Dobré odpoledne, můj ntb s win vista 32bit (IE 9) je čím dál tím víc pomalejší, po zapnutí trvá třeba 5 minut než lze vůbec něco spustit, ze začátku se furt točí disk (tedy těch cca 5 minut). Je to otravné, A při prací je to rovněž velice pomalé.
Test na viry (Eset) jsem si dělal, rovnez Iobit Malware bez nálezu, čistím pravidelne Cleanerem- registr.
Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by PETU at 2015-10-21 14:48:24
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 3 GB (1%) free of 246 GB
Total RAM: 3070 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:58, on 21.10.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16708)
Boot mode: Normal
Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\RunDll32.exe
C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_19_0_0_226_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\PETU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69HVAGTA\RSIT.exe
C:\Program Files\trend micro\PETU.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [FlashPlayerManager] C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe exec hide C:\Users\PETU\AppData\Roaming\Adobe\start.bat
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... .5.5.0.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PhoneMyPC_Helper - SoftwareForMe Inc - C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Samsung - C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
--
End of file - 10444 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-07-08 752960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-21 17920]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-07-15 1328424]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5088456]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2015-06-08 5887264]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06 597040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-07-11 39408]
"FlashPlayerManager"=C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe [2012-10-29 43520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2015-04-08 2429728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChkMail]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2015-06-08 5887264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\P4P\P4P.exe [2007-08-02 778240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Auto Backup.lnk]
C:\PROGRA~1\SAMSUNG\PCAUTO~1\AUTOBA~1.EXE [2012-11-29 836096]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\PETU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.lags"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"wave2"=serwvdrv.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-10-21 14:48:24 ----D---- C:\rsit
2015-10-21 12:00:47 ----A---- C:\Windows\system32\RENC38D.tmp
2015-10-21 11:59:56 ----A---- C:\Windows\system32\WindowsAccessBridge2358064.dll
2015-10-21 11:59:30 ----D---- C:\Program Files\Common Files\Java
2015-10-21 11:58:49 ----A---- C:\Windows\system32\WindowsAccessBridge2290999.dll
2015-10-15 13:25:14 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 13:25:13 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 13:23:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-10-15 13:23:10 ----A---- C:\Windows\system32\ntdll.dll
2015-10-15 13:23:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-15 13:21:21 ----A---- C:\Windows\system32\shell32.dll
2015-10-15 12:40:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-15 12:40:01 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-15 12:40:00 ----A---- C:\Windows\system32\vbscript.dll
2015-10-15 12:40:00 ----A---- C:\Windows\system32\ieui.dll
2015-10-15 12:40:00 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-15 12:39:59 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-15 12:39:58 ----A---- C:\Windows\system32\mshtml.dll
2015-10-15 12:39:58 ----A---- C:\Windows\system32\jscript.dll
2015-10-15 12:39:57 ----A---- C:\Windows\system32\jscript9.dll
2015-10-15 12:39:55 ----A---- C:\Windows\system32\urlmon.dll
2015-10-15 12:39:55 ----A---- C:\Windows\system32\mshta.exe
2015-10-15 12:39:55 ----A---- C:\Windows\system32\msfeedssync.exe
2015-10-15 12:39:55 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-10-15 12:39:54 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-15 12:39:54 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-15 12:39:53 ----A---- C:\Windows\system32\url.dll
2015-10-15 12:39:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-15 12:39:53 ----A---- C:\Windows\system32\iertutil.dll
2015-10-15 12:39:53 ----A---- C:\Windows\system32\ieframe.dll
======List of files/folders modified in the last 1 month======
2015-10-21 14:50:58 ----D---- C:\Program Files\Trend Micro
2015-10-21 14:48:42 ----D---- C:\Windows\Prefetch
2015-10-21 14:48:22 ----D---- C:\Windows\temp
2015-10-21 12:00:57 ----SHD---- C:\Windows\Installer
2015-10-21 12:00:56 ----D---- C:\Program Files\Java
2015-10-21 12:00:47 ----D---- C:\Windows\System32
2015-10-21 11:59:30 ----D---- C:\Program Files\Common Files
2015-10-21 11:34:33 ----SHD---- C:\System Volume Information
2015-10-21 11:21:46 ----D---- C:\Windows\Tasks
2015-10-21 11:21:28 ----D---- C:\Windows
2015-10-21 11:21:28 ----A---- C:\Windows\KMSEmulator.exe
2015-10-18 16:46:46 ----D---- C:\ProgramData\ProductData
2015-10-18 16:46:28 ----D---- C:\Windows\system32\Tasks
2015-10-17 16:10:18 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-10-16 16:46:01 ----A---- C:\Windows\system32\acovcnt.exe
2015-10-15 14:05:42 ----D---- C:\Windows\rescache
2015-10-15 13:47:05 ----D---- C:\Windows\system32\migration
2015-10-15 13:47:05 ----D---- C:\Program Files\Internet Explorer
2015-10-15 13:47:03 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 13:43:26 ----D---- C:\ProgramData\Microsoft Help
2015-10-15 13:39:53 ----D---- C:\Windows\winsxs
2015-10-15 13:28:47 ----D---- C:\Windows\system32\MRT
2015-10-15 13:28:40 ----A---- C:\Windows\system32\mrt.exe
2015-10-15 13:28:26 ----A---- C:\Windows\win.ini
2015-10-15 13:25:43 ----D---- C:\Windows\system32\catroot2
2015-10-15 13:25:43 ----D---- C:\Windows\system32\catroot
2015-10-13 20:08:51 ----D---- C:\kopie foto Jirka
2015-10-07 18:33:52 ----D---- C:\Windows\Minidump
2015-09-25 19:46:44 ----D---- C:\Users\PETU\AppData\Roaming\HpUpdate
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 51824]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2015-04-03 331288]
R0 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2015-04-03 106296]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 193464]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 135808]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 37928]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2015-03-18 23840]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 176448]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2015-08-24 46592]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI32.sys [2015-04-03 439296]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys [2015-03-25 21480]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-06-20 49664]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2007-08-23 467968]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwLv32.sys [2015-04-03 6639616]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys [2015-03-25 32288]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-07-15 200112]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-18 45624]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys [2015-03-25 20944]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-04-03 228352]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2012-07-10 12800]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2015-03-27 402432]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-05-21 89984]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-04-14 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-04-14 25200]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 31872]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-01-22 32800]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\WNt500x86\Sandra.sys [2009-08-07 23112]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-05-21 184192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 winusb;Actions USB 2.0 (HS) WinUSB Device; C:\Windows\system32\DRIVERS\winusb.sys [2009-07-14 34944]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-04-03 176128]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-09 655360]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-01-28 1349576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2015-05-12 878880]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2014-07-15 786256]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-05-21 743688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe [2013-02-01 7278657]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000]
S3 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneMyPC_Helper;PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [2011-07-15 31232]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe [2008-05-19 72344]
S3 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
S3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Krasny den Vam preju 
Predpokladam, ze BitCoiny tezite nevedomky. Uvolnete misto na disku C:\ - 3 GB volneho mista (1 %) je malo.
Odinstalujte Advanced System Care a dale i ostatni produkty od IObitu. Jsou to cinske smejdy, ktere svou karieru zapocaly kradezi databaze spolecnosti Malwarebytes a navic pri nekterych "opravach" timto produktem nekolikrat doslo k poskozeni operacniho systemu takovym zpusobem, ze vse zcela vyresil az kompletni reinstall. Obecne jsem proti vsem zrychlovacum a optimizerum krome nekolik let odzkouseneho CCleaneru, ktery je v defaultnim nastaveni neskodny.
Odinstalujte
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Predpokladam, ze BitCoiny tezite nevedomky. Uvolnete misto na disku C:\ - 3 GB volneho mista (1 %) je malo. Odinstalujte Advanced System Care a dale i ostatni produkty od IObitu. Jsou to cinske smejdy, ktere svou karieru zapocaly kradezi databaze spolecnosti Malwarebytes a navic pri nekterych "opravach" timto produktem nekolikrat doslo k poskozeni operacniho systemu takovym zpusobem, ze vse zcela vyresil az kompletni reinstall. Obecne jsem proti vsem zrychlovacum a optimizerum krome nekolik let odzkouseneho CCleaneru, ktery je v defaultnim nastaveni neskodny. Odinstalujte - Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
dekuji, splneno 
# AdwCleaner v5.014 - Logfile created 21/10/2015 at 21:19:23
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : PETU - PETU-PC
# Running from : C:\Users\PETU\Desktop\viry 2015\adwcleaner_5.014.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKCU\Software\Conduit
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1494 bytes] ##########
# AdwCleaner v5.014 - Logfile created 21/10/2015 at 21:19:23
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : PETU - PETU-PC
# Running from : C:\Users\PETU\Desktop\viry 2015\adwcleaner_5.014.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKCU\Software\Conduit
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1494 bytes] ##########
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Poprosim Vas ted o logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-10-2015
Ran by PETU (2015-10-21 21:46:48)
Running from C:\Users\PETU\Desktop\viry 2015
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2012-07-09 21:13:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3876519533-4130423334-4203767644-500 - Administrator - Disabled)
Guest (S-1-5-21-3876519533-4130423334-4203767644-501 - Limited - Enabled)
PETU (S-1-5-21-3876519533-4130423334-4203767644-1000 - Administrator - Enabled) => C:\Users\PETU
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
AC3Filter 2.5b (HKLM\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Ashampoo Burning Studio 10.0.1 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.1 - ashampoo GmbH & Co. KG)
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0008 - ASUS)
ASUS InstantFun (HKLM\...\{57B15AD4-8C9D-4164-82BB-E33D8644E757}) (Version: 1.0.0015 - ASUS)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Security Protect Manager (HKLM\...\{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}) (Version: 2.1.0.880.20 - ASUSTeK Computer Inc.)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0004 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}) (Version: 1.02.0020 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.08 - asus)
ATI Catalyst Install Manager (HKLM\...\{5EB5EEA7-6432-5827-0080-899DA70A97BA}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0027 - ATK)
ATK Media (HKLM\...\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}) (Version: - )
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.6 - ATK)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.8.1 - AuthenTec, Inc.) Hidden
Balíček ovladače systému Windows - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2) (HKLM\...\2EFF310ED3BF3BFB24E6CC25AEB5491813E56803) (Version: 06/20/2007 5.0.0004.2 - ITE Tech.Inc.)
Balíček ovladače systému Windows - YUAN (mod7700) Media (04/19/2007 2.3.2.7) (HKLM\...\1187079238304F1468F8C92166A58E9784F9716A) (Version: 04/19/2007 2.3.2.7 - YUAN)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version: - )
ccc-Branding (HKLM\...\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0309.2141.36947 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.83.2.50 - Conexant)
ConvertXtoDVD 4.1.2.336 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.2.336 - )
CrystalDiskInfo 6.1.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.0 - Crystal Dew World)
CrystalDiskMark 3.0.2f Shizuku Edition (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 5.1 - CM&V)
EASEUS Partition Master 9.1.0 Home Edition (HKLM\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
ESET Smart Security (HKLM\...\{D17A05CB-2401-4F63-AB70-EFC060B4B4CB}) (Version: 8.0.312.3 - ESET, spol s r. o.)
