkgcnaeogp_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhhjmlmdpcpiojiffodbldlkgcnaeogp_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dhhjmlmdpcpiojiffodbldlkgcnaeogp
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lgonpmchaeokedifbjenbcnjcdefdceg_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lgonpmchaeokedifbjenbcnjcdefdceg_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lgonpmchaeokedifbjenbcnjcdefdceg_0
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgonpmchaeokedifbjenbcnjcdefdceg
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaafeopjhkcolncjbedbhofpocmdbn_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaafeopjhkcolncjbedbhofpocmdbn_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lgonpmchaeokedifbjenbcnjcdefdceg_0
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgonpmchaeokedifbjenbcnjcdefdceg
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lgonpmchaeokedifbjenbcnjcdefdceg_0
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgonpmchaeokedifbjenbcnjcdefdceg
Soubor Smazáno : C:\windows\SysWOW64\hfpapi.dll
Soubor Smazáno : C:\Users\okay\AppData\Local\Temp\uninstaller.exe
Soubor Smazáno : C:\windows\System32\dmwu.exe
Soubor Smazáno : C:\windows\System32\ImhxxpComm.dll
Soubor Smazáno : C:\windows\System32\drivers\nethfdrv.sys
Soubor Smazáno : C:\Users\okay\AppData\LocalLow\SkwConfig.bin
Soubor Smazáno : C:\Users\okay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fromdoctopdf.dl.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.babylon.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.babylon.com_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
Soubor Smazáno : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : AmiUpdXp
Úloha Smazáno : EPUpdater
Úloha Smazáno : FLV Player Addon-chromeinstaller
Úloha Smazáno : FLV Player Addon-firefoxinstaller

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaigjndjblmpeckabiffcpogflfgl
Klíč Smazáno : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FLV Player]
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Klíč Smazáno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Klíč Smazáno : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Klíč Smazáno : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Klíč Smazáno : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\sim-packages
Klíč Smazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíč Smazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíč Smazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Klíč Smazáno : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Klíč Smazáno : HKLM\SOFTWARE\Classes\SDP
Klíč Smazáno : HKCU\Software\5e48a8dbc6ae940
Klíč Smazáno : HKLM\SOFTWARE\5e48a8dbc6ae940
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{00E84D59-9355-434E-84CB-7A37940BB30C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2448}
Klíč Smazáno : HKCU\Software\APN DTX
Klíč Smazáno : HKCU\Software\APNDTX
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\BABSOLUTION
Klíč Smazáno : HKCU\Software\BabylonToolbar
Klíč Smazáno : HKCU\Software\BI
Klíč Smazáno : HKCU\Software\DataMngr
[#] Klíč Smazáno : HKCU\Software\DataMngr_Toolbar
Klíč Smazáno : HKCU\Software\filescout
Klíč Smazáno : HKCU\Software\IM
Klíč Smazáno : HKCU\Software\ImInstaller
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\SafetyNut
Klíč Smazáno : HKCU\Software\Somoto
Klíč Smazáno : HKCU\Software\somotomoviestoolbar1
Klíč Smazáno : HKCU\Software\SweetIM
Klíč Smazáno : HKCU\Software\torch
Klíč Smazáno : HKCU\Software\Webplayer
Klíč Smazáno : HKCU\Software\WNLT
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Babylon
Klíč Smazáno : HKLM\SOFTWARE\BetterSurf
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\SafetyNut
Klíč Smazáno : HKLM\SOFTWARE\SweetIM
Klíč Smazáno : HKLM\SOFTWARE\torch
Klíč Smazáno : HKLM\SOFTWARE\WNLT
Klíč Smazáno : HKLM\SOFTWARE\Webexp Enhanced
Klíč Smazáno : HKLM\SOFTWARE\Video Player
Klíč Smazáno : HKLM\SOFTWARE\VideoPlayerV3
Klíč Smazáno : HKLM\SOFTWARE\Better-Surf
Klíč Smazáno : HKLM\SOFTWARE\FLV Player Addon
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKU\.DEFAULT\Software\IM
Klíč Smazáno : HKU\.DEFAULT\Software\ImInstaller
Klíč Smazáno : HKU\.DEFAULT\Software\SweetIM
Klíč Smazáno : HKU\.DEFAULT\Software\WNLT
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0110EF3B-85D7-4365-B585-4C521CFA9064}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\WNLT
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\B3FE01107D5856345B58C425C1AF0946
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\B3FE01107D5856345B58C425C1AF0946
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B3FE01107D5856345B58C425C1AF0946
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v43.0.2357.130

