PC-HELP.CZ

Zdravím,

Začal jsem si všímat, že můj počítač se zpomalil. Největší změny jsou asi u hraní her, kdy u těch her, které hrávám plynule (Counter Strike - Global Offensive, World of Tanks, atd.) klesly fps a hry už se nedají hrát. A po dnešku už pohár přetekl. Koupil jsem si FarCry 3 a ikdyž mám vše na nejnižším možném nastavení, tak se hra nedá ani hrát. Celkem mě to štve, protože už jsem se těšil jak si zahraju, ale ono nic. Sem tam se i stávají nějaké drobné chyby, kdy třeba, když z nějaké hry vyskočím na plochu tak se to sekne, a dokonce, asi před 14ti dny mi během jednoho týdne asi 3x naskočila modrá smrt, s tím že asi za 10 sekund načítání se restartoval v pc a vše bylo v pohodě. Používám Comodo antivirus a sem tam to pročistím CCleanerem. Videa na internetu ani internet celkově se nijak nezhoršily, používám Google Chrome.

Má sestava (pro případ, že by ty FPS byly hardwarem)

Win 7 ultimate
AMD Athlon II X4 645
4 GB RAM
Nvidia GeForce 460 GTX SE

Posílám tedy log z HiJackThis.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:47, on 20.6.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Programy\Steam\Steam.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\Downloads\HiJackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Memory Cleaner] C:\Users\Jarda\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe boot
O4 - HKCU\..\Run: [cfweatherStation] C:\Weather\Weather.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "D:\Programy\Steam\steam.exe" -silent
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {45d8438c-b51d-47a8-aeea-9061535f25f1} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PCDApp\StartHelp.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6891 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

# AdwCleaner v3.013 - Report created 30/11/2013 at 20:58:07
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Jarda\Uninstall.exe
File Found : C:\Windows\System32\Tasks\Funmoods
File Found : C:\Windows\System32\Tasks\GoforFilesUpdate
Folder Found C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found C:\Program Files (x86)\Red Sky
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Jarda\AppData\Local\DownloadGuide
Folder Found C:\Users\Jarda\AppData\Local\DownTango
Folder Found C:\Users\Jarda\AppData\LocalLow\DownTangoLauncherToolbar
Folder Found C:\Users\Jarda\AppData\LocalLow\SimplyTech
Folder Found C:\Users\Jarda\AppData\Roaming\Babylon
Folder Found C:\Users\Jarda\AppData\Roaming\DownTangoLauncherToolbar
Folder Found C:\Users\Jarda\AppData\Roaming\Funmoods
Folder Found C:\Users\Jarda\AppData\Roaming\goforfiles
Folder Found C:\Users\Jarda\AppData\Roaming\OpenCandy
Folder Found C:\Users\Jarda\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\simplytech
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\ProtectedSearch
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\ProtectedSearch
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\530df88e56eeb43
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DownTangoFTToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\DownTangoFTToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B52D0735-EC19-448A-ABDE-E01B5BD275D2}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.babylon.com/?affID=119816 ... DAE9ECACAF
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www.delta-search.com/?affID=1198 ... DAE9ECACAF
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs] - hxxp://www.delta-search.com/?affID=1198 ... DAE9ECACAF
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si= ... e&tid=2937
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si= ... bs=true&q=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si= ... id=2937&q=%s
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si= ... id=2937&q=%s
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchfunmoods.com/?f=1&a=vsl&ir ... =133319117

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [13573 octets] - [30/11/2013 20:58:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13634 octets] ##########
# AdwCleaner v3.212 - Report created 20/06/2014 at 22:16:08
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\System32\Tasks\SMupdate1
File Found : C:\Windows\Tasks\AmiUpdXp.job
Folder Found : C:\Program Files (x86)\ShopperPro
Folder Found : C:\Program Files (x86)\SpeedItup Free
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\Users\Jarda\AppData\Roaming\DriverCure
Folder Found : C:\Users\Jarda\AppData\Roaming\ParetoLogic