FUJIFILM MyFinePix Studio 4.2a (HKLM\...\MyFinePix Studio_is1) (Version: - )
Google Earth Pro (HKLM\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
HD Tune Pro 4.50 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
HP Deskjet 2050 J510 series Nápověda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
Huawei Drivers (HKLM\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 4.25.00.00 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
ITECIR Driver (HKLM\...\{FCED9B62-34FF-4C15-8A23-F65221F7874D}) (Version: 1.00.000 - ITE)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JMB36X Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.1.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LUMIX Map Tool (HKLM\...\InstallShield_{7DCF5B1D-79C2-4F24-9746-511436EBC6B4}) (Version: 1.1.0 - Panasonic Corporation)
LUMIX Map Tool (Version: 1.1.0 - Panasonic Corporation) Hidden
MainConcept MCE Encoder (HKLM\...\{616B741E-6694-438B-BD02-73A79DE6834C}) (Version: 1.5.0.1 - MainConcept AG)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1207 - CyberLink Corporation)
Media Go Video Playback Engine 1.116.103.02020 (HKLM\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.103.02020 - Sony)
MediaInfo 0.7.44 (HKLM\...\MediaInfo) (Version: 0.7.44 - MediaArea.net)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.05 - Motorola Inc)
Mp3tag v2.64 (HKLM\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MPC-HC 1.7.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - )
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.1009 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM\...\{F4C242B4-2973-43F3-93F2-ED1B47AE8848}) (Version: 12.0.02000 - Nero AG)
Nero12EssTSST (HKLM\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
OCCT 4.4.0 (HKLM\...\OCCT) (Version: 4.4.0 - Ocbase.com)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
P4P (HKLM\...\{FC3D290D-79BE-44B7-ABF9-FDD110925930}) (Version: 1.0.0.16 - P4P)
PC Auto Backup (HKLM\...\InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}) (Version: 1.1.1.18 - Samsung Electronics Co,. Ltd.)
PC Auto Backup (Version: 1.1.1.18 - Samsung Electronics Co,. Ltd.) Hidden
PhoneMyPC (HKLM\...\{FD452361-CF71-40FD-AAC1-40DE562311E8}) (Version: 2.0.3 - SoftwareForMe Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0014 - ATK)
Prerequisite installer (Version: 12.0.0008 - Nero AG) Hidden
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
RAF (HKLM\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RAW FILE CONVERTER EX powered by SILKYPIX (HKLM\...\InstallShield_{30B1CCDB-209B-4E94-8311-379F2E6B6B59}) (Version: 3 - Ichikawa Soft Laboratory)
RAW FILE CONVERTER EX powered by SILKYPIX (Version: 3 - Ichikawa Soft Laboratory) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.52.02 - RICOH)
SAMSUNG Intelli-studio (HKLM\...\Intelli-studio) (Version: - )
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.21.0 - Synaptics)
System Requirements Lab for Intel (HKLM\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
Tivizen (HKLM\...\{5D2356BE-8728-4294-9295-A31BD44AC483}) (Version: 1.1.4742 - iCube)
T-Mobile Internet Manager (HKLM\...\T-Mobile Communication Centre) (Version: 2015-08-06@2015-08-25 - Gemfor s.r.o.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Ultra AVI Converter 6.3.0206 (HKLM\...\Ultra AVI Converter_is1) (Version: - Aone Software)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VideoLAN VLC media player 0.8.6d (HKLM\...\VLC media player) (Version: 0.8.6d - VideoLAN Team)
VistaFeaturePack (HKLM\...\InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}) (Version: 1.03.0000 - CSR)
VistaFeaturePack (Version: 1.03.0000 - CSR) Hidden
Windows Driver Package - Dekart (DEKART38) SmartCardReader (08/08/2011 1.1.6.1) (HKLM\...\8D434570B215F4E7650A004193A770DC9BD6DB58) (Version: 08/08/2011 1.1.6.1 - Dekart)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version: - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.8 - ATK)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.1.20140505 - Xilisoft)
Youtube Downloader HD v. 2.9.5 (HKLM\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{CA7F5F3F-3362-4C7F-8C85-47E0791F660E}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}\InprocServer32 -> {3C305196-2014-0001-0025-00C04FD930C5} => No File
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
==================== Restore Points =========================
21-10-2015 17:21:26 Installed RICOH R5C83x/84x Flash Media Controller Driver Ver.3.5ůŕúu
21-10-2015 20:54:31 Removed Skype Click to Call
21-10-2015 20:55:48 Removed Skype Click to Call
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-02-12 18:53 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {090E376C-33A9-4F35-8E47-BE53815F0B0A} - System32\Tasks\{180B69E0-E16D-49E1-9615-24568332FCF3} => pcalua.exe -a C:\Users\PETU\Desktop\TV_Tuner_YUAN_MC770A_VT\TV_Tuner_YUAN_MC770A_VT\DPInst.exe -d C:\Users\PETU\Desktop\TV_Tuner_YUAN_MC770A_VT\TV_Tuner_YUAN_MC770A_VT
Task: {0955DE30-F478-40C1-8DD8-749A259D9DF0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-18] (Společnost Microsoft)
Task: {0F148617-958D-492D-9368-AEA122BEDBDD} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation)
Task: {18B5D55E-1561-4A6E-BBD2-3AB663303502} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {196838B7-5CAF-4C99-AD94-1F8DEAF9427F} - System32\Tasks\{E8CDCAA0-7980-43E1-BA02-7B18CB0D6EA7} => pcalua.exe -a G:\VGA_VT_080416\Bin\ATISetup.exe -d G:\VGA_VT_080416\Bin
Task: {1E986494-22A9-43CC-A98A-D36E66212E74} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-05-06] (Nero AG)
Task: {262F9590-6D62-4C7B-9590-9570F5503B39} - System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => pcalua.exe -a "C:\Users\PETU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS7ERK26\install_frame.exe" -d C:\Users\PETU\Desktop
Task: {3083F54B-60FA-4589-A257-D63A673A39B7} - System32\Tasks\Uninstaller_SkipUac_PETU => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {490C6E47-BFA9-4260-8630-559279FB5623} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {5F22F67B-3136-4360-A2CB-3CDD8D4B8BCB} - System32\Tasks\{63B420C2-AD88-4976-8389-9C71F4F4BBB2} => pcalua.exe -a C:\Users\PETU\Desktop\TV_Tuner_Yuan_MC570QA_VT\2ksetup.exe -d C:\Users\PETU\Desktop\TV_Tuner_Yuan_MC570QA_VT
Task: {6760456A-1743-436E-9125-255B70F386D1} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2007-12-26] (ASUS)
Task: {987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: {9DCEFC59-F722-429D-8074-339EE79CD9A5} - System32\Tasks\Driver Booster SkipUAC (PETU) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {9E8FCC97-4B15-4F34-8A3F-4277FB16999D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11] (Realtek Semiconductor)
Task: {AFC67ED6-E6E5-4843-B2C0-20E9ECA06F29} - System32\Tasks\{3F003350-C599-4E70-AD8D-AF15774A90D0} => pcalua.exe -a C:\Users\PETU\Downloads\MTFOPD-00174419-US.EXE -d C:\Users\PETU\Downloads
Task: {B5155077-B91C-42F8-AFCA-D23D8047CDC8} - System32\Tasks\{BEBA44D4-CC65-4C26-A773-F4D2A1DAAC9B} => pcalua.exe -a "C:\Program Files\QuickTime Alternative\QTSystem\quicktime.cpl"
Task: {C37C5EE5-3FB5-4AEE-A248-A3D879A33CED} - System32\Tasks\{742526BB-7CE5-4B6C-99A4-D1FE2579FF73} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.59.129/cs/abandoninstall?page=tsMain
Task: {C9AE2645-D274-4D8B-83A2-0E3671186B9E} - System32\Tasks\{FABA613D-2680-46E7-A370-322B26902F62} => pcalua.exe -a C:\Users\PETU\Desktop\CMOS_Camera_Chicony_CNF6131_VT_071221\CMOS_Camera_Chicony_CNF6131_VT_071221\2ksetup.exe -d C:\Users\PETU\Desktop\CMOS_Camera_Chicony_CNF6131_VT_071221\CMOS_Camera_Chicony_CNF6131_VT_071221
Task: {D0A5212F-D1A3-4548-B6DE-1BA0A9164A51} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe [2008-06-19] (ASUS)
Task: {D2B9E94A-5A78-422E-A0DE-BF92BF81655B} - System32\Tasks\{15A8F902-DCBB-4808-AD1B-8F4D0DDDDADA} => pcalua.exe -a C:\Users\PETU\Desktop\TV_Tuner_LiteOn_VT\TV_Tuner_LiteOn_VT\Driver\2KSETUP.EXE -d C:\Users\PETU\Desktop\TV_Tuner_LiteOn_VT\TV_Tuner_LiteOn_VT\Driver
Task: {F6930ADC-784E-430F-B0C7-AC1AE33C865B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: {FB6E646D-A72B-4945-9593-6CD16872EDEF} - System32\Tasks\{4A6F9B6B-8248-4DE3-8455-5A9AF14F517E} => pcalua.exe -a "C:\Users\PETU\Pictures\PowerDirector10001703Ultracz\PowerDirector 10.0.0.1703 Ultra cz.exe" -d C:\Users\PETU\Pictures\PowerDirector10001703Ultracz
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
==================== Loaded Modules (Whitelisted) ==============
2012-07-10 10:08 - 2007-10-02 21:53 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2010-04-30 14:02 - 2010-04-30 14:02 - 00057344 _____ () C:\Program Files\SAMSUNG\PC Auto Backup\lang.dll
2010-09-03 13:11 - 2010-09-03 13:11 - 00520295 _____ () C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
2012-07-10 00:43 - 2008-03-09 22:01 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-10 10:13 - 2007-10-17 19:04 - 07737344 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
2012-07-10 10:08 - 2004-05-27 18:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2012-07-10 10:08 - 2007-11-04 19:48 - 00106496 _____ () C:\Program Files\ATK Hotkey\MsgTranAgt.exe
2012-07-10 10:22 - 2006-12-20 23:03 - 01036288 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2012-07-10 10:37 - 2007-07-09 22:48 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2009-07-01 19:03 - 2009-07-01 19:03 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-07-10 10:08 - 2007-11-28 17:39 - 02465792 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2012-07-10 10:08 - 2007-08-15 11:20 - 00106496 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
2012-07-10 10:08 - 2007-08-15 11:38 - 00147456 _____ () C:\Program Files\ATK Hotkey\WDC.exe
2007-03-06 17:03 - 2007-03-06 17:03 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2007-11-30 11:13 - 2007-11-30 11:13 - 00693248 _____ () C:\Program Files\VideoLAN\VLC\axvlc.dll
2007-11-30 11:13 - 2007-11-30 11:13 - 02753536 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\appspot.com -> hxxps://mighty-app.appspot.com
IE trusted site: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\mightytext.net -> hxxps://mightytext.net
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Auto Backup.lnk => C:\Windows\pss\PC Auto Backup.lnk.CommonStartup
MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
MSCONFIG\startupreg: ChkMail =>
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: PowerForPhone => "C:\Program Files\P4P\P4P.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched =>
MSCONFIG\startupreg: swg =>
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{5F4B7356-7000-4F30-B367-6E6C28831805}] => (Allow) LPort=80
FirewallRules: [{B4344368-D9B6-4734-A9ED-92974954205C}] => (Allow) LPort=80
FirewallRules: [{D7114B59-B34C-4E4C-880B-2586818FAAA8}] => (Allow) LPort=80
FirewallRules: [{F54AD44E-1EB9-483B-A29A-31BDDF81541B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D2C3947C-6B1C-4B05-8F21-395C9B23C144}] => (Allow) LPort=2869
FirewallRules: [{344A6418-9C7D-4C42-892F-B770EF251A12}] => (Allow) LPort=1900
FirewallRules: [{510BF0EB-E2A0-4A98-9AFE-69BE6C7364A4}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{35BB520B-E263-494E-B2C9-F8E9F3D76F7D}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5928740A-AA22-4704-956D-9549C38784CB}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D2BF6000-F9AF-49B6-8F1E-86D1ED1DDB9E}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{4404DC3F-C448-4760-B162-E6B314171D59}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{B4F9B8C0-AD07-4CD2-B4B2-740194E1F7BD}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{2BD58C6F-BB07-4D8A-B47B-44A87CF25731}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{0D9EF262-740C-45A4-99F2-3F83DA690FAC}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{301B3E72-25C8-4273-AD0D-8CDFEBCDDE10}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{67E9805D-22D3-4243-81A9-283BDEE5C9D5}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [{5C5EE650-FF1C-4FFF-BF2E-39672F7C0ADC}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [{AB4F11B7-F6C5-4616-8468-5968BCA2A958}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [{16584549-36F8-46A5-B4D3-9A045BAFC80C}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [TCP Query User{1C7BE2EE-85D6-4B17-88EA-4E7A459313B5}C:\program files\samsung\pc auto backup\autobackup.exe] => (Allow) C:\program files\samsung\pc auto backup\autobackup.exe