[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=102&systemid=473&v=a12281-193&apn_uid=7550441437214454&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=A ... earchTerms}
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://isearch.babylon.com/?q={searchTerms}&s=web&as=3&sd=1&babsrc=SP_ss_din2g
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=A ... earchTerms}
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aaaaimdcedbpbcjjbbnfcbbjcngmomic
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : dhhjmlmdpcpiojiffodbldlkgcnaeogp
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : lgonpmchaeokedifbjenbcnjcdefdceg
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : pljcgbedjplidkdjahbaalanadmjfgop
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : oiokahphinmbmakkehgelkmpolmnbkdh
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aaaaafeopjhkcolncjbedbhofpocmdbn
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : fcfenmboojpjinhpgggodefccipikbpd
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aaaaaigjndjblmpeckabiffcpogflfgl
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : lgonpmchaeokedifbjenbcnjcdefdceg
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : lgonpmchaeokedifbjenbcnjcdefdceg
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Default_Search_Provider_Data] : hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}",
"usage_count": 0
}
},
"extensions": {
"settings": {
"aaaaafeopjhkcolncjbedbhofpocmdbn": {
"ack_ntp_bubble": true,
"ack_settings_bubble": true,
"active_permissions": {
"api": [ "management", "nativeMessaging", "searchProvider", "startupPages", "storage", "tabs", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ]
},
"commands": {

},
"content_settings": [ ],
"creation_flags": 9,
"events": [ ],
"extension_can_script_all_urls": true,
"from_bookmark": false,
"from_webstore": true,
"granted_permissions": {
"api": [ "management", "nativeMessaging", "searchProvider", "startupPages", "storage", "tabs", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {

},
"initial_keybindings_set": true,
"install_time": "13068982641987378",
"install_warning_on_enable": false,
"lastpingday": "13078306805481792",
"location": 1,
"manifest": {
"background": {
"scripts": [ "common/config.js", "common/registry.js", "common/utils.js", "common/regHelper.js", "common/background.js", "common/reporting.js", "settings/common/assets.js", "settings/common/redirect.js", "settings/Imesh/background.js" ]
},
"chrome_settings_overrides": {
"search_provider": {
"alternate_urls": [ ],
"encoding": "UTF-8

*************************

AdwCleaner[R0].txt - [45706 bytů] - [23/07/2015 23:11:10]
AdwCleaner[R].txt - [28136 bytů] - [23/07/2015 22:38:00]
AdwCleaner[S0].txt - [40767 bytů] - [23/07/2015 23:30:05]
AdwCleaner[S].txt - [2848 bytů] - [23/07/2015 22:39:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [40883 bytů] ##########

Re: pomalý ntb, podivné chování

Napsal: 24 črc 2015 17:50
od Rudy
Dejte nový log FRST.

Re: pomalý ntb, podivné chování

Napsal: 25 črc 2015 22:06
od elina
vkládám nový log frst, jen pro info od spuštění PC do konce skenu a vytvoření logu to trvalo 100min.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by okay (administrator) on OKAY-TOSH on 25-07-2015 20:29:41
Running from C:\Users\okay\Desktop
Loaded Profiles: okay (Available Profiles: okay & Nakloši)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\GFNEXSrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(GGS) C:\Users\okay\AppData\Local\THORN\Thorn.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
() C:\Program Files (x86)\Tor\tor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(GGS) C:\Users\okay\AppData\Local\THORN\ThornHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-16] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-05-13] (Toshiba Europe GmbH)
HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-02] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-12] (TOSHIBA Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-23] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-05] (Facebook Inc.)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-14] (Google Inc.)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [SysProc] => C:\Users\Public\Public\run_shc.lnk
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2012-05-13]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2012-08-10]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2012-08-10]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-23] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TEUA
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig/redirectdomain ... &bmod=TEUA
SearchScopes: HKLM -> {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... lz=1I7TEUA;
SearchScopes: HKLM-x32 -> {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... lz=1I7TEUA;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {069960A0-41D5-4A16-8EA8-D2330B3029E9} URL = http://www.bing.com/search?FORM=SKY2DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {5157306F-1E77-430E-A141-E32C124B333A} URL = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {B30F4F42-B43F-47CD-B0DD-42FBF55E66AE} URL = http://www.google.com/search?sourceid=i ... UA_csCZ514
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120514000649.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-23] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-11-03] (<TOSHIBA>)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120514000649.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-23] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-23] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-11-03] (<TOSHIBA>)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{5B47D0E5-CD98-4B0F-B474-1E4D315A0F8C}: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C4A7203F-FE3C-47E6-A6CF-27C1BAA3B867}: [DhcpNameServer] 217.170.96.24 217.170.96.2