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\GOffers
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\GOffers
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\Software\ParetoLogic
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [16343 octets] - [30/11/2013 21:58:07]
AdwCleaner[R1].txt - [945 octets] - [30/11/2013 22:02:25]
AdwCleaner[R2].txt - [1004 octets] - [30/11/2013 22:08:14]
AdwCleaner[S0].txt - [11677 octets] - [30/11/2013 21:59:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16584 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20.6.2014
Scan Time: 22:21:18
Logfile: mbm.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.20.12
Rootkit Database: v2014.06.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Jarda

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303614
Time Elapsed: 9 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
Riskware.BitcoinMiner, C:\Windows\temp\dgen.exe, 2064, , [f2ca6911f98289ad02cb98adac55c23e]

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [3488205a5526360009f03e910ff3df21],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [e2da3a40b6c51a1c1da0c6fdd52dc63a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [9c209bdf80fb1b1b7873fcf639ca15eb],

Registry Values: 2
PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, , [407c95e5fe7daf87d16e743140c2a759]
PUP.Optional.SearchCertified.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Search Bar, http://search.certified-toolbar.com?si= ... bs=true&q=, , [7547304a4b304de9acc02086af53ca36]

Registry Data: 10
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... id=2937&q=%s),,[ad0f24564a31cb6be2fcfa86f1130af6]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Default_Page_URL, http://search.certified-toolbar.com?si= ... e&tid=2937, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... e&tid=2937),,[bb011d5db9c23ff7393d4c2927dd9b65]
Hijack.SearchPage, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),,[3c80ee8c126990a6497d5c228282c937]
Hijack.SearchPage, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),,[a418dd9dfe7d82b48344fa84669e20e0]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Start Page, http://search.certified-toolbar.com?si= ... e&tid=2937, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... e&tid=2937),,[bffd32486f0c181e2455a8cd90744fb1]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Start Default_Page_URL, http://search.certified-toolbar.com?si= ... e&tid=2937, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... e&tid=2937),,[b10b0773cead88ae55233045de2646ba]
Hijack.SearchPage, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (http://www.google.com/), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),,[f9c3db9f7a0146f07a536f0f42c2728e]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Search Page, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),,[2a920773601b270ffc7b95e0c341629e]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... id=2937&q=%s),,[625a4337c2b967cf5688057b42c2ce32]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Good: (http://www.google.com/), Bad: (http://search.certified-toolbar.com?si= ... id=2937&q=%s),,[8c3092e884f740f66679245cd331857b]

Folders: 0
(No malicious items detected)

Files: 3
Riskware.BitcoinMiner, C:\Windows\temp\dgen.exe, , [f2ca6911f98289ad02cb98adac55c23e],
Trojan.Agent, C:\Users\Jarda\WinRAR.exe, , [12aa56247902eb4bf66a9b25f90949b7],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, , [902c90ea2655eb4b0bedb916eb17e818],

Physical Sectors: 0
(No malicious items detected)

(end)

- Znovu spusť MbAM a dej Skenovat nyní
- Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
- Zkopíruj sem celý obsah toho logu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21.6.2014
Scan Time: 16:47:33
Logfile: mbm2.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.20.12
Rootkit Database: v2014.06.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Jarda

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303967
Time Elapsed: 11 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
Riskware.BitcoinMiner, C:\Windows\temp\dgen.exe, 2300, Delete-on-Reboot, [873524561a612b0bece11f266c953cc4]

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, Quarantined, [b80407736219ab8b03f6f9d68b77eb15],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [12aad7a3295223132b929f240ef49967],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [ad0ff08a84f71e18f1fae11121e28c74],

Registry Values: 2
PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Quarantined, [f5c7f3877407cb6ba59a7a2b52b0659b]
PUP.Optional.SearchCertified.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Search Bar, http://search.certified-toolbar.com?si= ... bs=true&q=, Quarantined, [6953126844375fd70567abfb09f907f9]