FirewallRules: [UDP Query User{53DD9E6A-C5A5-424A-9A8C-5A89E23B5397}C:\program files\samsung\pc auto backup\autobackup.exe] => (Allow) C:\program files\samsung\pc auto backup\autobackup.exe
FirewallRules: [{4856D47F-1F50-462B-A20D-498059E076C5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{70AD601C-3580-4542-A954-E6B9E631DFF8}C:\users\petu\desktop\greylink0059\greylink.exe] => (Allow) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [UDP Query User{09761444-39C1-477A-AC8C-6841195B7A18}C:\users\petu\desktop\greylink0059\greylink.exe] => (Allow) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [TCP Query User{E532A77D-BF1A-4CAC-91D3-6234A6B2BB00}C:\users\petu\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\petu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D8C508FC-5FC8-4EDE-8873-79728B82B469}C:\users\petu\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\petu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{469BB46B-82E2-403B-9DFA-D228ADA812E7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{CB030C4E-9B1A-40E8-971D-E400599D7F97}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{F531F7ED-1D1C-4C5A-8059-21B26F8A146E}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{6200C702-ACBD-462D-9226-F7930F9F0DD9}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Block) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{757A2D35-F57B-474C-81C5-99FBF7334EBA}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Block) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [TCP Query User{54237E63-C77E-4FE7-92FF-7BB09148C502}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2A93379A-A786-48CF-BEE9-DA82B9D7E202}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{22960022-A762-49CA-89B6-77052DE4FF40}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{3FCDCD0C-7229-45B8-B81C-81525FD4A517}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{F734D8AB-C79F-410C-ADAA-7B4113DB99BF}C:\users\petu\desktop\greylink0059\greylink.exe] => (Block) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [UDP Query User{B11D9740-5023-4D46-A671-B7CD690C2460}C:\users\petu\desktop\greylink0059\greylink.exe] => (Block) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [{00685082-9C44-4800-AF68-7887B7C8CE55}] => (Allow) LPort=49166
FirewallRules: [{9E8A2BE5-AB71-4CA1-ADB4-898EA65E52B2}] => (Allow) LPort=5000
FirewallRules: [{26326B3F-6124-4F3E-AF3F-505A876D3A33}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{EC2E50C6-D017-401D-865B-B4F4EB7AE3E9}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F9699A1F-3FAB-4124-9B8B-939EFF31798B}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{BD9C9124-6437-4B7F-8295-DDC427DCDB15}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{CC6160F9-A0CC-44EE-AF54-109400610FA0}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{6D90BDC0-C0AC-4660-BEFF-7F74DA3A6474}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/21/2015 09:21:50 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Hodnotu registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)
Error: (10/21/2015 09:21:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt sběrače nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Hodnotu registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)
Error: (10/21/2015 09:21:14 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:13 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:13 PM) (Source: Windows Search Service) (EventID: 3038) (User: )
Description: Sběrač nepřečetl registr DocIdMapFile.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Systém nemůže nalézt uvedený soubor. (0x80070002)
Error: (10/21/2015 09:21:13 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:12 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:11 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:11 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
System errors:
=============
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restartovat službu
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)
Error: (10/21/2015 09:21:40 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (10/21/2015 09:19:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restartovat službu
Error: (10/21/2015 09:19:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba přijímače aplikace Windows Media Center1100001Restartovat službu
Error: (10/21/2015 09:19:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant1100001Restartovat službu
Error: (10/21/2015 09:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba plánování aplikace Windows Media Center1100001Restartovat službu
Error: (10/21/2015 09:19:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player Network Sharing1300001Restartovat službu
CodeIntegrity:
===================================
Date: 2015-10-07 18:37:02.269
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-07 18:37:02.003
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-07 18:37:01.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-07 18:37:01.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:03.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:02.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:02.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:02.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-23 16:21:06.408
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-23 16:21:06.189
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
Percentage of memory in use: 69%
Total physical RAM: 3070.29 MB
Available physical RAM: 946.13 MB
Total Virtual: 6343.45 MB
Available Virtual: 3920.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:240.14 GB) (Free:13.27 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:225.62 GB) (Free:22.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: ED0B9B3D)
Partition 1: (Active) - (Size=240.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=225.6 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
**************************************************************************
**************************************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-10-2015
Ran by PETU (administrator) on PETU-PC (21-10-2015 21:45:01)
Running from C:\Users\PETU\Desktop\viry 2015
Loaded Profiles: PETU (Available Profiles: PETU)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
() C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Akamai Technologies, Inc.) C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_226_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ATKOSD2\ATKOSD2.exe [7737344 2007-10-17] ()
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2012-07-15] (Synaptics, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2015-01-28] (ESET)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-11] (Google Inc.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [FlashPlayerManager] => C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-03-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\PETU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk [2015-10-21]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-18] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86DB81F6-1E62-498B-8539-50F8906D2A08}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21] (Bioscrypt Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-10] [not signed]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-06] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-21] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-02] () [File not signed]
S3 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2015-01-28] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
S3 PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed]
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-18] (Microsoft Corporation)
R2 WiselinkPro; C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-01] (Samsung) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-16] (AuthenTec, Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [12800 2012-07-10] (CSR, plc)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [402432 2015-03-27] (Motorola, Inc.)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI32.sys [439296 2015-04-03] (Conexant Systems Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51824 2015-03-10] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70016 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-03-18] (REALiX(tm))
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [49664 2007-06-20] (Windows (R) Codename Longhorn DDK provider)
R0 JGOGO; C:\Windows\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2015-04-03] (JMicron Technology Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [467968 2007-08-23] (DiBcom)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2015-04-03] (Intel Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdptsk.sys [46592 2015-08-24] (REDC) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.)
S3 RTL2832UBDA; system32\drivers\RTL2832UBDA.sys [X]
S3 RTL2832UUSB; System32\Drivers\RTL2832UUSB.sys [X]
S3 RTL2832U_IRHID; system32\DRIVERS\RTL2832U_IRHID.sys [X]
S3 SANDRA; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 21:43 - 2015-10-21 21:45 - 00000000 ____D C:\FRST
2015-10-21 20:53 - 2015-10-21 20:53 - 00000000 ____D C:\Users\PETU\AppData\Local\Skype
2015-10-21 14:49 - 2015-10-21 21:45 - 00000000 ____D C:\Users\PETU\Desktop\viry 2015
2015-10-21 14:48 - 2015-10-21 14:51 - 00000000 ____D C:\rsit
2015-10-21 11:59 - 2015-10-21 11:59 - 00000000 ____D C:\Program Files\Common Files\Java
2015-10-21 11:59 - 2015-10-21 11:57 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge2358064.dll
2015-10-21 11:58 - 2015-10-21 11:57 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge2290999.dll
2015-10-21 11:25 - 2015-10-21 11:25 - 00000000 ____D C:\Users\PETU\AppData\Local\{5B1D6F55-745D-480B-8B1C-5ED94202F351}
2015-10-19 22:42 - 2015-10-19 22:42 - 00000000 ____D C:\Users\PETU\AppData\Local\{77DFA5C2-622D-4C28-9BDE-383DADC572ED}
2015-10-19 10:40 - 2015-10-19 10:40 - 00000000 ____D C:\Users\PETU\AppData\Local\{0D079341-392A-40E1-A7FB-967E115902F0}
2015-10-18 16:51 - 2015-10-18 16:51 - 00000000 ____D C:\Users\PETU\AppData\Local\{0FC57C29-5A0B-495F-8D6C-5BD7A98A9E85}
2015-10-17 13:17 - 2015-10-17 13:17 - 00000000 ____D C:\Users\PETU\AppData\Local\{687331AA-9968-4AFE-9E38-CDD689F6A5CD}
2015-10-16 12:40 - 2015-10-16 12:40 - 00000000 ____D C:\Users\PETU\AppData\Local\{D52ABE6E-CEA3-4723-B1A5-7134F4B65A68}
2015-10-16 00:19 - 2015-10-16 00:19 - 00000000 ____D C:\Users\PETU\AppData\Local\{B367E696-1B0C-4B91-BFA0-BFB1BC1472AC}
2015-10-15 13:25 - 2015-07-18 15:14 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 13:23 - 2015-09-28 19:17 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-15 13:23 - 2015-09-26 18:09 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-15 13:23 - 2015-09-26 18:09 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-15 13:21 - 2015-07-29 02:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-15 12:40 - 2015-09-11 09:16 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-15 12:40 - 2015-09-11 09:15 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-15 12:40 - 2015-09-11 09:14 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-15 12:40 - 2015-09-11 09:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-15 12:40 - 2015-09-11 09:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-15 12:39 - 2015-09-11 09:22 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-15 12:39 - 2015-09-11 09:21 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-15 12:39 - 2015-09-11 09:19 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-15 12:39 - 2015-09-11 09:17 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-15 12:39 - 2015-09-11 09:16 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-15 12:39 - 2015-09-11 09:15 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-15 12:39 - 2015-09-11 09:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-15 12:39 - 2015-09-11 09:14 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-15 12:39 - 2015-09-11 09:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-15 12:39 - 2015-09-11 09:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-15 12:17 - 2015-10-15 12:17 - 00000000 ____D C:\Users\PETU\AppData\Local\{25E49729-BBC6-4B69-85C0-CF969393F3DA}