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-01-13] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1536827011-1506584884-3019231061-1000: @eximion.com/KalydoPlayer -> C:\Users\okay\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2012-09-24] (Eximion B.V.)
FF Plugin HKU\S-1-5-21-1536827011-1506584884-3019231061-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-4d8b1955ef2740b3\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1536827011-1506584884-3019231061-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\okay\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1536827011-1506584884-3019231061-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\okay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-14] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha270.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta745.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha2054.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2426.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home668.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff [not found]

Chrome:
=======
CHR Profile: C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-04]
CHR Extension: (Avast Online Security) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-25]
CHR Extension: (Skype Click to Call) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-06]
CHR Extension: (Google Wallet) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [bhfbhjmaihhiaeomkhaclnjkkdpeaoda] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ch\WebexpEnhancedV1alpha270.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cinjoofaljijhdgjdhlhmgpnnogohoof] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ch\MediaWatchV1home668.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [emchhmbhaanhldpfkjigehhnkdijijcc] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ch\VideoPlayerV3beta745.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-23]
CHR HKLM-x32\...\Chrome\Extension: [hbkndlbkicghdmapkohkcbmommggooei] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ch\MediaViewV1alpha2426.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hkkoojlbbjfjlljffbihmpjjipicnmkg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ch\MediaViewerV1alpha2054.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-23] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-23] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-10] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-06-22] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Thorn; C:\Users\okay\AppData\Local\THORN\Thorn.exe [57200 2015-05-27] (GGS)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed] <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-23] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-14] (Symantec Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-23] (AVAST Software)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [21096 2012-01-05] (Realtek Microelectronics)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1082472 2012-01-17] (Realtek Semiconductor Corporation )
S3 Thetta; C:\Windows\System32\DRIVERS\Thetta64.sys [333016 2014-04-14] (Windows (R) Win 7 DDK provider)
S3 Tosrfcom; No ImagePath
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-23] (Avast Software)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 TDEIO; \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 20:29 - 2015-07-25 20:40 - 00028048 _____ C:\Users\okay\Desktop\FRST.txt
2015-07-25 20:20 - 2015-07-25 20:20 - 00000000 ____D C:\Users\okay\Desktop\FRST-OlderVersion
2015-07-25 11:43 - 2015-07-25 11:43 - 00000000 ____D C:\Users\okay\AppData\Local\GWX
2015-07-24 12:16 - 2015-07-24 12:16 - 00000000 ____D C:\Users\Nakloši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-07-24 12:16 - 2015-07-24 12:16 - 00000000 ____D C:\Users\Nakloši\AppData\Local\Microsoft Games
2015-07-24 00:08 - 2015-07-24 00:25 - 00000000 ____D C:\windows\SysWOW64\vbox
2015-07-24 00:08 - 2015-07-24 00:25 - 00000000 ____D C:\windows\system32\vbox
2015-07-23 23:27 - 2015-07-23 23:27 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-23 22:37 - 2015-07-24 00:02 - 00000000 ____D C:\AdwCleaner
2015-07-23 22:37 - 2015-07-23 22:37 - 02248704 _____ C:\Users\Nakloši\Desktop\AdwCleaner.exe
2015-07-23 22:33 - 2015-07-23 22:33 - 00000000 ____D C:\Users\Nakloši\AppData\Roaming\AVAST Software
2015-07-23 22:19 - 2015-07-23 22:21 - 02248704 _____ C:\Users\okay\Desktop\AdwCleaner.exe
2015-07-23 21:41 - 2015-07-23 21:41 - 02135552 _____ (Farbar) C:\Users\okay\Desktop\FRST64.exe
2015-07-23 21:17 - 2015-07-23 21:18 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nakloši\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-23 21:04 - 2015-07-23 21:04 - 00001893 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-23 21:04 - 2015-07-23 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-23 21:04 - 2015-07-23 21:01 - 00115152 _____ (AVAST Software) C:\windows\system32\Drivers\ngvss.sys
2015-07-23 21:03 - 2015-07-23 21:03 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-07-23 21:02 - 2015-07-23 21:02 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-07-23 21:00 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-23 21:00 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-23 21:00 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-23 21:00 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-23 21:00 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-23 21:00 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-23 21:00 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-23 21:00 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-23 21:00 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-23 21:00 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-23 21:00 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-23 21:00 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-23 21:00 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-23 21:00 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-23 21:00 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-23 21:00 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-23 21:00 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-23 20:59 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-23 