Registry Data: 10
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... id=2937&q=%s),Replaced,[a11b661493e80630f0eec2bea460a45c]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Default_Page_URL, http://search.certified-toolbar.com?si= ... e&tid=2937, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... e&tid=2937),Replaced,[39831c5e4b30092d32445124937153ad]
Hijack.SearchPage, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),Replaced,[f5c786f44e2d75c14c7abec02ed67b85]
Hijack.SearchPage, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),Replaced,[e5d72456a9d23ff75572e19d8a7a7d83]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Start Page, http://search.certified-toolbar.com?si= ... e&tid=2937, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... e&tid=2937),Replaced,[a71580fa93e88caa681162135ba9b848]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Start Default_Page_URL, http://search.certified-toolbar.com?si= ... e&tid=2937, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... e&tid=2937),Replaced,[b705c9b11b600630fd7bcbaac4405ba5]
Hijack.SearchPage, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (http://www.google.com/), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),Replaced,[4c702d4d43380135309d90eea262f50b]
PUP.Optional.CertifiedToolBar.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Search Page, http://search.certified-toolbar.com?si= ... bs=true&q=, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si= ... bs=true&q=),Replaced,[48747406f586e353b1c64a2bda2a758b]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Good: (http://www.google.com), Bad: (http://search.certified-toolbar.com?si= ... id=2937&q=%s),Replaced,[10ac91e9a2d9a78fdfffa5db28dc9868]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2762950816-2394036133-1239084802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|(Default), http://search.certified-toolbar.com?si= ... id=2937&q=%s, Good: (http://www.google.com/), Bad: (http://search.certified-toolbar.com?si= ... id=2937&q=%s),Replaced,[4b717bffb6c5a195eaf5037d40c48a76]

Folders: 0
(No malicious items detected)

Files: 3
Riskware.BitcoinMiner, C:\Windows\temp\dgen.exe, Quarantined, [873524561a612b0bece11f266c953cc4],
Trojan.Agent, C:\Users\Jarda\WinRAR.exe, Quarantined, [239946348cef71c5441cccf4bc46f010],
PUP.Software.Updater, C:\Windows\Tasks\AmiUpdXp.job, Quarantined, [b00c2159f784ad8910e84a8542c040c0],

Physical Sectors: 0
(No malicious items detected)

(end)

# AdwCleaner v3.013 - Report created 30/11/2013 at 20:59:30
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\apn
[!] Folder Deleted : C:\ProgramData\Ask
[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\Tarma Installer
[!] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[!] Folder Deleted : C:\Program Files (x86)\Red Sky
[!] Folder Deleted : C:\Users\Jarda\AppData\Local\DownloadGuide
[!] Folder Deleted : C:\Users\Jarda\AppData\Local\DownTango
[!] Folder Deleted : C:\Users\Jarda\AppData\LocalLow\DownTangoLauncherToolbar
[!] Folder Deleted : C:\Users\Jarda\AppData\LocalLow\SimplyTech
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\Babylon
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\DownTangoLauncherToolbar
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\Funmoods
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\goforfiles
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\OpenCandy
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\Systweak
File Deleted : C:\END
File Deleted : C:\Users\Jarda\Uninstall.exe
File Deleted : C:\Windows\System32\Tasks\Funmoods
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DownTangoFTToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DownTangoFTToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\530df88e56eeb43
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B52D0735-EC19-448A-ABDE-E01B5BD275D2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [13855 octets] - [30/11/2013 20:58:07]
AdwCleaner[S0].txt - [11439 octets] - [30/11/2013 20:59:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11500 octets] ##########
# AdwCleaner v3.212 - Report created 21/06/2014 at 17:04:04
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\Ostatní\Cleanery\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\ParetoLogic
[!] Folder Deleted : C:\Program Files (x86)\ShopperPro
[!] Folder Deleted : C:\Program Files (x86)\SpeedItup Free
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\DriverCure
[!] Folder Deleted : C:\Users\Jarda\AppData\Roaming\ParetoLogic
File Deleted : C:\Windows\System32\Tasks\SMupdate1

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\GOffers
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [16681 octets] - [30/11/2013 21:58:07]
AdwCleaner[R1].txt - [3528 octets] - [30/11/2013 22:02:25]
AdwCleaner[R2].txt - [1004 octets] - [30/11/2013 22:08:14]
AdwCleaner[S0].txt - [14058 octets] - [30/11/2013 21:59:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14119 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Jarda on so 21.06.2014 at 17:07:52,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ytdownloader

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 21.06.2014 at 18:13:39,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V9.0.3.0 (x64) [Jun 17 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Kontrola -- Datum : 06/21/2014 18:20:17