2015-10-13 17:18 - 2015-10-13 17:19 - 00000000 ____D C:\Users\PETU\AppData\Local\{4A9B2BCD-76C9-42EF-81B4-975D486827E2}
2015-10-12 23:31 - 2015-10-12 23:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{08A95672-DF96-4BAF-9530-88699E3F52F2}
2015-10-12 11:30 - 2015-10-12 11:30 - 00000000 ____D C:\Users\PETU\AppData\Local\{3AD5B3F3-9F42-46B3-A520-85D502F654F0}
2015-10-12 01:37 - 2015-10-12 01:37 - 00000000 ____D C:\Users\PETU\AppData\Local\{CDF0CD7A-4B84-439A-9799-54641A1F52BB}
2015-10-11 13:37 - 2015-10-11 13:37 - 00000000 ____D C:\Users\PETU\AppData\Local\{2E50A777-DEC7-4871-94B9-EC345F1624BB}
2015-10-11 13:29 - 2015-10-11 13:29 - 00000000 ____D C:\Users\PETU\AppData\Local\{17046644-C65D-4FBB-9B0F-2A1E15FA3AD8}
2015-10-11 01:28 - 2015-10-11 01:28 - 00000000 ____D C:\Users\PETU\AppData\Local\{898AF429-A1C3-4618-B698-B37AAB4523BB}
2015-10-10 13:27 - 2015-10-10 13:27 - 00000000 ____D C:\Users\PETU\AppData\Local\{062725BF-9D8F-4A58-A30C-BE836579680B}
2015-10-09 14:20 - 2015-10-09 14:20 - 00000000 ____D C:\Users\PETU\AppData\Local\{64EC752D-F0E8-4C20-8C12-F611B10874AB}
2015-10-08 16:31 - 2015-10-08 16:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{DB6D503C-EABA-4500-9C1A-F7EE78719F79}
2015-10-07 18:33 - 2015-10-07 18:34 - 00144800 _____ C:\Windows\Minidump\Mini100715-01.dmp
2015-10-07 18:24 - 2015-10-07 18:24 - 00000000 ____D C:\Users\PETU\AppData\Local\{E7D421DC-88C2-4D4F-8ECA-60920CE3E6BD}
2015-10-06 14:11 - 2015-10-06 14:11 - 00000000 ____D C:\Users\PETU\AppData\Local\{A84435C2-B6EC-49CD-AAFE-C55667C7C40E}
2015-10-05 15:19 - 2015-10-05 15:19 - 00000000 ____D C:\Users\PETU\AppData\Local\{01B45671-C4F4-4BB2-90C1-A33F09644376}
2015-10-04 16:10 - 2015-10-04 16:10 - 00000000 ____D C:\Users\PETU\AppData\Local\{B784FF6F-D362-435D-BDE8-5C8C37BFBB38}
2015-10-03 15:47 - 2015-10-03 15:47 - 00000000 ____D C:\Users\PETU\AppData\Local\{DE9D1B36-B671-466C-AEB7-DE4297660CB9}
2015-10-02 18:04 - 2015-10-02 18:05 - 00144696 _____ C:\Windows\Minidump\Mini100215-01.dmp
2015-10-02 17:56 - 2015-10-02 17:57 - 00000000 ____D C:\Users\PETU\AppData\Local\{C855E2F3-3042-4F3F-A2A9-23D90E6DADE6}
2015-10-01 18:12 - 2015-10-01 18:12 - 00000000 ____D C:\Users\PETU\AppData\Local\{05F00A39-FA6C-4397-BC4E-76F880D08904}
2015-09-30 15:42 - 2015-09-30 15:42 - 00000000 ____D C:\Users\PETU\AppData\Local\{090BDB12-E3E0-4B3C-90E4-672ADC2AC25A}
2015-09-29 19:11 - 2015-09-29 19:11 - 00000000 ____D C:\Users\PETU\AppData\Local\{EE1D5F4E-3998-42F0-BE81-2A854B17B75A}
2015-09-28 13:52 - 2015-09-28 13:52 - 00000000 ____D C:\Users\PETU\AppData\Local\{96DA225B-6B2B-4C39-B0D7-A5ADDAE3CA1A}
2015-09-28 01:17 - 2015-09-28 01:18 - 00000000 ____D C:\Users\PETU\AppData\Local\{78CEBD67-0037-4469-8EEB-D710CF2BA815}
2015-09-27 13:16 - 2015-09-27 13:16 - 00000000 ____D C:\Users\PETU\AppData\Local\{6B4ADC9D-4BE3-41AE-A77A-0E0119ADF078}
2015-09-26 13:30 - 2015-09-26 13:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{5748834D-B6BF-4676-B4F0-8DEE3E125C38}
2015-09-25 19:43 - 2015-09-25 19:43 - 00000000 ____D C:\Users\PETU\AppData\Local\{2DAF3019-8AFF-430F-A000-73EF79EEC71C}
2015-09-24 15:17 - 2015-09-24 15:17 - 00000000 ____D C:\Users\PETU\AppData\Local\{517D5C2A-8126-4DB8-9072-B5E87B64B1BD}
2015-09-23 23:32 - 2015-09-23 23:32 - 00000000 ____D C:\Users\PETU\AppData\Local\{12D7C20A-CA33-4CF2-BDD7-5E5D69E8D92A}
2015-09-23 16:12 - 2015-10-07 18:33 - 432075344 _____ C:\Windows\MEMORY.DMP
2015-09-23 16:12 - 2015-09-23 16:12 - 00144584 _____ C:\Windows\Minidump\Mini092315-01.dmp
2015-09-23 11:31 - 2015-09-23 11:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{F9E05EBA-6976-4A43-8AEA-114CA7B1A692}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 21:29 - 2006-11-02 14:52 - 01451095 _____ C:\Windows\WindowsUpdate.log
2015-10-21 21:23 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-21 21:22 - 2015-09-01 18:25 - 00022177 _____ C:\Windows\AutoKMS.log
2015-10-21 21:22 - 2015-05-14 14:21 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-10-21 21:22 - 2015-05-14 14:21 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-21 21:21 - 2015-05-14 14:21 - 00078848 _____ C:\Windows\KMSEmulator.exe
2015-10-21 21:21 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 21:21 - 2006-11-02 14:47 - 00005024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 21:21 - 2006-11-02 14:47 - 00005024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 21:20 - 2015-09-09 14:30 - 00007710 _____ C:\Windows\PFRO.log
2015-10-21 21:19 - 2014-02-08 18:39 - 00000000 ____D C:\AdwCleaner
2015-10-21 21:19 - 2012-07-09 23:12 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-21 21:19 - 2006-11-02 15:01 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 21:10 - 2015-05-09 15:36 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-21 20:57 - 2013-02-09 12:12 - 00000000 ___RD C:\Program Files\Skype
2015-10-21 20:57 - 2013-02-09 12:12 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 20:55 - 2013-02-09 12:12 - 00000000 ____D C:\Users\PETU\AppData\Roaming\Skype
2015-10-21 20:50 - 2014-02-19 12:39 - 00000000 ____D C:\Users\PETU\AppData\Local\CrashDumps
2015-10-21 20:48 - 2015-03-18 14:14 - 00000000 ____D C:\Program Files\IObit
2015-10-21 17:33 - 2012-07-11 14:45 - 00186368 _____ C:\Users\PETU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-21 17:21 - 2012-09-03 20:37 - 00000000 ____D C:\Users\PETU\Desktop\EVOLVE
2015-10-21 17:14 - 2012-07-10 00:20 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-10-21 16:20 - 2012-07-09 23:17 - 00000000 ____D C:\Users\PETU
2015-10-21 16:06 - 2012-07-15 23:24 - 00000000 ____D C:\Program Files\Realtek
2015-10-21 15:44 - 2012-09-21 16:23 - 00000000 ____D C:\Users\PETU\Desktop\INZERATY
2015-10-21 15:36 - 2013-03-13 19:02 - 00000000 ____D C:\Users\PETU\Desktop\----- Návody -----
2015-10-21 14:50 - 2014-02-08 12:06 - 00000000 ____D C:\Program Files\Trend Micro
2015-10-21 12:00 - 2015-06-23 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 12:00 - 2012-07-13 20:21 - 00000000 ____D C:\Program Files\Java
2015-10-21 11:59 - 2015-08-24 14:29 - 00000000 ____D C:\Users\PETU\.oracle_jre_usage
2015-10-21 11:57 - 2015-06-23 14:57 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-10-18 16:46 - 2015-03-18 14:15 - 00000000 ____D C:\ProgramData\ProductData
2015-10-17 16:10 - 2015-05-09 15:36 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-17 16:10 - 2015-05-09 15:36 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-16 16:46 - 2012-07-10 11:00 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-10-15 14:05 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-15 13:43 - 2014-03-23 19:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 13:37 - 2013-08-15 03:12 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 13:28 - 2006-11-02 12:24 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-10-15 13:28 - 2006-11-02 12:23 - 00000219 _____ C:\Windows\win.ini
2015-10-15 13:07 - 2012-07-14 21:11 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-10-13 20:08 - 2012-12-27 16:50 - 00000000 ____D C:\kopie foto Jirka
2015-10-07 18:33 - 2013-03-20 00:00 - 00000000 ____D C:\Windows\Minidump
2015-09-25 21:11 - 2013-06-17 15:35 - 00000000 ____D C:\Users\PETU\Desktop\greylink0059
2015-09-25 19:46 - 2012-07-26 10:46 - 00000000 ____D C:\Users\PETU\AppData\Roaming\HpUpdate
2015-09-23 11:31 - 2012-07-13 21:12 - 00000000 ____D C:\Users\PETU\AppData\Local\Akamai
==================== Files in the root of some directories =======
2014-04-30 04:03 - 2014-04-30 04:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2008-05-22 09:35 - 2008-05-22 09:35 - 0051962 _____ () C:\Program Files\Common Files\banner.jpg
2008-08-08 14:48 - 2008-08-08 14:48 - 0090112 _____ () C:\Program Files\Common Files\CPInstallAction.dll
2012-07-15 23:12 - 2012-07-15 23:12 - 0031028 _____ () C:\Users\PETU\AppData\Roaming\UserTile.png
2014-08-11 19:06 - 2014-08-11 19:08 - 0001057 _____ () C:\Users\PETU\AppData\Roaming\vso_ts_preview.xml
2012-07-22 16:08 - 2012-07-22 16:08 - 0000552 _____ () C:\Users\PETU\AppData\Local\d3d8caps.dat
2014-03-22 14:47 - 2015-08-03 11:33 - 0001356 _____ () C:\Users\PETU\AppData\Local\d3d9caps.dat
2012-07-11 14:45 - 2015-10-21 17:33 - 0186368 _____ () C:\Users\PETU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-23 21:35 - 2013-10-23 21:35 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.1.02.agreement
2013-10-24 02:10 - 2013-10-24 09:31 - 0000021 _____ () C:\Users\PETU\AppData\Local\RawCopy.opendialog.dir
2013-10-24 02:10 - 2013-10-24 09:31 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.opendialog.filterindex
2013-10-23 21:38 - 2013-10-24 09:33 - 0000003 _____ () C:\Users\PETU\AppData\Local\RawCopy.savedialog.dir
2013-10-23 21:38 - 2013-10-24 09:33 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.savedialog.filterindex
2013-10-24 02:10 - 2013-10-24 09:31 - 0000028 _____ () C:\Users\PETU\AppData\Local\RawCopy.sourcedisk.filepath
2013-10-23 21:37 - 2014-02-05 17:33 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.sourcedisk.index
2015-09-18 11:56 - 2015-09-18 11:56 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-03 12:32 - 2015-04-03 12:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-09-04 20:13 - 2012-09-07 11:43 - 0003999 _____ () C:\ProgramData\LmeUSB.log
2012-09-06 19:56 - 2012-09-07 11:43 - 0003350 _____ () C:\ProgramData\LmeZJSW.log
2012-09-04 20:13 - 2012-09-07 11:43 - 0003998 _____ () C:\ProgramData\LSDmbTH.log
2014-06-25 13:59 - 2014-06-25 13:59 - 0004104 _____ () C:\ProgramData\ojobkspa.ako
2012-09-04 20:13 - 2012-09-07 11:43 - 0004076 _____ () C:\ProgramData\PipShareTuner.log
2014-05-27 12:42 - 2014-05-27 12:42 - 0001534 _____ () C:\ProgramData\ss.ini
Some files in TEMP:
====================
C:\Users\PETU\AppData\Local\temp\jre-8u65-windows-au.exe
C:\Users\PETU\AppData\Local\temp\sqlite3.dll
C:\Users\PETU\AppData\Local\temp\Uninstall.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-21 21:27
==================== End of FRST.txt ============================
Ran by PETU (2015-10-21 21:46:48)
Running from C:\Users\PETU\Desktop\viry 2015
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2012-07-09 21:13:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3876519533-4130423334-4203767644-500 - Administrator - Disabled)
Guest (S-1-5-21-3876519533-4130423334-4203767644-501 - Limited - Enabled)
PETU (S-1-5-21-3876519533-4130423334-4203767644-1000 - Administrator - Enabled) => C:\Users\PETU
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
AC3Filter 2.5b (HKLM\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Ashampoo Burning Studio 10.0.1 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.1 - ashampoo GmbH & Co. KG)
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0008 - ASUS)
ASUS InstantFun (HKLM\...\{57B15AD4-8C9D-4164-82BB-E33D8644E757}) (Version: 1.0.0015 - ASUS)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Security Protect Manager (HKLM\...\{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}) (Version: 2.1.0.880.20 - ASUSTeK Computer Inc.)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0004 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}) (Version: 1.02.0020 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.08 - asus)
ATI Catalyst Install Manager (HKLM\...\{5EB5EEA7-6432-5827-0080-899DA70A97BA}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0027 - ATK)
ATK Media (HKLM\...\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}) (Version: - )
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.6 - ATK)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.8.1 - AuthenTec, Inc.) Hidden
Balíček ovladače systému Windows - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2) (HKLM\...\2EFF310ED3BF3BFB24E6CC25AEB5491813E56803) (Version: 06/20/2007 5.0.0004.2 - ITE Tech.Inc.)