20:59 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-23 20:59 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-23 20:59 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-23 20:59 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-23 20:59 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-23 20:59 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-23 20:59 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-23 20:59 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-23 20:59 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-23 20:59 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-23 20:59 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-23 20:59 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-23 20:59 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-23 20:59 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-23 20:59 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-23 20:59 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-23 20:59 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-23 20:59 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-23 20:59 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-23 20:59 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-23 20:59 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-23 20:59 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-23 20:59 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-23 20:59 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-23 20:59 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-23 20:59 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-23 20:59 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-23 20:59 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-23 20:59 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-23 20:59 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-23 20:59 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-23 20:59 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-23 20:59 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-23 20:58 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-23 20:58 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-23 20:58 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-23 20:58 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-23 20:58 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-23 20:58 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-23 20:58 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-23 20:58 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-23 20:58 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-23 20:58 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-23 20:58 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-23 20:58 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-23 20:58 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-23 20:58 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-23 20:58 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-23 20:58 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-23 20:58 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-23 20:58 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-23 20:58 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-23 20:58 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-23 20:58 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-23 20:58 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-23 20:58 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-23 20:58 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-23 20:58 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-23 20:58 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-23 20:57 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-23 20:57 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-23 20:57 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-23 20:57 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-23 20:57 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-23 20:57 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-23 20:57 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-23 20:57 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-23 20:57 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-23 20:57 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-23 20:57 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-23 20:57 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-23 20:57 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-23 20:57 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-23 20:57 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-23 20:57 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-23 20:57 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-23 20:57 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-23 20:55 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-23 20:55 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-23 20:55 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-23 20:55 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-23 20:55 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-23 20:55 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-23 20:55 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-23 20:55 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-23 20:55 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-23 20:55 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-23 20:55 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-23 20:55 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-23 20:55 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-23 20:55 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-23 20:55 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-23 20:55 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-23 20:55 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-23 20:55 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-23 20:55 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-23 20:55 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-23 20:55 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-23 20:55 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-23 20:55 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-23 20:55 