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[Suspicious.Path] explorer.exe -- C:\Users\Jarda\rarext.dll[-] -> ODEBRÁNO

¤¤¤ ¤¤¤ Záznamy Registrů: : 16 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Run | Memory Cleaner : C:\Users\Jarda\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe boot -> NALEZENO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Run | Memory Cleaner : C:\Users\Jarda\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe boot -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 4 ¤¤¤
[Suspicious.Path] \\{5343AE09-020D-4336-807C-FC081ED3E864} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Jarda\AppData\Local\22420\a17975.exe -c /uninstall) -> NALEZENO
[Suspicious.Path] \\{A80AE4D9-A540-4738-85B9-2B0D4C8BF28F} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Jarda\Desktop\setup.exe -d C:\Users\Jarda\Desktop) -> NALEZENO
[Suspicious.Path] \\{B8E18A2A-076F-4E0A-A953-286CF73C9AE8} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Jarda\Downloads\FR JA v3.0 Setup (1).exe" -d C:\Users\Jarda\Downloads) -> NALEZENO
[Suspicious.Path] \\{FF431901-E461-48DE-9E9F-C1600A59F7FE} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Jarda\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe" -c /initurl http://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller") -> NALEZENO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST31000524AS ATA Device +++++
--- User ---
[MBR] 2146519bf02d924e3b6d78f69b33ba2c
[BSP] ed68c14f655888e954045d6c90e7a67f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 200000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409602048 | Size: 753866 MB
User = LL1 ... OK
User = LL2 ... OK

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

RogueKiller V9.0.3.0 (x64) [Jun 17 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Odebrat -- Datum : 06/22/2014 15:01:44

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 16 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Run | Memory Cleaner : C:\Users\Jarda\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe boot [x] -> VYMAZÁNO
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Run | Memory Cleaner : C:\Users\Jarda\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe boot -> ERROR [2]
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0 -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2762950816-2394036133-1239084802-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 4 ¤¤¤
[Suspicious.Path] \\{5343AE09-020D-4336-807C-FC081ED3E864} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Jarda\AppData\Local\22420\a17975.exe -c /uninstall) -> VYMAZÁNO
[Suspicious.Path] \\{A80AE4D9-A540-4738-85B9-2B0D4C8BF28F} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Jarda\Desktop\setup.exe -d C:\Users\Jarda\Desktop) -> VYMAZÁNO
[Suspicious.Path] \\{B8E18A2A-076F-4E0A-A953-286CF73C9AE8} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Jarda\Downloads\FR JA v3.0 Setup (1).exe" -d C:\Users\Jarda\Downloads) -> VYMAZÁNO
[Suspicious.Path] \\{FF431901-E461-48DE-9E9F-C1600A59F7FE} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Jarda\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe" -c /initurl http://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller") -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> VYMAZÁNO

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> VYMAZÁNO

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST31000524AS ATA Device +++++
--- User ---
[MBR] 2146519bf02d924e3b6d78f69b33ba2c
[BSP] ed68c14f655888e954045d6c90e7a67f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 200000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409602048 | Size: 753866 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_06212014_182017.log - RKreport_SCN_06222014_150022.log

15:05:14.0807 0x0830 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
15:05:17.0957 0x0830 ============================================================
15:05:17.0957 0x0830 Current date / time: 2014/06/22 15:05:17.0957
15:05:17.0957 0x0830 SystemInfo:
15:05:17.0957 0x0830
15:05:17.0957 0x0830 OS Version: 6.1.7600 ServicePack: 0.0
15:05:17.0957 0x0830 Product type: Workstation
15:05:17.0958 0x0830 ComputerName: JARDA-PC
15:05:17.0958 0x0830 UserName: Jarda
15:05:17.0958 0x0830 Windows directory: C:\Windows
15:05:17.0958 0x0830 System windows directory: C:\Windows
15:05:17.0958 0x0830 Running under WOW64
15:05:17.0958 0x0830 Processor architecture: Intel x64
15:05:17.0958 0x0830 Number of processors: 4
15:05:17.0958 0x0830 Page size: 0x1000
15:05:17.0958 0x0830 Boot type: Normal boot
15:05:17.0958 0x0830 ============================================================
15:05:19.0497 0x0830 KLMD registered as C:\Windows\system32\drivers\28625508.sys
15:05:19.0971 0x0830 System UUID: {F6B6B649-520C-FA11-6F2C-3CE27B97E264}
15:05:20.0995 0x0830 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:05:20.0998 0x0830 ============================================================
15:05:20.0998 0x0830 \Device\Harddisk0\DR0:
15:05:21.0011 0x0830 MBR partitions:
15:05:21.0011 0x0830 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x186A0000
15:05:21.0011 0x0830 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x5C065000
15:05:21.0011 0x0830 ============================================================
15:05:21.0027 0x0830 C: <-> \Device\Harddisk0\DR0\Partition1
15:05:21.0069 0x0830 D: <-> \Device\Harddisk0\DR0\Partition2
15:05:21.0069 0x0830 ============================================================
15:05:21.0069 0x0830 Initialize success
15:05:21.0069 0x0830 ============================================================
15:05:30.0894 0x0aa4 ============================================================
15:05:30.0894 0x0aa4 Scan started
15:05:30.0894 0x0aa4 Mode: Manual;
15:05:30.0894 0x0aa4 ============================================================
15:05:30.0894 0x0aa4 KSN ping started
15:05:54.0716 0x0aa4 KSN ping finished: false
15:05:55.0464 0x0aa4 ================ Scan system memory ========================
15:05:55.0464 0x0aa4 System memory - ok
15:05:55.0464 0x0aa4 ================ Scan services =============================
15:05:55.0558 0x0aa4 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:05:55.0558 0x0aa4 1394ohci - ok
15:05:55.0589 0x0aa4 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:05:55.0605 0x0aa4 ACPI - ok
15:05:55.0620 0x0aa4 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:05:55.0620 0x0aa4 AcpiPmi - ok
15:05:55.0636 0x0aa4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:05:55.0652 0x0aa4 adp94xx - ok
15:05:55.0667 0x0aa4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:05:55.0683 0x0aa4 adpahci - ok
15:05:55.0698 0x0aa4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:05:55.0698 0x0aa4 adpu320 - ok
15:05:55.0714 0x0aa4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:05:55.0730 0x0aa4 AeLookupSvc - ok
15:05:55.0761 0x0aa4 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
15:05:55.0761 0x0aa4 AFD - ok
15:05:55.0776 0x0aa4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:05:55.0776 0x0aa4 agp440 - ok
15:05:55.0792 0x0aa4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:05:55.0792 0x0aa4 ALG - ok
15:05:55.0808 0x0aa4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:05:55.0808 0x0aa4 aliide - ok
15:05:55.0823 0x0aa4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:05:55.0823 0x0aa4 amdide - ok
15:05:55.0823 0x0aa4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:05:55.0823 0x0aa4 AmdK8 - ok
15:05:55.0839 0x0aa4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:05:55.0854 0x0aa4 AmdPPM - ok
15:05:55.0854 0x0aa4 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:05:55.0854 0x0aa4 amdsata - ok
15:05:55.0870 0x0aa4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:05:55.0870 0x0aa4 amdsbs - ok
15:05:55.0886 0x0aa4 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:05:55.0886 0x0aa4 amdxata - ok
15:05:55.0917 0x0aa4 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
15:05:55.0917 0x0aa4 AppID - ok
15:05:55.0932 0x0aa4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:05:55.0932 0x0aa4 AppIDSvc - ok
15:05:55.0948 0x0aa4 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
15:05:55.0948 0x0aa4 Appinfo - ok
15:05:55.0979 0x0aa4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:05:55.0979 0x0aa4 AppMgmt - ok
15:05:55.0995 0x0aa4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:05:55.0995 0x0aa4 arc - ok
15:05:56.0010 0x0aa4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:05:56.0010 0x0aa4 arcsas - ok
15:05:56.0088 0x0aa4 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:05:56.0120 0x0aa4 aspnet_state - ok
15:05:56.0120 0x0aa4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:05:56.0120 0x0aa4 AsyncMac - ok
15:05:56.0151 0x0aa4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:05:56.0151 0x0aa4 atapi - ok
15:05:56.0182 0x0aa4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:05:56.0198 0x0aa4 AudioEndpointBuilder - ok
15:05:56.0213 0x0aa4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:05:56.0229 0x0aa4 AudioSrv - ok
15:05:56.0244 0x0aa4 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:05:56.0260 0x0aa4 AxInstSV - ok
15:05:56.0276 0x0aa4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:05:56.0276 0x0aa4 b06bdrv - ok
15:05:56.0307 0x0aa4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:05:56.0307 0x0aa4 b57nd60a - ok
15:05:56.0322 0x0aa4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:05:56.0322 0x0aa4 BDESVC - ok
15:05:56.0354 0x0aa4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:05:56.0354 0x0aa4 Beep - ok
15:05:56.0400 0x0aa4 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
15:05:56.0416 0x0aa4 BFE - ok
15:05:56.0463 0x0aa4 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\system32\qmgr.dll
15:05:56.0478 0x0aa4 BITS - ok
15:05:56.0510 0x0aa4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:05:56.0510 0x0aa4 blbdrive - ok
15:05:56.0541 0x0aa4 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:05:56.0541 0x0aa4 bowser - ok
15:05:56.0556 0x0aa4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:05:56.0556 0x0aa4 BrFiltLo - ok
15:05:56.0572 0x0aa4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:05:56.0572 0x0aa4 BrFiltUp - ok
15:05:56.0603 0x0aa4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:05:56.0603 0x0aa4 BridgeMP - ok
15:05:56.0619 0x0aa4 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
15:05:56.0619 0x0aa4 Browser - ok
15:05:56.0634 0x0aa4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:05:56.0650 0x0aa4 Brserid - ok
15:05:56.0666 0x0aa4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:05:56.0666 0x0aa4 BrSerWdm - ok
15:05:56.0681 0x0aa4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:05:56.0681 0x0aa4 BrUsbMdm - ok
15:05:56.0681 0x0aa4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:05:56.0681 0x0aa4 BrUsbSer - ok
15:05:56.0697 0x0aa4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:05:56.0697 0x0aa4 BTHMODEM - ok
15:05:56.0728 0x0aa4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:05:56.0728 0x0aa4 bthserv - ok
15:05:56.0837 0x0aa4 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
15:05:56.0853 0x0aa4 c2cautoupdatesvc - ok
15:05:56.0915 0x0aa4 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
15:05:56.0946 0x0aa4 c2cpnrsvc - ok
15:05:56.0962 0x0aa4 catchme - ok
15:05:56.0993 0x0aa4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:05:56.0993 0x0aa4 cdfs - ok
15:05:57.0024 0x0aa4 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:05:57.0024 0x0aa4 cdrom - ok
15:05:57.0056 0x0aa4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
15:05:57.0056 0x0aa4 CertPropSvc - ok
15:05:57.0056 0x0aa4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:05:57.0056 0x0aa4 circlass - ok
15:05:57.0087 0x0aa4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:05:57.0087 0x0aa4 CLFS - ok
15:05:57.0134 0x0aa4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:05:57.0134 0x0aa4 clr_optimization_v2.0.50727_32 - ok
15:05:57.0165 0x0aa4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:05:57.0165 0x0aa4 clr_optimization_v2.0.50727_64 - ok
15:05:57.0227 0x0aa4 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:57.0258 0x0aa4 clr_optimization_v4.0.30319_32 - ok
15:05:57.0274 0x0aa4 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:05:57.0290 0x0aa4 clr_optimization_v4.0.30319_64 - ok
15:05:57.0290 0x0aa4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:05:57.0290 0x0aa4 CmBatt - ok
15:05:57.0539 0x0aa4 [ 5B33C08DE574DA58606B61CFCCD3F082, F88D7BD25D32C2A59AD602DBFED8CA061635B8FEF98CFF93715260B1925D1C4E ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:05:57.0664 0x0aa4 cmdAgent - ok
15:05:57.0680 0x0aa4 [ 348A7FDDF0D7354ED6308AF96EEF4F54, CB3631315429E3187E77C5799EF7AABE68320D29370DE2992F644D07975BD7A6 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
15:05:57.0680 0x0aa4 cmderd - ok
15:05:57.0726 0x0aa4 [ 923659525ADAC632EA6F94570CCE1561, 375571DAC5A13160295E10EDE571B1A05500FD4136EAF4C48BD664D7D427E069 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
15:05:57.0726 0x0aa4 cmdGuard - ok
15:05:57.0742 0x0aa4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:05:57.0742 0x0aa4 cmdide - ok
15:05:57.0836 0x0aa4 [ E621EC50B1A85D875904CC0741F03D16, 644077BC4560DA3E8EEAD93170A0E1B7D67293338280A34315BED4A684D42EEB ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
15:05:57.0882 0x0aa4 cmdvirth - ok
15:05:57.0898 0x0aa4 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
15:05:57.0914 0x0aa4 CNG - ok
15:05:57.0914 0x0aa4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:05:57.0914 0x0aa4 Compbatt - ok
15:05:57.0929 0x0aa4 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:05:57.0929 0x0aa4 CompositeBus - ok
15:05:57.0945 0x0aa4 COMSysApp - ok
15:05:57.0945 0x0aa4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:05:57.0945 0x0aa4 crcdisk - ok
15:05:57.0976 0x0aa4 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:05:57.0976 0x0aa4 CryptSvc - ok
15:05:58.0007 0x0aa4 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
15:05:58.0023 0x0aa4 CSC - ok
15:05:58.0054 0x0aa4 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
15:05:58.0070 0x0aa4 CscService - ok
15:05:58.0101 0x0aa4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:05:58.0116 0x0aa4 DcomLaunch - ok
15:05:58.0132 0x0aa4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:05:58.0148 0x0aa4 defragsvc - ok
15:05:58.0163 0x0aa4 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:05:58.0163 0x0aa4 DfsC - ok
15:05:58.0194 0x0aa4 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:05:58.0194 0x0aa4 Dhcp - ok
15:05:58.0210 0x0aa4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:05:58.0210 0x0aa4 discache - ok
15:05:58.0241 0x0aa4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:05:58.0241 0x0aa4 Disk - ok
15:05:58.0257 0x0aa4 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:05:58.0257 0x0aa4 Dnscache - ok
15:05:58.0272 0x0aa4 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
15:05:58.0288 0x0aa4 dot3svc - ok
15:05:58.0288 0x0aa4 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
15:05:58.0288 0x0aa4 DPS - ok
15:05:58.0319 0x0aa4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:05:58.0319 0x0aa4 drmkaud - ok
15:05:58.0350 0x0aa4 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:05:58.0350 0x0aa4 dtsoftbus01 - ok
15:05:58.0397 0x0aa4 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:05:58.0413 0x0aa4 DXGKrnl - ok
15:05:58.0444 0x0aa4 EagleX64 - ok
15:05:58.0460 0x0aa4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:05:58.0460 0x0aa4 EapHost - ok
15:05:58.0553 0x0aa4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:05:58.0600 0x0aa4 ebdrv - ok
15:05:58.0616 0x0aa4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
15:05:58.0616 0x0aa4 EFS - ok
15:05:58.0678 0x0aa4 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:05:58.0694 0x0aa4 ehRecvr - ok
15:05:58.0694 0x0aa4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:05:58.0709 0x0aa4 ehSched - ok
15:05:58.0740 0x0aa4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:05:58.0756 0x0aa4 elxstor - ok
15:05:58.0756 0x0aa4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:05:58.0756 0x0aa4 ErrDev - ok
15:05:58.0787 0x0aa4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:05:58.0803 0x0aa4 EventSystem - ok
15:05:58.0818 0x0aa4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:05:58.0818 0x0aa4 exfat - ok
15:05:58.0834 0x0aa4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:05:58.0850 0x0aa4 fastfat - ok
15:05:58.0881 0x0aa4 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
15:05:58.0881 0x0aa4 Fax - ok
15:05:58.0896 0x0aa4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:05:58.0896 0x0aa4 fdc - ok
15:05:58.0912 0x0aa4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:05:58.0912 0x0aa4 fdPHost - ok
15:05:58.0928 0x0aa4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:05:58.0928 0x0aa4 FDResPub - ok
15:05:58.0928 0x0aa4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:05:58.0943 0x0aa4 FileInfo - ok
15:05:58.0943 0x0aa4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:05:58.0943 0x0aa4 Filetrace - ok
15:05:58.0959 0x0aa4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:05:58.0959 0x0aa4 flpydisk - ok
15:05:58.0974 0x0aa4 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:05:58.0974 0x0aa4 FltMgr - ok
15:05:59.0021 0x0aa4 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll
15:05:59.0052 0x0aa4 FontCache - ok
15:05:59.0084 0x0aa4 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:05:59.0084 0x0aa4 FontCache3.0.0.0 - ok
15:05:59.0099 0x0aa4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:05:59.0099 0x0aa4 FsDepends - ok
15:05:59.0099 0x0aa4 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:05:59.0099 0x0aa4 Fs_Rec - ok
15:05:59.0115 0x0aa4 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:05:59.0115 0x0aa4 fvevol - ok
15:05:59.0130 0x0aa4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:05:59.0130 0x0aa4 gagp30kx - ok
15:05:59.0162 0x0aa4 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
15:05:59.0193 0x0aa4 gpsvc - ok
15:05:59.0240 0x0aa4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:59.0240 0x0aa4 gupdate - ok
15:05:59.0255 0x0aa4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:59.0255 0x0aa4 gupdatem - ok
15:05:59.0286 0x0aa4 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:05:59.0286 0x0aa4 hamachi - ok
15:05:59.0302 0x0aa4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:05:59.0302 0x0aa4 hcw85cir - ok
15:05:59.0318 0x0aa4 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:05:59.0333 0x0aa4 HdAudAddService - ok
15:05:59.0349 0x0aa4 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:05:59.0349 0x0aa4 HDAudBus - ok
15:05:59.0364 0x0aa4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:05:59.0364 0x0aa4 HidBatt - ok
15:05:59.0364 0x0aa4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:05:59.0364 0x0aa4 HidBth - ok
15:05:59.0396 0x0aa4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:05:59.0396 0x0aa4 HidIr - ok
15:05:59.0396 0x0aa4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
15:05:59.0396 0x0aa4 hidserv - ok
15:05:59.0411 0x0aa4 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:05:59.0411 0x0aa4 HidUsb - ok
15:05:59.0427 0x0aa4 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
15:05:59.0427 0x0aa4 hkmsvc - ok
15:05:59.0442 0x0aa4 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:05:59.0442 0x0aa4 HomeGroupListener - ok
15:05:59.0474 0x0aa4 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:05:59.0474 0x0aa4 HomeGroupProvider - ok
15:05:59.0489 0x0aa4 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:05:59.0489 0x0aa4 HpSAMD - ok
15:05:59.0520 0x0aa4 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:05:59.0536 0x0aa4 HTTP - ok
15:05:59.0536 0x0aa4 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:05:59.0536 0x0aa4 hwpolicy - ok
15:05:59.0552 0x0aa4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:05:59.0552 0x0aa4 i8042prt - ok
15:05:59.0583 0x0aa4 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:05:59.0598 0x0aa4 iaStorV - ok
15:05:59.0645 0x0aa4 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:05:59.0661 0x0aa4 idsvc - ok
15:05:59.0661 0x0aa4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:05:59.0661 0x0aa4 iirsp - ok
15:05:59.0692 0x0aa4 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
15:05:59.0723 0x0aa4 IKEEXT - ok
15:05:59.0817 0x0aa4 [ EB5FA493A4B6EA290200AE39EBA2FBC6, 1C2797058A52D87D0F4412F40D372BABB7E4E4146F6DA5F4FFB7C6BA026A1FAC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:05:59.0879 0x0aa4 IntcAzAudAddService - ok
15:05:59.0895 0x0aa4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:05:59.0895 0x0aa4 intelide - ok
15:05:59.0910 0x0aa4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:05:59.0910 0x0aa4 intelppm - ok
15:05:59.0910 0x0aa4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:05:59.0926 0x0aa4 IPBusEnum - ok
15:05:59.0942 0x0aa4 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:05:59.0942 0x0aa4 IpFilterDriver - ok
15:05:59.0957 0x0aa4 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:05:59.0973 0x0aa4 iphlpsvc - ok

PC-HELP.CZ

Pomalý PC, prosím o kontrolu logu.

Pomalý PC, prosím o kontrolu logu. Vyřešeno

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.

Re: Pomalý PC, prosím o kontrolu logu.