Balíček ovladače systému Windows - YUAN (mod7700) Media (04/19/2007 2.3.2.7) (HKLM\...\1187079238304F1468F8C92166A58E9784F9716A) (Version: 04/19/2007 2.3.2.7 - YUAN)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version: - )
ccc-Branding (HKLM\...\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0309.2141.36947 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.83.2.50 - Conexant)
ConvertXtoDVD 4.1.2.336 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.2.336 - )
CrystalDiskInfo 6.1.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.0 - Crystal Dew World)
CrystalDiskMark 3.0.2f Shizuku Edition (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 5.1 - CM&V)
EASEUS Partition Master 9.1.0 Home Edition (HKLM\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
ESET Smart Security (HKLM\...\{D17A05CB-2401-4F63-AB70-EFC060B4B4CB}) (Version: 8.0.312.3 - ESET, spol s r. o.)
FUJIFILM MyFinePix Studio 4.2a (HKLM\...\MyFinePix Studio_is1) (Version: - )
Google Earth Pro (HKLM\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
HD Tune Pro 4.50 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
HP Deskjet 2050 J510 series Nápověda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
Huawei Drivers (HKLM\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 4.25.00.00 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
ITECIR Driver (HKLM\...\{FCED9B62-34FF-4C15-8A23-F65221F7874D}) (Version: 1.00.000 - ITE)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JMB36X Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.1.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LUMIX Map Tool (HKLM\...\InstallShield_{7DCF5B1D-79C2-4F24-9746-511436EBC6B4}) (Version: 1.1.0 - Panasonic Corporation)
LUMIX Map Tool (Version: 1.1.0 - Panasonic Corporation) Hidden
MainConcept MCE Encoder (HKLM\...\{616B741E-6694-438B-BD02-73A79DE6834C}) (Version: 1.5.0.1 - MainConcept AG)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1207 - CyberLink Corporation)
Media Go Video Playback Engine 1.116.103.02020 (HKLM\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.103.02020 - Sony)
MediaInfo 0.7.44 (HKLM\...\MediaInfo) (Version: 0.7.44 - MediaArea.net)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.05 - Motorola Inc)
Mp3tag v2.64 (HKLM\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MPC-HC 1.7.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - )
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.1009 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM\...\{F4C242B4-2973-43F3-93F2-ED1B47AE8848}) (Version: 12.0.02000 - Nero AG)
Nero12EssTSST (HKLM\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
OCCT 4.4.0 (HKLM\...\OCCT) (Version: 4.4.0 - Ocbase.com)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
P4P (HKLM\...\{FC3D290D-79BE-44B7-ABF9-FDD110925930}) (Version: 1.0.0.16 - P4P)
PC Auto Backup (HKLM\...\InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}) (Version: 1.1.1.18 - Samsung Electronics Co,. Ltd.)
PC Auto Backup (Version: 1.1.1.18 - Samsung Electronics Co,. Ltd.) Hidden
PhoneMyPC (HKLM\...\{FD452361-CF71-40FD-AAC1-40DE562311E8}) (Version: 2.0.3 - SoftwareForMe Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0014 - ATK)
Prerequisite installer (Version: 12.0.0008 - Nero AG) Hidden
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
RAF (HKLM\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RAW FILE CONVERTER EX powered by SILKYPIX (HKLM\...\InstallShield_{30B1CCDB-209B-4E94-8311-379F2E6B6B59}) (Version: 3 - Ichikawa Soft Laboratory)
RAW FILE CONVERTER EX powered by SILKYPIX (Version: 3 - Ichikawa Soft Laboratory) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.52.02 - RICOH)
SAMSUNG Intelli-studio (HKLM\...\Intelli-studio) (Version: - )
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.21.0 - Synaptics)
System Requirements Lab for Intel (HKLM\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
Tivizen (HKLM\...\{5D2356BE-8728-4294-9295-A31BD44AC483}) (Version: 1.1.4742 - iCube)
T-Mobile Internet Manager (HKLM\...\T-Mobile Communication Centre) (Version: 2015-08-06@2015-08-25 - Gemfor s.r.o.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Ultra AVI Converter 6.3.0206 (HKLM\...\Ultra AVI Converter_is1) (Version: - Aone Software)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VideoLAN VLC media player 0.8.6d (HKLM\...\VLC media player) (Version: 0.8.6d - VideoLAN Team)
VistaFeaturePack (HKLM\...\InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}) (Version: 1.03.0000 - CSR)
VistaFeaturePack (Version: 1.03.0000 - CSR) Hidden
Windows Driver Package - Dekart (DEKART38) SmartCardReader (08/08/2011 1.1.6.1) (HKLM\...\8D434570B215F4E7650A004193A770DC9BD6DB58) (Version: 08/08/2011 1.1.6.1 - Dekart)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version: - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.8 - ATK)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.1.20140505 - Xilisoft)
Youtube Downloader HD v. 2.9.5 (HKLM\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{CA7F5F3F-3362-4C7F-8C85-47E0791F660E}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}\InprocServer32 -> {3C305196-2014-0001-0025-00C04FD930C5} => No File
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
==================== Restore Points =========================
21-10-2015 17:21:26 Installed RICOH R5C83x/84x Flash Media Controller Driver Ver.3.5ůŕúu
21-10-2015 20:54:31 Removed Skype Click to Call
21-10-2015 20:55:48 Removed Skype Click to Call
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-02-12 18:53 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {090E376C-33A9-4F35-8E47-BE53815F0B0A} - System32\Tasks\{180B69E0-E16D-49E1-9615-24568332FCF3} => pcalua.exe -a C:\Users\PETU\Desktop\TV_Tuner_YUAN_MC770A_VT\TV_Tuner_YUAN_MC770A_VT\DPInst.exe -d C:\Users\PETU\Desktop\TV_Tuner_YUAN_MC770A_VT\TV_Tuner_YUAN_MC770A_VT
Task: {0955DE30-F478-40C1-8DD8-749A259D9DF0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-18] (Společnost Microsoft)
Task: {0F148617-958D-492D-9368-AEA122BEDBDD} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation)
Task: {18B5D55E-1561-4A6E-BBD2-3AB663303502} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {196838B7-5CAF-4C99-AD94-1F8DEAF9427F} - System32\Tasks\{E8CDCAA0-7980-43E1-BA02-7B18CB0D6EA7} => pcalua.exe -a G:\VGA_VT_080416\Bin\ATISetup.exe -d G:\VGA_VT_080416\Bin
Task: {1E986494-22A9-43CC-A98A-D36E66212E74} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-05-06] (Nero AG)
Task: {262F9590-6D62-4C7B-9590-9570F5503B39} - System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => pcalua.exe -a "C:\Users\PETU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS7ERK26\install_frame.exe" -d C:\Users\PETU\Desktop
Task: {3083F54B-60FA-4589-A257-D63A673A39B7} - System32\Tasks\Uninstaller_SkipUac_PETU => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {490C6E47-BFA9-4260-8630-559279FB5623} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {5F22F67B-3136-4360-A2CB-3CDD8D4B8BCB} - System32\Tasks\{63B420C2-AD88-4976-8389-9C71F4F4BBB2} => pcalua.exe -a C:\Users\PETU\Desktop\TV_Tuner_Yuan_MC570QA_VT\2ksetup.exe -d C:\Users\PETU\Desktop\TV_Tuner_Yuan_MC570QA_VT
Task: {6760456A-1743-436E-9125-255B70F386D1} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2007-12-26] (ASUS)
Task: {987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: {9DCEFC59-F722-429D-8074-339EE79CD9A5} - System32\Tasks\Driver Booster SkipUAC (PETU) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {9E8FCC97-4B15-4F34-8A3F-4277FB16999D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11] (Realtek Semiconductor)
Task: {AFC67ED6-E6E5-4843-B2C0-20E9ECA06F29} - System32\Tasks\{3F003350-C599-4E70-AD8D-AF15774A90D0} => pcalua.exe -a C:\Users\PETU\Downloads\MTFOPD-00174419-US.EXE -d C:\Users\PETU\Downloads
Task: {B5155077-B91C-42F8-AFCA-D23D8047CDC8} - System32\Tasks\{BEBA44D4-CC65-4C26-A773-F4D2A1DAAC9B} => pcalua.exe -a "C:\Program Files\QuickTime Alternative\QTSystem\quicktime.cpl"
Task: {C37C5EE5-3FB5-4AEE-A248-A3D879A33CED} - System32\Tasks\{742526BB-7CE5-4B6C-99A4-D1FE2579FF73} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.59.129/cs/abandoninstall?page=tsMain
Task: {C9AE2645-D274-4D8B-83A2-0E3671186B9E} - System32\Tasks\{FABA613D-2680-46E7-A370-322B26902F62} => pcalua.exe -a C:\Users\PETU\Desktop\CMOS_Camera_Chicony_CNF6131_VT_071221\CMOS_Camera_Chicony_CNF6131_VT_071221\2ksetup.exe -d C:\Users\PETU\Desktop\CMOS_Camera_Chicony_CNF6131_VT_071221\CMOS_Camera_Chicony_CNF6131_VT_071221
Task: {D0A5212F-D1A3-4548-B6DE-1BA0A9164A51} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe [2008-06-19] (ASUS)
Task: {D2B9E94A-5A78-422E-A0DE-BF92BF81655B} - System32\Tasks\{15A8F902-DCBB-4808-AD1B-8F4D0DDDDADA} => pcalua.exe -a C:\Users\PETU\Desktop\TV_Tuner_LiteOn_VT\TV_Tuner_LiteOn_VT\Driver\2KSETUP.EXE -d C:\Users\PETU\Desktop\TV_Tuner_LiteOn_VT\TV_Tuner_LiteOn_VT\Driver
Task: {F6930ADC-784E-430F-B0C7-AC1AE33C865B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: {FB6E646D-A72B-4945-9593-6CD16872EDEF} - System32\Tasks\{4A6F9B6B-8248-4DE3-8455-5A9AF14F517E} => pcalua.exe -a "C:\Users\PETU\Pictures\PowerDirector10001703Ultracz\PowerDirector 10.0.0.1703 Ultra cz.exe" -d C:\Users\PETU\Pictures\PowerDirector10001703Ultracz
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
==================== Loaded Modules (Whitelisted) ==============
2012-07-10 10:08 - 2007-10-02 21:53 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2010-04-30 14:02 - 2010-04-30 14:02 - 00057344 _____ () C:\Program Files\SAMSUNG\PC Auto Backup\lang.dll
2010-09-03 13:11 - 2010-09-03 13:11 - 00520295 _____ () C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
2012-07-10 00:43 - 2008-03-09 22:01 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-10 10:13 - 2007-10-17 19:04 - 07737344 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
2012-07-10 10:08 - 2004-05-27 18:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2012-07-10 10:08 - 2007-11-04 19:48 - 00106496 _____ () C:\Program Files\ATK Hotkey\MsgTranAgt.exe
2012-07-10 10:22 - 2006-12-20 23:03 - 01036288 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2012-07-10 10:37 - 2007-07-09 22:48 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2009-07-01 19:03 - 2009-07-01 19:03 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-07-10 10:08 - 2007-11-28 17:39 - 02465792 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2012-07-10 10:08 - 2007-08-15 11:20 - 00106496 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
2012-07-10 10:08 - 2007-08-15 11:38 - 00147456 _____ () C:\Program Files\ATK Hotkey\WDC.exe
2007-03-06 17:03 - 2007-03-06 17:03 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2007-11-30 11:13 - 2007-11-30 11:13 - 00693248 _____ () C:\Program Files\VideoLAN\VLC\axvlc.dll
2007-11-30 11:13 - 2007-11-30 11:13 - 02753536 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\appspot.com -> hxxps://mighty-app.appspot.com
IE trusted site: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\mightytext.net -> hxxps://mightytext.net
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Auto Backup.lnk => C:\Windows\pss\PC Auto Backup.lnk.CommonStartup
MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
MSCONFIG\startupreg: ChkMail =>
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: PowerForPhone => "C:\Program Files\P4P\P4P.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched =>
MSCONFIG\startupreg: swg =>
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{5F4B7356-7000-4F30-B367-6E6C28831805}] => (Allow) LPort=80
FirewallRules: [{B4344368-D9B6-4734-A9ED-92974954205C}] => (Allow) LPort=80
FirewallRules: [{D7114B59-B34C-4E4C-880B-2586818FAAA8}] => (Allow) LPort=80
FirewallRules: [{F54AD44E-1EB9-483B-A29A-31BDDF81541B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D2C3947C-6B1C-4B05-8F21-395C9B23C144}] => (Allow) LPort=2869
FirewallRules: [{344A6418-9C7D-4C42-892F-B770EF251A12}] => (Allow) LPort=1900
FirewallRules: [{510BF0EB-E2A0-4A98-9AFE-69BE6C7364A4}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{35BB520B-E263-494E-B2C9-F8E9F3D76F7D}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5928740A-AA22-4704-956D-9549C38784CB}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D2BF6000-F9AF-49B6-8F1E-86D1ED1DDB9E}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{4404DC3F-C448-4760-B162-E6B314171D59}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{B4F9B8C0-AD07-4CD2-B4B2-740194E1F7BD}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{2BD58C6F-BB07-4D8A-B47B-44A87CF25731}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{0D9EF262-740C-45A4-99F2-3F83DA690FAC}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{301B3E72-25C8-4273-AD0D-8CDFEBCDDE10}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
FirewallRules: [{67E9805D-22D3-4243-81A9-283BDEE5C9D5}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [{5C5EE650-FF1C-4FFF-BF2E-39672F7C0ADC}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [{AB4F11B7-F6C5-4616-8468-5968BCA2A958}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [{16584549-36F8-46A5-B4D3-9A045BAFC80C}] => (Allow) C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
FirewallRules: [TCP Query User{1C7BE2EE-85D6-4B17-88EA-4E7A459313B5}C:\program files\samsung\pc auto backup\autobackup.exe] => (Allow) C:\program files\samsung\pc auto backup\autobackup.exe
FirewallRules: [UDP Query User{53DD9E6A-C5A5-424A-9A8C-5A89E23B5397}C:\program files\samsung\pc auto backup\autobackup.exe] => (Allow) C:\program files\samsung\pc auto backup\autobackup.exe
FirewallRules: [{4856D47F-1F50-462B-A20D-498059E076C5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{70AD601C-3580-4542-A954-E6B9E631DFF8}C:\users\petu\desktop\greylink0059\greylink.exe] => (Allow) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [UDP Query User{09761444-39C1-477A-AC8C-6841195B7A18}C:\users\petu\desktop\greylink0059\greylink.exe] => (Allow) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [TCP Query User{E532A77D-BF1A-4CAC-91D3-6234A6B2BB00}C:\users\petu\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\petu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D8C508FC-5FC8-4EDE-8873-79728B82B469}C:\users\petu\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\petu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{469BB46B-82E2-403B-9DFA-D228ADA812E7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{CB030C4E-9B1A-40E8-971D-E400599D7F97}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{F531F7ED-1D1C-4C5A-8059-21B26F8A146E}C:\users\petu\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petu\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{6200C702-ACBD-462D-9226-F7930F9F0DD9}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Block) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{757A2D35-F57B-474C-81C5-99FBF7334EBA}E:\easysetupassistant\wr741n\easysetupassistant.exe] => (Block) E:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [TCP Query User{54237E63-C77E-4FE7-92FF-7BB09148C502}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2A93379A-A786-48CF-BEE9-DA82B9D7E202}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{22960022-A762-49CA-89B6-77052DE4FF40}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{3FCDCD0C-7229-45B8-B81C-81525FD4A517}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{F734D8AB-C79F-410C-ADAA-7B4113DB99BF}C:\users\petu\desktop\greylink0059\greylink.exe] => (Block) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [UDP Query User{B11D9740-5023-4D46-A671-B7CD690C2460}C:\users\petu\desktop\greylink0059\greylink.exe] => (Block) C:\users\petu\desktop\greylink0059\greylink.exe
FirewallRules: [{00685082-9C44-4800-AF68-7887B7C8CE55}] => (Allow) LPort=49166
FirewallRules: [{9E8A2BE5-AB71-4CA1-ADB4-898EA65E52B2}] => (Allow) LPort=5000
FirewallRules: [{26326B3F-6124-4F3E-AF3F-505A876D3A33}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{EC2E50C6-D017-401D-865B-B4F4EB7AE3E9}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F9699A1F-3FAB-4124-9B8B-939EFF31798B}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{BD9C9124-6437-4B7F-8295-DDC427DCDB15}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{CC6160F9-A0CC-44EE-AF54-109400610FA0}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{6D90BDC0-C0AC-4660-BEFF-7F74DA3A6474}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/21/2015 09:21:50 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
Kontext: aplikace Windows
Podrobnosti:
Hodnotu registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)
Error: (10/21/2015 09:21:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt sběrače nebyl inicializován.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Hodnotu registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)
Error: (10/21/2015 09:21:14 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:13 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:13 PM) (Source: Windows Search Service) (EventID: 3038) (User: )
Description: Sběrač nepřečetl registr DocIdMapFile.
Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Systém nemůže nalézt uvedený soubor. (0x80070002)
Error: (10/21/2015 09:21:13 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:12 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:11 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (10/21/2015 09:21:11 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
System errors:
=============
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restartovat službu
Error: (10/21/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)
Error: (10/21/2015 09:21:40 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (10/21/2015 09:19:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restartovat službu
Error: (10/21/2015 09:19:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba přijímače aplikace Windows Media Center1100001Restartovat službu
Error: (10/21/2015 09:19:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant1100001Restartovat službu
Error: (10/21/2015 09:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba plánování aplikace Windows Media Center1100001Restartovat službu
Error: (10/21/2015 09:19:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player Network Sharing1300001Restartovat službu
CodeIntegrity:
===================================
Date: 2015-10-07 18:37:02.269
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-07 18:37:02.003
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-07 18:37:01.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-07 18:37:01.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:03.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:02.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:02.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-02 18:06:02.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-23 16:21:06.408
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-09-23 16:21:06.189
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
Percentage of memory in use: 69%
Total physical RAM: 3070.29 MB
Available physical RAM: 946.13 MB
Total Virtual: 6343.45 MB
Available Virtual: 3920.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:240.14 GB) (Free:13.27 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:225.62 GB) (Free:22.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: ED0B9B3D)
Partition 1: (Active) - (Size=240.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=225.6 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
**************************************************************************
**************************************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-10-2015
Ran by PETU (administrator) on PETU-PC (21-10-2015 21:45:01)
Running from C:\Users\PETU\Desktop\viry 2015
Loaded Profiles: PETU (Available Profiles: PETU)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung) C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe
() C:\Program Files\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Cognizance Corporation) C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Akamai Technologies, Inc.) C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_226_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ATKOSD2\ATKOSD2.exe [7737344 2007-10-17] ()
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1328424 2012-07-15] (Synaptics, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2015-01-28] (ESET)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-11] (Google Inc.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [FlashPlayerManager] => C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-03-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\PETU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk [2015-10-21]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-18] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{86DB81F6-1E62-498B-8539-50F8906D2A08}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
BHO: ASUS Security Protect Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21] (Bioscrypt Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-10] [not signed]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASBroker; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [74240 2007-02-06] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll [131584 2006-06-21] (Cognizance Corporation) [File not signed]
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-02] () [File not signed]
S3 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2015-01-28] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MbnExt; C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
S3 PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed]
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-18] (Microsoft Corporation)
R2 WiselinkPro; C:\Program Files\SAMSUNG\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-01] (Samsung) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-16] (AuthenTec, Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [12800 2012-07-10] (CSR, plc)
S3 BTMUSB; C:\Windows\System32\Drivers\btmusb.sys [402432 2015-03-27] (Motorola, Inc.)
R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI32.sys [439296 2015-04-03] (Conexant Systems Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51824 2015-03-10] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70016 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-04-23] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-03-18] (REALiX(tm))
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [49664 2007-06-20] (Windows (R) Codename Longhorn DDK provider)
R0 JGOGO; C:\Windows\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2015-04-03] (JMicron Technology Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [467968 2007-08-23] (DiBcom)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2015-04-03] (Intel Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdptsk.sys [46592 2015-08-24] (REDC) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.)