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-23 20:55 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-23 20:55 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-23 20:55 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-23 20:55 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-23 20:55 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-23 20:55 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-23 20:55 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-23 20:54 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-23 20:54 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-23 20:54 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-23 20:54 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-23 20:54 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-23 20:54 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-23 20:54 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-23 20:54 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-23 20:39 - 2015-07-23 20:39 - 00042403 _____ C:\Users\Nakloši\Desktop\Addition.txt
2015-07-23 20:37 - 2015-07-25 20:38 - 00000000 ____D C:\FRST
2015-07-23 20:37 - 2015-07-23 20:39 - 00038352 _____ C:\Users\Nakloši\Desktop\FRST.txt
2015-07-23 20:36 - 2015-07-23 20:36 - 02135552 _____ (Farbar) C:\Users\Nakloši\Desktop\FRST64.exe
2015-07-23 20:34 - 2015-07-23 20:34 - 00401720 _____ (Trend Micro Inc.) C:\Users\Nakloši\Desktop\HijackThis.exe
2015-06-26 13:50 - 2015-06-26 13:50 - 523858530 _____ C:\windows\MEMORY.DMP
2015-06-26 13:50 - 2015-06-26 13:50 - 00280904 _____ C:\windows\Minidump\062615-25147-01.dmp
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\windows\Minidump
2015-06-26 07:14 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-26 07:14 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-26 07:14 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-26 07:14 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-26 07:14 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-26 07:14 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-26 07:14 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-26 07:14 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-26 07:14 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-26 07:14 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-26 07:10 - 2013-09-24 18:05 - 00004639 _____ C:\Users\Nakloši\Desktop\NAKLÁDAL_LADISLAV.p12
2015-06-26 06:46 - 2015-06-26 06:46 - 00002270 _____ C:\Users\Nakloši\Desktop\Google Chrome.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 20:58 - 2012-05-14 00:01 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 20:57 - 2012-05-14 00:01 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 20:40 - 2012-08-10 21:10 - 01386938 _____ C:\windows\WindowsUpdate.log
2015-07-25 20:29 - 2012-12-13 21:30 - 00000000 ____D C:\Users\okay\AppData\Roaming\Skype
2015-07-25 20:24 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 20:24 - 2009-07-14 06:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 20:18 - 2015-04-10 03:10 - 00000000 ___SD C:\windows\system32\GWX
2015-07-25 20:18 - 2014-06-21 21:49 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-25 20:16 - 2012-08-10 21:16 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-07-25 20:06 - 2013-09-23 10:56 - 00000000 ____D C:\Users\okay\AppData\Local\THORN
2015-07-25 20:06 - 2013-04-15 14:51 - 00000450 ____H C:\windows\Tasks\Norton Security Scan for okay.job
2015-07-25 20:06 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-25 20:06 - 2009-07-14 06:51 - 00112233 _____ C:\windows\setupact.log
2015-07-25 16:04 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-07-25 14:00 - 2013-01-05 14:53 - 00000924 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000UA.job
2015-07-25 13:59 - 2013-01-05 14:53 - 00000902 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000Core.job
2015-07-25 11:44 - 2014-02-25 14:31 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-07-24 08:06 - 2009-07-14 06:45 - 00267368 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-24 08:04 - 2015-04-10 03:10 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-24 08:04 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-24 08:03 - 2014-12-11 04:26 - 00000000 ____D C:\windows\system32\appraiser
2015-07-24 08:03 - 2014-05-07 06:02 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-24 05:14 - 2013-08-18 22:03 - 00000000 ____D C:\windows\system32\MRT
2015-07-23 22:00 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-23 21:27 - 2010-11-21 05:47 - 00549652 _____ C:\windows\PFRO.log
2015-07-23 21:03 - 2014-08-06 15:58 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-07-23 21:03 - 2014-02-25 14:31 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-07-23 21:03 - 2014-02-25 14:31 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-07-23 21:03 - 2014-02-25 14:31 - 00150160 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-07-23 21:03 - 2014-02-25 14:31 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-07-23 21:03 - 2014-02-25 14:31 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-07-23 21:03 - 2014-02-25 14:31 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-07-23 21:01 - 2014-02-25 14:31 - 01048856 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2015-07-23 20:52 - 2015-06-10 08:33 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-23 20:52 - 2012-05-14 00:01 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-03 08:43 - 2012-12-25 08:27 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-27 10:20 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-27 10:06 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-27 09:54 - 2011-02-14 10:37 - 00694804 _____ C:\windows\system32\perfh005.dat
2015-06-27 09:54 - 2011-02-14 10:37 - 00150746 _____ C:\windows\system32\perfc005.dat
2015-06-27 09:54 - 2009-07-14 07:13 - 01639094 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-26 16:36 - 2012-08-10 21:16 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-06-26 07:56 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-26 07:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-06-26 06:58 - 2013-01-17 22:17 - 01664190 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-06-26 06:58 - 2013-01-17 22:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client

==================== Files in the root of some directories =======

2014-01-10 12:46 - 2014-01-17 13:02 - 0000124 _____ () C:\Users\okay\AppData\Roaming\msjtbb.dat
2013-12-26 16:28 - 2014-01-17 13:02 - 0000584 _____ () C:\Users\okay\AppData\Roaming\msjtdp.dat

Some files in TEMP:
====================
C:\Users\Nakloši\AppData\Local\Temp\Quarantine.exe
C:\Users\Nakloši\AppData\Local\Temp\sqlite3.dll
C:\Users\okay\AppData\Local\Temp\APNSetup.exe
C:\Users\okay\AppData\Local\Temp\applinstall.exe
C:\Users\okay\AppData\Local\Temp\atcMedia2061423056953.exe
C:\Users\okay\AppData\Local\Temp\atcMedia9651422888731.exe
C:\Users\okay\AppData\Local\Temp\BetterSurfPlusInstaller.exe
C:\Users\okay\AppData\Local\Temp\bitool.dll
C:\Users\okay\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\okay\AppData\Local\Temp\Delta.exe
C:\Users\okay\AppData\Local\Temp\DeltaTB.exe
C:\Users\okay\AppData\Local\Temp\drvinst-1.exe
C:\Users\okay\AppData\Local\Temp\drvinst-2.exe
C:\Users\okay\AppData\Local\Temp\drvinst001.exe
C:\Users\okay\AppData\Local\Temp\drvinst01.exe
C:\Users\okay\AppData\Local\Temp\drvinstal.exe
C:\Users\okay\AppData\Local\Temp\drvinstal1.exe
C:\Users\okay\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\okay\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\okay\AppData\Local\Temp\GenericUninstall.exe
C:\Users\okay\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\okay\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\okay\AppData\Local\Temp\mgsqlite3.dll
C:\Users\okay\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\okay\AppData\Local\Temp\MybabylonTB.exe
C:\Users\okay\AppData\Local\Temp\ochelper.exe
C:\Users\okay\AppData\Local\Temp\propsys.dll
C:\Users\okay\AppData\Local\Temp\Quarantine.exe
C:\Users\okay\AppData\Local\Temp\rad8513D.tmp_update.exe
C:\Users\okay\AppData\Local\Temp\set-app.exe
C:\Users\okay\AppData\Local\Temp\Setup-b.exe
C:\Users\okay\AppData\Local\Temp\setup21406.exe
C:\Users\okay\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\okay\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\okay\AppData\Local\Temp\SimboApp.exe
C:\Users\okay\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\okay\AppData\Local\Temp\SkypeSetup.exe
C:\Users\okay\AppData\Local\Temp\SQLite.dll
C:\Users\okay\AppData\Local\Temp\sqlite3.dll
C:\Users\okay\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\okay\AppData\Local\Temp\upd59332.exe
C:\Users\okay\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\okay\AppData\Local\Temp\Updater.exe
C:\Users\okay\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-25 14:36

==================== End of log ============================

Re: pomalý ntb, podivné chování

Napsal: 26 črc 2015 10:46
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-05] (Facebook Inc.)
C:\Users\okay\AppData\Local\Facebook\Update
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {069960A0-41D5-4A16-8EA8-D2330B3029E9} URL = http://www.bing.com/search?FORM=SKY2DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {5157306F-1E77-430E-A141-E32C124B333A} URL = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-23] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
C:\Program Files (x86)\BetterSurf
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha270.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta745.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha2054.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2426.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home668.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff
C:\Program Files (x86)\MediaWatchV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\VideoPlayerV3
C:\Program Files (x86)\WebexpEnhancedV1
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff [not found]
CHR HKLM-x32\...\Chrome\Extension: [bhfbhjmaihhiaeomkhaclnjkkdpeaoda] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ch\WebexpEnhancedV1alpha270.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cinjoofaljijhdgjdhlhmgpnnogohoof] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ch\MediaWatchV1home668.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [emchhmbhaanhldpfkjigehhnkdijijcc] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ch\VideoPlayerV3beta745.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hbkndlbkicghdmapkohkcbmommggooei] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ch\MediaViewV1alpha2426.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hkkoojlbbjfjlljffbihmpjjipicnmkg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ch\MediaViewerV1alpha2054.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed] <==== ATTENTION
S3 Tosrfcom; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\Norton Security Scan for okay.job
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000UA.job
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000Core.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Users\Nakloši\AppData\Local\Temp
C:\Users\okay\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: pomalý ntb, podivné chování