S3 RTL2832UBDA; system32\drivers\RTL2832UBDA.sys [X]
S3 RTL2832UUSB; System32\Drivers\RTL2832UUSB.sys [X]
S3 RTL2832U_IRHID; system32\DRIVERS\RTL2832U_IRHID.sys [X]
S3 SANDRA; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 21:43 - 2015-10-21 21:45 - 00000000 ____D C:\FRST
2015-10-21 20:53 - 2015-10-21 20:53 - 00000000 ____D C:\Users\PETU\AppData\Local\Skype
2015-10-21 14:49 - 2015-10-21 21:45 - 00000000 ____D C:\Users\PETU\Desktop\viry 2015
2015-10-21 14:48 - 2015-10-21 14:51 - 00000000 ____D C:\rsit
2015-10-21 11:59 - 2015-10-21 11:59 - 00000000 ____D C:\Program Files\Common Files\Java
2015-10-21 11:59 - 2015-10-21 11:57 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge2358064.dll
2015-10-21 11:58 - 2015-10-21 11:57 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge2290999.dll
2015-10-21 11:25 - 2015-10-21 11:25 - 00000000 ____D C:\Users\PETU\AppData\Local\{5B1D6F55-745D-480B-8B1C-5ED94202F351}
2015-10-19 22:42 - 2015-10-19 22:42 - 00000000 ____D C:\Users\PETU\AppData\Local\{77DFA5C2-622D-4C28-9BDE-383DADC572ED}
2015-10-19 10:40 - 2015-10-19 10:40 - 00000000 ____D C:\Users\PETU\AppData\Local\{0D079341-392A-40E1-A7FB-967E115902F0}
2015-10-18 16:51 - 2015-10-18 16:51 - 00000000 ____D C:\Users\PETU\AppData\Local\{0FC57C29-5A0B-495F-8D6C-5BD7A98A9E85}
2015-10-17 13:17 - 2015-10-17 13:17 - 00000000 ____D C:\Users\PETU\AppData\Local\{687331AA-9968-4AFE-9E38-CDD689F6A5CD}
2015-10-16 12:40 - 2015-10-16 12:40 - 00000000 ____D C:\Users\PETU\AppData\Local\{D52ABE6E-CEA3-4723-B1A5-7134F4B65A68}
2015-10-16 00:19 - 2015-10-16 00:19 - 00000000 ____D C:\Users\PETU\AppData\Local\{B367E696-1B0C-4B91-BFA0-BFB1BC1472AC}
2015-10-15 13:25 - 2015-07-18 15:14 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 13:25 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 13:23 - 2015-09-28 19:17 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-15 13:23 - 2015-09-26 18:09 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-15 13:23 - 2015-09-26 18:09 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-15 13:21 - 2015-07-29 02:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-15 12:40 - 2015-09-11 09:16 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-15 12:40 - 2015-09-11 09:15 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-15 12:40 - 2015-09-11 09:14 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-15 12:40 - 2015-09-11 09:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-15 12:40 - 2015-09-11 09:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-15 12:39 - 2015-09-11 09:22 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-15 12:39 - 2015-09-11 09:21 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-15 12:39 - 2015-09-11 09:19 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-15 12:39 - 2015-09-11 09:17 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-15 12:39 - 2015-09-11 09:16 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-15 12:39 - 2015-09-11 09:15 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-15 12:39 - 2015-09-11 09:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-15 12:39 - 2015-09-11 09:14 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-15 12:39 - 2015-09-11 09:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-15 12:39 - 2015-09-11 09:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-15 12:39 - 2015-09-11 09:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-15 12:17 - 2015-10-15 12:17 - 00000000 ____D C:\Users\PETU\AppData\Local\{25E49729-BBC6-4B69-85C0-CF969393F3DA}
2015-10-13 17:18 - 2015-10-13 17:19 - 00000000 ____D C:\Users\PETU\AppData\Local\{4A9B2BCD-76C9-42EF-81B4-975D486827E2}
2015-10-12 23:31 - 2015-10-12 23:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{08A95672-DF96-4BAF-9530-88699E3F52F2}
2015-10-12 11:30 - 2015-10-12 11:30 - 00000000 ____D C:\Users\PETU\AppData\Local\{3AD5B3F3-9F42-46B3-A520-85D502F654F0}
2015-10-12 01:37 - 2015-10-12 01:37 - 00000000 ____D C:\Users\PETU\AppData\Local\{CDF0CD7A-4B84-439A-9799-54641A1F52BB}
2015-10-11 13:37 - 2015-10-11 13:37 - 00000000 ____D C:\Users\PETU\AppData\Local\{2E50A777-DEC7-4871-94B9-EC345F1624BB}
2015-10-11 13:29 - 2015-10-11 13:29 - 00000000 ____D C:\Users\PETU\AppData\Local\{17046644-C65D-4FBB-9B0F-2A1E15FA3AD8}
2015-10-11 01:28 - 2015-10-11 01:28 - 00000000 ____D C:\Users\PETU\AppData\Local\{898AF429-A1C3-4618-B698-B37AAB4523BB}
2015-10-10 13:27 - 2015-10-10 13:27 - 00000000 ____D C:\Users\PETU\AppData\Local\{062725BF-9D8F-4A58-A30C-BE836579680B}
2015-10-09 14:20 - 2015-10-09 14:20 - 00000000 ____D C:\Users\PETU\AppData\Local\{64EC752D-F0E8-4C20-8C12-F611B10874AB}
2015-10-08 16:31 - 2015-10-08 16:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{DB6D503C-EABA-4500-9C1A-F7EE78719F79}
2015-10-07 18:33 - 2015-10-07 18:34 - 00144800 _____ C:\Windows\Minidump\Mini100715-01.dmp
2015-10-07 18:24 - 2015-10-07 18:24 - 00000000 ____D C:\Users\PETU\AppData\Local\{E7D421DC-88C2-4D4F-8ECA-60920CE3E6BD}
2015-10-06 14:11 - 2015-10-06 14:11 - 00000000 ____D C:\Users\PETU\AppData\Local\{A84435C2-B6EC-49CD-AAFE-C55667C7C40E}
2015-10-05 15:19 - 2015-10-05 15:19 - 00000000 ____D C:\Users\PETU\AppData\Local\{01B45671-C4F4-4BB2-90C1-A33F09644376}
2015-10-04 16:10 - 2015-10-04 16:10 - 00000000 ____D C:\Users\PETU\AppData\Local\{B784FF6F-D362-435D-BDE8-5C8C37BFBB38}
2015-10-03 15:47 - 2015-10-03 15:47 - 00000000 ____D C:\Users\PETU\AppData\Local\{DE9D1B36-B671-466C-AEB7-DE4297660CB9}
2015-10-02 18:04 - 2015-10-02 18:05 - 00144696 _____ C:\Windows\Minidump\Mini100215-01.dmp
2015-10-02 17:56 - 2015-10-02 17:57 - 00000000 ____D C:\Users\PETU\AppData\Local\{C855E2F3-3042-4F3F-A2A9-23D90E6DADE6}
2015-10-01 18:12 - 2015-10-01 18:12 - 00000000 ____D C:\Users\PETU\AppData\Local\{05F00A39-FA6C-4397-BC4E-76F880D08904}
2015-09-30 15:42 - 2015-09-30 15:42 - 00000000 ____D C:\Users\PETU\AppData\Local\{090BDB12-E3E0-4B3C-90E4-672ADC2AC25A}
2015-09-29 19:11 - 2015-09-29 19:11 - 00000000 ____D C:\Users\PETU\AppData\Local\{EE1D5F4E-3998-42F0-BE81-2A854B17B75A}
2015-09-28 13:52 - 2015-09-28 13:52 - 00000000 ____D C:\Users\PETU\AppData\Local\{96DA225B-6B2B-4C39-B0D7-A5ADDAE3CA1A}
2015-09-28 01:17 - 2015-09-28 01:18 - 00000000 ____D C:\Users\PETU\AppData\Local\{78CEBD67-0037-4469-8EEB-D710CF2BA815}
2015-09-27 13:16 - 2015-09-27 13:16 - 00000000 ____D C:\Users\PETU\AppData\Local\{6B4ADC9D-4BE3-41AE-A77A-0E0119ADF078}
2015-09-26 13:30 - 2015-09-26 13:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{5748834D-B6BF-4676-B4F0-8DEE3E125C38}
2015-09-25 19:43 - 2015-09-25 19:43 - 00000000 ____D C:\Users\PETU\AppData\Local\{2DAF3019-8AFF-430F-A000-73EF79EEC71C}
2015-09-24 15:17 - 2015-09-24 15:17 - 00000000 ____D C:\Users\PETU\AppData\Local\{517D5C2A-8126-4DB8-9072-B5E87B64B1BD}
2015-09-23 23:32 - 2015-09-23 23:32 - 00000000 ____D C:\Users\PETU\AppData\Local\{12D7C20A-CA33-4CF2-BDD7-5E5D69E8D92A}
2015-09-23 16:12 - 2015-10-07 18:33 - 432075344 _____ C:\Windows\MEMORY.DMP
2015-09-23 16:12 - 2015-09-23 16:12 - 00144584 _____ C:\Windows\Minidump\Mini092315-01.dmp
2015-09-23 11:31 - 2015-09-23 11:31 - 00000000 ____D C:\Users\PETU\AppData\Local\{F9E05EBA-6976-4A43-8AEA-114CA7B1A692}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 21:29 - 2006-11-02 14:52 - 01451095 _____ C:\Windows\WindowsUpdate.log
2015-10-21 21:23 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-21 21:22 - 2015-09-01 18:25 - 00022177 _____ C:\Windows\AutoKMS.log
2015-10-21 21:22 - 2015-05-14 14:21 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-10-21 21:22 - 2015-05-14 14:21 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-21 21:21 - 2015-05-14 14:21 - 00078848 _____ C:\Windows\KMSEmulator.exe
2015-10-21 21:21 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 21:21 - 2006-11-02 14:47 - 00005024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 21:21 - 2006-11-02 14:47 - 00005024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 21:20 - 2015-09-09 14:30 - 00007710 _____ C:\Windows\PFRO.log
2015-10-21 21:19 - 2014-02-08 18:39 - 00000000 ____D C:\AdwCleaner
2015-10-21 21:19 - 2012-07-09 23:12 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-10-21 21:19 - 2006-11-02 15:01 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 21:10 - 2015-05-09 15:36 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-21 20:57 - 2013-02-09 12:12 - 00000000 ___RD C:\Program Files\Skype
2015-10-21 20:57 - 2013-02-09 12:12 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 20:55 - 2013-02-09 12:12 - 00000000 ____D C:\Users\PETU\AppData\Roaming\Skype
2015-10-21 20:50 - 2014-02-19 12:39 - 00000000 ____D C:\Users\PETU\AppData\Local\CrashDumps
2015-10-21 20:48 - 2015-03-18 14:14 - 00000000 ____D C:\Program Files\IObit
2015-10-21 17:33 - 2012-07-11 14:45 - 00186368 _____ C:\Users\PETU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-21 17:21 - 2012-09-03 20:37 - 00000000 ____D C:\Users\PETU\Desktop\EVOLVE
2015-10-21 17:14 - 2012-07-10 00:20 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-10-21 16:20 - 2012-07-09 23:17 - 00000000 ____D C:\Users\PETU
2015-10-21 16:06 - 2012-07-15 23:24 - 00000000 ____D C:\Program Files\Realtek
2015-10-21 15:44 - 2012-09-21 16:23 - 00000000 ____D C:\Users\PETU\Desktop\INZERATY
2015-10-21 15:36 - 2013-03-13 19:02 - 00000000 ____D C:\Users\PETU\Desktop\----- Návody -----
2015-10-21 14:50 - 2014-02-08 12:06 - 00000000 ____D C:\Program Files\Trend Micro
2015-10-21 12:00 - 2015-06-23 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 12:00 - 2012-07-13 20:21 - 00000000 ____D C:\Program Files\Java
2015-10-21 11:59 - 2015-08-24 14:29 - 00000000 ____D C:\Users\PETU\.oracle_jre_usage
2015-10-21 11:57 - 2015-06-23 14:57 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-10-18 16:46 - 2015-03-18 14:15 - 00000000 ____D C:\ProgramData\ProductData
2015-10-17 16:10 - 2015-05-09 15:36 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-17 16:10 - 2015-05-09 15:36 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-16 16:46 - 2012-07-10 11:00 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-10-15 14:05 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-10-15 13:43 - 2014-03-23 19:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 13:37 - 2013-08-15 03:12 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 13:28 - 2006-11-02 12:24 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-10-15 13:28 - 2006-11-02 12:23 - 00000219 _____ C:\Windows\win.ini
2015-10-15 13:07 - 2012-07-14 21:11 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-10-13 20:08 - 2012-12-27 16:50 - 00000000 ____D C:\kopie foto Jirka
2015-10-07 18:33 - 2013-03-20 00:00 - 00000000 ____D C:\Windows\Minidump
2015-09-25 21:11 - 2013-06-17 15:35 - 00000000 ____D C:\Users\PETU\Desktop\greylink0059
2015-09-25 19:46 - 2012-07-26 10:46 - 00000000 ____D C:\Users\PETU\AppData\Roaming\HpUpdate
2015-09-23 11:31 - 2012-07-13 21:12 - 00000000 ____D C:\Users\PETU\AppData\Local\Akamai
==================== Files in the root of some directories =======
2014-04-30 04:03 - 2014-04-30 04:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2008-05-22 09:35 - 2008-05-22 09:35 - 0051962 _____ () C:\Program Files\Common Files\banner.jpg
2008-08-08 14:48 - 2008-08-08 14:48 - 0090112 _____ () C:\Program Files\Common Files\CPInstallAction.dll
2012-07-15 23:12 - 2012-07-15 23:12 - 0031028 _____ () C:\Users\PETU\AppData\Roaming\UserTile.png
2014-08-11 19:06 - 2014-08-11 19:08 - 0001057 _____ () C:\Users\PETU\AppData\Roaming\vso_ts_preview.xml
2012-07-22 16:08 - 2012-07-22 16:08 - 0000552 _____ () C:\Users\PETU\AppData\Local\d3d8caps.dat
2014-03-22 14:47 - 2015-08-03 11:33 - 0001356 _____ () C:\Users\PETU\AppData\Local\d3d9caps.dat
2012-07-11 14:45 - 2015-10-21 17:33 - 0186368 _____ () C:\Users\PETU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-23 21:35 - 2013-10-23 21:35 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.1.02.agreement
2013-10-24 02:10 - 2013-10-24 09:31 - 0000021 _____ () C:\Users\PETU\AppData\Local\RawCopy.opendialog.dir
2013-10-24 02:10 - 2013-10-24 09:31 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.opendialog.filterindex
2013-10-23 21:38 - 2013-10-24 09:33 - 0000003 _____ () C:\Users\PETU\AppData\Local\RawCopy.savedialog.dir
2013-10-23 21:38 - 2013-10-24 09:33 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.savedialog.filterindex
2013-10-24 02:10 - 2013-10-24 09:31 - 0000028 _____ () C:\Users\PETU\AppData\Local\RawCopy.sourcedisk.filepath
2013-10-23 21:37 - 2014-02-05 17:33 - 0000001 _____ () C:\Users\PETU\AppData\Local\RawCopy.sourcedisk.index
2015-09-18 11:56 - 2015-09-18 11:56 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-03 12:32 - 2015-04-03 12:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-09-04 20:13 - 2012-09-07 11:43 - 0003999 _____ () C:\ProgramData\LmeUSB.log
2012-09-06 19:56 - 2012-09-07 11:43 - 0003350 _____ () C:\ProgramData\LmeZJSW.log
2012-09-04 20:13 - 2012-09-07 11:43 - 0003998 _____ () C:\ProgramData\LSDmbTH.log
2014-06-25 13:59 - 2014-06-25 13:59 - 0004104 _____ () C:\ProgramData\ojobkspa.ako
2012-09-04 20:13 - 2012-09-07 11:43 - 0004076 _____ () C:\ProgramData\PipShareTuner.log
2014-05-27 12:42 - 2014-05-27 12:42 - 0001534 _____ () C:\ProgramData\ss.ini
Some files in TEMP:
====================
C:\Users\PETU\AppData\Local\temp\jre-8u65-windows-au.exe
C:\Users\PETU\AppData\Local\temp\sqlite3.dll
C:\Users\PETU\AppData\Local\temp\Uninstall.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-21 21:27
==================== End of FRST.txt ============================
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Slozku C:\WINDOWS\Minidump zkopirujte na plochu a nasledne tuto slozku zabalte do raru/zipu a upnete ji na leteckaposta.cz - link ke stazeni dejte do pristiho postu (pripadne muzete archiv k pristimu prispevku pridat jako prilohu).- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte C:\Users\PETU\Desktop\viry 2015 jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude C:\Users\PETU\Desktop\viry 2015 ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: File: C:\ProgramData\ojobkspa.ako File: C:\Windows\system32\acovcnt.exe CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}\InprocServer32 -> {3C305196-2014-0001-0025-00C04FD930C5} => No File CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath Task: {262F9590-6D62-4C7B-9590-9570F5503B39} - System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => pcalua.exe -a "C:\Users\PETU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS7ERK26\install_frame.exe" -d C:\Users\PETU\Desktop Task: {3083F54B-60FA-4589-A257-D63A673A39B7} - System32\Tasks\Uninstaller_SkipUac_PETU => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-05-14] () Task: {9DCEFC59-F722-429D-8074-339EE79CD9A5} - System32\Tasks\Driver Booster SkipUAC (PETU) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe Task: {F6930ADC-784E-430F-B0C7-AC1AE33C865B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-05-14] () Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [FlashPlayerManager] => C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft) C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 2015-10-21 21:22 - 2015-09-01 18:25 - 00022177 _____ C:\Windows\AutoKMS.log 2015-10-21 21:22 - 2015-05-14 14:21 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job 2015-10-21 21:22 - 2015-05-14 14:21 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job 2015-10-21 21:21 - 2015-05-14 14:21 - 00078848 _____ C:\Windows\KMSEmulator.exe Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Fix result of Farbar Recovery Scan Tool (x86) Version:21-10-2015
Ran by PETU (2015-10-21 22:14:12) Run:1
Running from C:\Users\PETU\Desktop\viry 2015
Loaded Profiles: PETU (Available Profiles: PETU)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\ojobkspa.ako
File: C:\Windows\system32\acovcnt.exe
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}\InprocServer32 -> {3C305196-2014-0001-0025-00C04FD930C5} => No File
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
Task: {262F9590-6D62-4C7B-9590-9570F5503B39} - System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => pcalua.exe -a "C:\Users\PETU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS7ERK26\install_frame.exe" -d C:\Users\PETU\Desktop
Task: {3083F54B-60FA-4589-A257-D63A673A39B7} - System32\Tasks\Uninstaller_SkipUac_PETU => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: {9DCEFC59-F722-429D-8074-339EE79CD9A5} - System32\Tasks\Driver Booster SkipUAC (PETU) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {F6930ADC-784E-430F-B0C7-AC1AE33C865B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [FlashPlayerManager] => C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-10-21 21:22 - 2015-09-01 18:25 - 00022177 _____ C:\Windows\AutoKMS.log
2015-10-21 21:22 - 2015-05-14 14:21 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-10-21 21:22 - 2015-05-14 14:21 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-21 21:21 - 2015-05-14 14:21 - 00078848 _____ C:\Windows\KMSEmulator.exe
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\ProgramData\ojobkspa.ako ========================
File not signed
MD5: 8E1234E2FC6A3C3CE3A0DBCC4A216677
Creation and modification date: 2014-06-25 - 2014-06-25
Size: 0004104
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\system32\acovcnt.exe ========================
File not signed
MD5: 6BCAF46E2B7FA9ACE92B4D39F3037C5C
Creation and modification date: 2012-07-10 - 2015-10-16
Size: 0045056
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{262F9590-6D62-4C7B-9590-9570F5503B39}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{262F9590-6D62-4C7B-9590-9570F5503B39}" => key removed successfully.
C:\Windows\System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{781CE32B-642D-4462-8D91-781D98A712FD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3083F54B-60FA-4589-A257-D63A673A39B7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3083F54B-60FA-4589-A257-D63A673A39B7}" => key removed successfully.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_PETU => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_PETU" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D}" => key removed successfully.
C:\Windows\System32\Tasks\AutoKMSDaily => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DCEFC59-F722-429D-8074-339EE79CD9A5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DCEFC59-F722-429D-8074-339EE79CD9A5}" => key removed successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (PETU) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (PETU)" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F6930ADC-784E-430F-B0C7-AC1AE33C865B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6930ADC-784E-430F-B0C7-AC1AE33C865B}" => key removed successfully.
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully.
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Windows\Tasks\AutoKMSDaily.job => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully.
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FlashPlayerManager => value removed successfully.
C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
C:\Windows\AutoKMS.log => moved successfully
"C:\Windows\Tasks\AutoKMSDaily.job" => not found.
"C:\Windows\Tasks\AutoKMS.job" => not found.
C:\Windows\KMSEmulator.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
Ran by PETU (2015-10-21 22:14:12) Run:1
Running from C:\Users\PETU\Desktop\viry 2015
Loaded Profiles: PETU (Available Profiles: PETU)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\ojobkspa.ako
File: C:\Windows\system32\acovcnt.exe
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}\InprocServer32 -> {3C305196-2014-0001-0025-00C04FD930C5} => No File
CustomCLSID: HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
Task: {262F9590-6D62-4C7B-9590-9570F5503B39} - System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => pcalua.exe -a "C:\Users\PETU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GS7ERK26\install_frame.exe" -d C:\Users\PETU\Desktop
Task: {3083F54B-60FA-4589-A257-D63A673A39B7} - System32\Tasks\Uninstaller_SkipUac_PETU => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: {9DCEFC59-F722-429D-8074-339EE79CD9A5} - System32\Tasks\Driver Booster SkipUAC (PETU) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {F6930ADC-784E-430F-B0C7-AC1AE33C865B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-05-14] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PETU\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\...\Run: [FlashPlayerManager] => C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-10-21 21:22 - 2015-09-01 18:25 - 00022177 _____ C:\Windows\AutoKMS.log
2015-10-21 21:22 - 2015-05-14 14:21 - 00000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2015-10-21 21:22 - 2015-05-14 14:21 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2015-10-21 21:21 - 2015-05-14 14:21 - 00078848 _____ C:\Windows\KMSEmulator.exe
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\ProgramData\ojobkspa.ako ========================
File not signed
MD5: 8E1234E2FC6A3C3CE3A0DBCC4A216677
Creation and modification date: 2014-06-25 - 2014-06-25
Size: 0004104
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\system32\acovcnt.exe ========================
File not signed
MD5: 6BCAF46E2B7FA9ACE92B4D39F3037C5C
Creation and modification date: 2012-07-10 - 2015-10-16
Size: 0045056
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{ACA9FC48-5590-4aa0-B062-806F549CBCFD}" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{262F9590-6D62-4C7B-9590-9570F5503B39}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{262F9590-6D62-4C7B-9590-9570F5503B39}" => key removed successfully.
C:\Windows\System32\Tasks\{781CE32B-642D-4462-8D91-781D98A712FD} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{781CE32B-642D-4462-8D91-781D98A712FD}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3083F54B-60FA-4589-A257-D63A673A39B7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3083F54B-60FA-4589-A257-D63A673A39B7}" => key removed successfully.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_PETU => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_PETU" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987FCB3C-B0C5-47A6-A39C-BFE6740A8C8D}" => key removed successfully.
C:\Windows\System32\Tasks\AutoKMSDaily => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DCEFC59-F722-429D-8074-339EE79CD9A5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DCEFC59-F722-429D-8074-339EE79CD9A5}" => key removed successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (PETU) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (PETU)" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F6930ADC-784E-430F-B0C7-AC1AE33C865B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6930ADC-784E-430F-B0C7-AC1AE33C865B}" => key removed successfully.
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully.
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Windows\Tasks\AutoKMSDaily.job => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully.
HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FlashPlayerManager => value removed successfully.
C:\Users\PETU\AppData\Roaming\Adobe\nircmd.exe => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3876519533-4130423334-4203767644-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
C:\Windows\AutoKMS.log => moved successfully
"C:\Windows\Tasks\AutoKMSDaily.job" => not found.
"C:\Windows\Tasks\AutoKMS.job" => not found.
C:\Windows\KMSEmulator.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
- Přílohy
-
- Minidump.zip
- (62.43 KiB) Staženo 96 x
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Otestujte na virustotal.com C:\ProgramData\ojobkspa.ako - pokud uz byl soubor otestovany, zvolte Reanalyse. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Za vsechny 3 BSOD (modre smrti), ktere jste v prubehu tohoto mesice mel, muze ovladac itecir.sys
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Dekuji a jak prosim vyresim ten ovladac?
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Odinstalujte/preinstalujte ITECIR Driver (najdete jej mezi nainstalovanymi programy).
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
asi jsem hlupak, ale mezi programy jsem nic takoveho nenasel
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
je to adresar ve slozce windows, ale nevim jak ovladac odinstalovat ani k cemu patri
Re: Šíííleně pomalý pc, prosím o pomoc. Děkuji.
Dle logu by tam mel byt.
Stisknete Win + R (Win je klavesa mezi levym Ctrl a levym altem)
vepiste appwiz.cpl
odentrujte a zde by mel byt program ITECIR Driver
Stisknete Win + R (Win je klavesa mezi levym Ctrl a levym altem)
vepiste appwiz.cpl
odentrujte a zde by mel byt program ITECIR Driver
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?