Napsal: 26 črc 2015 21:20
od elina
Vkládám nový log z FRST

Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by okay at 2015-07-26 18:40:58 Run:1
Running from C:\Users\okay\Desktop
Loaded Profiles: okay (Available Profiles: okay & Nakloši)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-05] (Facebook Inc.)
C:\Users\okay\AppData\Local\Facebook\Update
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {069960A0-41D5-4A16-8EA8-D2330B3029E9} URL = http://www.bing.com/search?FORM=SKY2DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> {5157306F-1E77-430E-A141-E32C124B333A} URL = http://mysearch.sweetpacks.com?src=6&q= ... id=&&st=23
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-23] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1536827011-1506584884-3019231061-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-23] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
C:\Program Files (x86)\BetterSurf
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha270.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta745.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha2054.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha2426.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home668.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff
C:\Program Files (x86)\MediaWatchV1
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\VideoPlayerV3
C:\Program Files (x86)\WebexpEnhancedV1
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff [not found]
CHR HKLM-x32\...\Chrome\Extension: [bhfbhjmaihhiaeomkhaclnjkkdpeaoda] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ch\WebexpEnhancedV1alpha270.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cinjoofaljijhdgjdhlhmgpnnogohoof] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ch\MediaWatchV1home668.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [emchhmbhaanhldpfkjigehhnkdijijcc] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ch\VideoPlayerV3beta745.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hbkndlbkicghdmapkohkcbmommggooei] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ch\MediaViewV1alpha2426.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hkkoojlbbjfjlljffbihmpjjipicnmkg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ch\MediaViewerV1alpha2054.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed] <==== ATTENTION
S3 Tosrfcom; No ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\Norton Security Scan for okay.job
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000UA.job
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000Core.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Users\Nakloši\AppData\Local\Temp
C:\Users\okay\AppData\Local\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value removed successfully
C:\Users\okay\AppData\Local\Facebook\Update => moved successfully.
C:\windows\system32\GroupPolicy\Machine => moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{069960A0-41D5-4A16-8EA8-D2330B3029E9}" => key removed successfully
HKCR\CLSID\{069960A0-41D5-4A16-8EA8-D2330B3029E9} => key not found.
"HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5157306F-1E77-430E-A141-E32C124B333A}" => key removed successfully
HKCR\CLSID\{5157306F-1E77-430E-A141-E32C124B333A} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-1536827011-1506584884-3019231061-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\xz123@ya456.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\12x3q@3244516.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com => value removed successfully
"C:\Program Files (x86)\BetterSurf" => File/Folder not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha270.net => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta745.net => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewerV1alpha2054.net => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha2426.net => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaWatchV1home668.net => value removed successfully
"C:\Program Files (x86)\MediaWatchV1" => File/Folder not found.
"C:\Program Files (x86)\MediaViewV1" => File/Folder not found.
"C:\Program Files (x86)\VideoPlayerV3" => File/Folder not found.
"C:\Program Files (x86)\WebexpEnhancedV1" => File/Folder not found.
C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff not found.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha270\ff not found.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta745\ff not found.
C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha2054\ff not found.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2426\ff not found.
C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home668\ff not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bhfbhjmaihhiaeomkhaclnjkkdpeaoda" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cinjoofaljijhdgjdhlhmgpnnogohoof" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\emchhmbhaanhldpfkjigehhnkdijijcc" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbkndlbkicghdmapkohkcbmommggooei" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hkkoojlbbjfjlljffbihmpjjipicnmkg" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => File/Folder not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service removed successfully
tor => Service stopped successfully.
tor => Service removed successfully
Tosrfcom => Service removed successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\windows\Tasks\Norton Security Scan for okay.job => moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000UA.job => moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1536827011-1506584884-3019231061-1000Core.job => moved successfully.
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully.
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully.
C:\Users\Nakloši\AppData\Local\Temp => moved successfully.

"C:\Users\okay\AppData\Local\Temp" folder move:

Could not move "C:\Users\okay\AppData\Local\Temp" folder => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-26 22:02:02)<=

"C:\Users\okay\AppData\Local\Temp" => Could not move

==== End of Fixlog 22:02:16 ====

Re: pomalý ntb, podivné chování

Napsal: 26 črc 2015 21:49
od Rudy
Smazáno. Nastala nějaká změna?

Re: pomalý ntb, podivné chování

Napsal: 26 črc 2015 21:57
od elina
zrychlený start PC, asi o 100% z 15min na 8, ale problémy stále trvají. seká se IE, nejde spustit chrome, tento příspěvek píši cca 3 min. 2x seknuto bez odezvy

Re: pomalý ntb, podivné chování

Napsal: 27 črc 2015 15:38
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: pomalý ntb, podivné chování

Napsal: 28 črc 2015 07:41
od elina
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 28.7.2015
Čas skenování: 8:06
Protokol:
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2015.07.28.01
Databáze rootkitů: v2015.07.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: okay

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 385495
Uplynulý čas: 32 min, 2 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)


PS: našel 54 různých hrozeb- několik malware, několik potencionálních hrozeb, ale v logu to není.

Re: pomalý ntb, podivné chování

Napsal: 28 črc 2015 16:59
od Rudy
Nějaká ptákovina? Pokud něco našel, v logu to musí být.

Re: pomalý ntb, podivné chování

Napsal: 28 črc 2015 17:38
od elina
dělám sken znovu, když tak to zkusím vypsat.

Re: pomalý ntb, podivné chování

Napsal: 28 črc 2015 18:24
od Rudy
OK. Případně sem vložte printscreen těch nálezů.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz