Dobrý den,
moc IT problematice nerozumím, jsem ten nejzákladnější laický uživatel PC (stolního), ale už jste mi tu na tomto fóru několikrát poradili. Posledních pár dní se mi PC chvílemi hrozně zpomaluje a svítí při tom taková ta kontrolka, že jede nějakej proces, a já vůbec nevím jakej. Stává se to při práci na internetu (ale já prakticky nic jinýho na PC nedělám, tak nevím, jestli by to dělalo i jinak), nejhorší to bylo teď s mapou Google, to se úplně sekalo. Pokud je někdo ochotnej podívat se na můj log z HJT a "něco" tam najít nebo mě odkázat do jiného oddílu na jiné příslušné téma, tak předem moc děkuju.
Po minulých zkušenostech a radách jsem teď už předem použil ATF cleaner a TFC.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:39, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Program Files (x86)\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7783 bytes
Pomalé PC Vyřešeno
Re: Pomalé PC
Ahoj! 
Rád Ti pomohu s tvým problémem. Čti prosím mé instrukce pozorně a pokud si něčím nebudeš jist, vždy se raději zeptej.
Po dobu čištění si prosím vypni antivirus a nedělej zásadní změny v OS bez mého vědomí!
V rámci čištění Ti budou vyprázdněny dočasné adresáře včetně Koše.
Stáhni si AdwCleaner: http://www.bleepingcomputer.com/download/adwcleaner/
Ulož na Plochu, spusť jako správce, klikni na Scan a poté Logfile, vyjede na tebe log, ten sem prosím přilož. AdwCleaner na chvíli zavři.
Po vložení logu sem si znovu otevři AdwCleaner, kde klikni na Scan a poté tentokrát na Clean. Po restartu PC na tebe vyjede další log, ten sem prosím vlož.
---------------------------------------------------------------------------
Stáhni si Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe
Ulož na Plochu, otevři jako správce, do otevřeného okna vlož tento kód:
A klikni na Run script, chvíli to potrvá. Po restartu PC prosím přilož jeho log.
---------------------------------------------------------------------------
Stáhni si MBAM (verzi zadarmo, trial nechceme): http://www.malwarebytes.org/mwb-download/
Nainstaluj, na poslední stránce instalátoru nezapomeň odškrtnout možnost: Povolit bezplatnou zkušební verzi...
Po spuštění se aplikace aktualizuje, poté zvol v horní liště Sken -> vyber Vlastní sken a klikni na Skenovat nyní
Objeví se okno Konfigurace vlastního skenu - vyber všechny disky/diskové oddíly (kromě mechaniky, čtečky,...), v levé liště zatrhni Hledat rootkity a klikni na Spustit sken
Po dokončení skenu klikni na tlačítko Exportovat záznam, log ulož a jeho obsah vlož sem.
Všechny nálezy dej mezitím do karantény.
Rád Ti pomohu s tvým problémem. Čti prosím mé instrukce pozorně a pokud si něčím nebudeš jist, vždy se raději zeptej.
Po dobu čištění si prosím vypni antivirus a nedělej zásadní změny v OS bez mého vědomí!
V rámci čištění Ti budou vyprázdněny dočasné adresáře včetně Koše.
Stáhni si AdwCleaner: http://www.bleepingcomputer.com/download/adwcleaner/
Ulož na Plochu, spusť jako správce, klikni na Scan a poté Logfile, vyjede na tebe log, ten sem prosím přilož. AdwCleaner na chvíli zavři.
Po vložení logu sem si znovu otevři AdwCleaner, kde klikni na Scan a poté tentokrát na Clean. Po restartu PC na tebe vyjede další log, ten sem prosím vlož.
---------------------------------------------------------------------------
Stáhni si Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe
Ulož na Plochu, otevři jako správce, do otevřeného okna vlož tento kód:
Kód: Vybrat vše
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
A klikni na Run script, chvíli to potrvá. Po restartu PC prosím přilož jeho log.
---------------------------------------------------------------------------
Stáhni si MBAM (verzi zadarmo, trial nechceme): http://www.malwarebytes.org/mwb-download/
Nainstaluj, na poslední stránce instalátoru nezapomeň odškrtnout možnost: Povolit bezplatnou zkušební verzi...
Po spuštění se aplikace aktualizuje, poté zvol v horní liště Sken -> vyber Vlastní sken a klikni na Skenovat nyní
Objeví se okno Konfigurace vlastního skenu - vyber všechny disky/diskové oddíly (kromě mechaniky, čtečky,...), v levé liště zatrhni Hledat rootkity a klikni na Spustit sken
Po dokončení skenu klikni na tlačítko Exportovat záznam, log ulož a jeho obsah vlož sem.
Všechny nálezy dej mezitím do karantény.
Re: Pomalé PC
Tak snad se mi to všechno podařilo. Netušil jsem, že to bude tak dlouho trvat, takže nakonec jsem musel ten poslední scan (MALM) nechat přes noc, po něm se PC uvedl do nějakýho režimu ("spánku" nebo co, přesně tomu nerozumím) a teď ráno po jeho naběhnutí se asi zám zapnul i "antivir" (je to možný ?, určitě jsme ho předtím vypnul), tak snad už to nevadí. Jinak jsem samozřejmě vděčnej za jakýkoli další rady. Díky.
# AdwCleaner v4.203 - Log vytvořen 01/05/2015 v 23:21:39
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-04-30.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : oem - OEM-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_4.203.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Nalezeno : C:\Program Files (x86)\GotClip
Složka Nalezeno : C:\Users\oem\AppData\Local\FileViewPro
Složka Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Nalezeno : C:\Users\oem\AppData\Roaming\Solvusoft
Soubor Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage
Soubor Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage-journal
Soubor Nalezeno : C:\Windows\System32\roboot64.exe
***** [ Naplánované úlohy ] *****
Úloha Nalezeno : WinThruster_DEFAULT
Úloha Nalezeno : WinThruster_UPDATES
***** [ Zástupci ] *****
***** [ Registry ] *****
Data Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\adawarebp
Klíč Nalezeno : HKCU\Software\Solvusoft
Klíč Nalezeno : [x64] HKCU\Software\Solvusoft
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1
Klíč Nalezeno : HKLM\SOFTWARE\Solvusoft
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Nalezeno : HKU\.DEFAULT\Software\IM
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 cs)
-\\ Google Chrome v42.0.2311.135
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
-\\ Opera v29.0.1795.47
*************************
AdwCleaner[R0].txt - [4300 bytů] - [01/05/2015 23:21:39]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4358 bytů] ##########
______________________________________________________________________________________________________
# AdwCleaner v4.203 - Log vytvořen 01/05/2015 v 23:25:51
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-04-30.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : oem - OEM-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Program Files (x86)\GotClip
Složka Smazáno : C:\Users\oem\AppData\Local\FileViewPro
Složka Smazáno : C:\Users\oem\AppData\Roaming\Solvusoft
Složka Smazáno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
[/!\] Ne Smazáno ( Junction ) : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Soubor Smazáno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage
Soubor Smazáno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage-journal
Soubor Smazáno : C:\Windows\System32\roboot64.exe
***** [ Naplánované úlohy ] *****
Úloha Smazáno : WinThruster_DEFAULT
Úloha Smazáno : WinThruster_UPDATES
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Klíč Smazáno : HKCU\Software\Solvusoft
Klíč Smazáno : HKCU\Software\AppDataLow\Software\adawarebp
Klíč Smazáno : HKLM\SOFTWARE\Solvusoft
Klíč Smazáno : HKU\.DEFAULT\Software\IM
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 cs)
-\\ Google Chrome v42.0.2311.135
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
-\\ Opera v29.0.1795.47
*************************
AdwCleaner[R0].txt - [4444 bytů] - [01/05/2015 23:21:39]
AdwCleaner[R1].txt - [4502 bytů] - [01/05/2015 23:24:25]
AdwCleaner[S0].txt - [4044 bytů] - [01/05/2015 23:25:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4102 bytů] ##########
___________________________________________________________________________________________________
Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by oem on p 01.05.2015 at 23:31:27,77.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\oem\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
1.5.2015 23:34:24 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\NSV deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\oem\AppData\Roaming\Google deleted successfully
C:\Users\oem\AppData\Roaming\IrfanView deleted successfully
C:\Users\oem\AppData\Local\Secunia PSI deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
user.js not found
---- Lines isearch removed from prefs.js ----
user_pref("weboftrust.search.avg.url", "^http(s)?\\:\\/\\/isearch\\.avg\\.com\\/search\\?");
---- Lines ask.com removed from prefs.js ----
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
---- FireFox user.js and prefs.js backups ----
prefs_01.05.2015_2358_.backup
ProfilePath: C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_01.05.2015_2358_.backup
ProfilePath: C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_01.05.2015_2358_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\WinThruster deleted
C:\PROGRA~3\Lavasoft\Web Companion deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18.04.2015 15:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
2645990C521342DCD08963D2DF6CD0D2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
10737B44923217BC0E67D26A9FC1F0AA - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135 (Possible outdated, latest Stable version: , Mac and Linux. A list of changes is available in the <a href="https://chromium.googlesource.com/chromium/src/+log/42.0.2311.90..42.0.2311.135?pretty=fuller&n=10000">log</a>.<br />)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21.03.2015 14:37]
Avast Online Security - oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6756B50A-E297-40C7-992B-B4F9516677AE} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
==== Reset Google Chrome ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\oem\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\oem\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\oem\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\oem\AppData\Local\Mozilla\Firefox\Profiles\y504fwoy.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\oem\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=38 folders=5 13605567 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\oem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\oem\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on so 02.05.2015 at 0:07:15,69 ======================
________________________________________________________________________________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2.5.2015
Čas skenování: 0:16:54
Protokol: anm.txt
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.05.01.07
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oem
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 938786
Uplynulý čas: 2 hod, 57 min, 29 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
# AdwCleaner v4.203 - Log vytvořen 01/05/2015 v 23:21:39
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-04-30.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : oem - OEM-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_4.203.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Nalezeno : C:\Program Files (x86)\GotClip
Složka Nalezeno : C:\Users\oem\AppData\Local\FileViewPro
Složka Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Nalezeno : C:\Users\oem\AppData\Roaming\Solvusoft
Soubor Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage
Soubor Nalezeno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage-journal
Soubor Nalezeno : C:\Windows\System32\roboot64.exe
***** [ Naplánované úlohy ] *****
Úloha Nalezeno : WinThruster_DEFAULT
Úloha Nalezeno : WinThruster_UPDATES
***** [ Zástupci ] *****
***** [ Registry ] *****
Data Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\adawarebp
Klíč Nalezeno : HKCU\Software\Solvusoft
Klíč Nalezeno : [x64] HKCU\Software\Solvusoft
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1
Klíč Nalezeno : HKLM\SOFTWARE\Solvusoft
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Nalezeno : HKU\.DEFAULT\Software\IM
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 cs)
-\\ Google Chrome v42.0.2311.135
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
-\\ Opera v29.0.1795.47
*************************
AdwCleaner[R0].txt - [4300 bytů] - [01/05/2015 23:21:39]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4358 bytů] ##########
______________________________________________________________________________________________________
# AdwCleaner v4.203 - Log vytvořen 01/05/2015 v 23:25:51
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-04-30.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : oem - OEM-PC
# Spuštěno z : C:\Users\oem\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Program Files (x86)\GotClip
Složka Smazáno : C:\Users\oem\AppData\Local\FileViewPro
Složka Smazáno : C:\Users\oem\AppData\Roaming\Solvusoft
Složka Smazáno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
[/!\] Ne Smazáno ( Junction ) : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Soubor Smazáno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage
Soubor Smazáno : C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnllcmllkjofnojidnaknldfehfhehoo_0.localstorage-journal
Soubor Smazáno : C:\Windows\System32\roboot64.exe
***** [ Naplánované úlohy ] *****
Úloha Smazáno : WinThruster_DEFAULT
Úloha Smazáno : WinThruster_UPDATES
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Klíč Smazáno : HKCU\Software\Solvusoft
Klíč Smazáno : HKCU\Software\AppDataLow\Software\adawarebp
Klíč Smazáno : HKLM\SOFTWARE\Solvusoft
Klíč Smazáno : HKU\.DEFAULT\Software\IM
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 cs)
-\\ Google Chrome v42.0.2311.135
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
-\\ Opera v29.0.1795.47
*************************
AdwCleaner[R0].txt - [4444 bytů] - [01/05/2015 23:21:39]
AdwCleaner[R1].txt - [4502 bytů] - [01/05/2015 23:24:25]
AdwCleaner[S0].txt - [4044 bytů] - [01/05/2015 23:25:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4102 bytů] ##########
___________________________________________________________________________________________________
Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by oem on p 01.05.2015 at 23:31:27,77.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\oem\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
1.5.2015 23:34:24 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\NSV deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\oem\AppData\Roaming\Google deleted successfully
C:\Users\oem\AppData\Roaming\IrfanView deleted successfully
C:\Users\oem\AppData\Local\Secunia PSI deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
user.js not found
---- Lines isearch removed from prefs.js ----
user_pref("weboftrust.search.avg.url", "^http(s)?\\:\\/\\/isearch\\.avg\\.com\\/search\\?");
---- Lines ask.com removed from prefs.js ----
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
---- FireFox user.js and prefs.js backups ----
prefs_01.05.2015_2358_.backup
ProfilePath: C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_01.05.2015_2358_.backup
ProfilePath: C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_01.05.2015_2358_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\WinThruster deleted
C:\PROGRA~3\Lavasoft\Web Companion deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18.04.2015 15:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\oem\AppData\Roaming\Thunderbird\Profiles\vdid4vtc.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\oem\AppData\Roaming\TomTom\HOME\Profiles\sobfh24o.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
2645990C521342DCD08963D2DF6CD0D2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
10737B44923217BC0E67D26A9FC1F0AA - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135 (Possible outdated, latest Stable version: , Mac and Linux. A list of changes is available in the <a href="https://chromium.googlesource.com/chromium/src/+log/42.0.2311.90..42.0.2311.135?pretty=fuller&n=10000">log</a>.<br />)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21.03.2015 14:37]
Avast Online Security - oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6756B50A-E297-40C7-992B-B4F9516677AE} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
==== Reset Google Chrome ======================
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\oem\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\oem\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\oem\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\oem\AppData\Local\Mozilla\Firefox\Profiles\y504fwoy.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\oem\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=38 folders=5 13605567 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\oem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\oem\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on so 02.05.2015 at 0:07:15,69 ======================
________________________________________________________________________________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2.5.2015
Čas skenování: 0:16:54
Protokol: anm.txt
Správce: Ano
Verze: 2.00.4.1028
Databáze malwaru: v2015.05.01.07
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oem
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 938786
Uplynulý čas: 2 hod, 57 min, 29 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Re: Pomalé PC
Stáhni si prosím FRST: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic nezatrhávej.
Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.
Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic nezatrhávej.
Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.
Re: Pomalé PC
Provedeno.
Tdy je první log (oba zaráz mi tady nepustilo):
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by oem (administrator) on OEM-PC on 02-05-2015 12:26:12
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-18] (Avast Software s.r.o.)
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: {48c33ac0-0de4-11e1-9297-485b3976fef1} - I:\setup.EXE /AUTORUN
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2015-03-25]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2015-03-25]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-18] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> {6756B50A-E297-40C7-992B-B4F9516677AE} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-18] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18] (Avast Software s.r.o.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-03] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-03] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml [2015-02-25]
FF Extension: WOT - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-11-13]
FF Extension: Adblock Plus - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-24]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-24] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Google Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-18]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-18]
CHR Extension: (Google Search) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Google Sheets) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Avast Online Security) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-18]
CHR Extension: (Google Wallet) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-18] (Avast Software s.r.o.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-18] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-18] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-18] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-18] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-18] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-18] ()
R3 AVerA706_x64; C:\Windows\System32\DRIVERS\AVerA706_x64.sys [1478656 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVerBDA3x_x64; C:\Windows\System32\DRIVERS\AVerBDA3x_x64.sys [1523840 2008-08-27] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-10] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 12:26 - 2015-05-02 12:26 - 00017837 _____ () C:\Users\oem\Desktop\FRST.txt
2015-05-02 12:25 - 2015-05-02 12:26 - 00000000 ____D () C:\FRST
2015-05-02 12:25 - 2015-05-02 12:25 - 02101248 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2015-05-02 09:19 - 2015-05-02 09:20 - 00000000 ____D () C:\Users\oem\Desktop\Logy
2015-05-02 00:05 - 2015-05-01 23:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-01 23:33 - 2015-05-02 00:07 - 00013012 _____ () C:\zoek-results.log
2015-05-01 23:31 - 2015-05-02 00:06 - 00000000 ____D () C:\zoek_backup
2015-05-01 23:30 - 2015-05-01 23:30 - 01305600 _____ () C:\Program Files (x86)\Zoek.exe
2015-05-01 23:21 - 2015-05-01 23:26 - 00000000 ____D () C:\AdwCleaner
2015-05-01 23:21 - 2015-05-01 23:21 - 02204160 _____ () C:\Program Files (x86)\Adwcleaner.exe
2015-04-24 20:53 - 2015-04-24 20:57 - 00000000 ____D () C:\Users\oem\Desktop\váha
2015-04-24 08:40 - 2015-04-24 08:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 23:23 - 2015-04-18 23:23 - 00001419 _____ () C:\Users\oem\Desktop\FreeViewer.lnk
2015-04-18 23:20 - 2015-04-18 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Viewer
2015-04-18 23:20 - 2015-04-18 23:20 - 00000000 ____D () C:\Program Files\Free Viewer
2015-04-18 23:20 - 2015-04-18 23:20 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-04-18 23:20 - 2010-03-15 12:31 - 00165376 _____ () C:\Windows\SysWOW64\unrar.dll
2015-04-18 23:19 - 2015-04-18 23:19 - 31661320 _____ (Free Viewer, LLC ) C:\Users\oem\Downloads\freeviewer-setup.exe
2015-04-18 15:36 - 2015-04-18 15:36 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-18 15:36 - 2015-04-18 15:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-15 23:57 - 2015-04-15 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 08:47 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 08:47 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 08:47 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 08:47 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 08:47 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 08:46 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 08:46 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 08:46 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 08:46 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 08:46 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 08:45 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:45 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 08:45 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 08:45 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 08:45 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 08:45 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 08:45 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 08:45 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 08:45 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 08:45 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 08:45 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 08:45 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 08:45 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 08:45 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 08:45 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 08:45 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 08:45 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 08:45 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 08:45 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 08:45 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 08:45 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 08:45 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:45 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 08:45 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 08:45 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 08:45 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 08:44 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 08:44 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 08:44 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 08:44 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 08:44 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:44 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 08:44 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 08:44 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 08:44 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:44 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 08:44 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:44 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 08:44 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 08:44 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 08:44 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 08:44 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:44 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 08:44 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 08:44 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:44 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 08:44 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 08:44 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 08:44 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:44 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 08:44 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 08:44 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 08:44 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 08:44 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 08:44 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 08:44 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 08:44 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 08:44 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 08:44 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 08:44 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 08:44 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 08:44 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 08:44 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 08:44 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 08:44 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 08:44 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 08:44 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 08:44 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:44 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:44 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 08:44 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 08:44 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 08:44 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 08:44 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 08:44 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 08:44 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 08:44 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 08:44 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 08:44 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 08:44 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 08:44 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 08:44 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 08:44 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 08:44 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 08:44 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 08:43 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 08:43 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 08:43 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 13:57 - 2015-04-11 13:57 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2015-04-04 21:34 - 2015-04-04 21:34 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 21:34 - 2015-04-04 21:34 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-02 20:03 - 2015-04-03 12:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 11:54 - 2012-09-23 18:13 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 11:47 - 2010-10-12 00:03 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9E96628D-BBFB-4CC0-9713-A66DD0244522}
2015-05-02 11:46 - 2010-10-05 14:40 - 01231837 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 11:44 - 2014-06-21 16:14 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d5b25fe0c8d.job
2015-05-02 10:20 - 2010-10-09 11:17 - 00000323 _____ () C:\Windows\Brownie.ini
2015-05-02 09:44 - 2010-10-08 22:10 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 09:15 - 2014-01-27 22:42 - 00000000 ___RD () C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ochrana PC
2015-05-02 08:53 - 2014-11-03 09:10 - 00185462 _____ () C:\Windows\setupact.log
2015-05-02 00:16 - 2014-11-08 13:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-02 00:14 - 2009-07-14 06:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 00:14 - 2009-07-14 06:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 00:06 - 2014-11-03 18:07 - 00052470 _____ () C:\Windows\PFRO.log
2015-05-02 00:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-01 23:59 - 2014-11-02 22:51 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-05-01 23:35 - 2014-11-30 16:01 - 00000000 ____D () C:\Users\oem\AppData\Local\CrashDumps
2015-05-01 10:43 - 2014-11-27 00:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-30 16:34 - 2010-10-09 20:36 - 00000000 ____D () C:\Users\oem\Documents\IVANA
2015-04-29 21:13 - 2009-07-14 17:18 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2015-04-29 21:13 - 2009-07-14 17:18 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2015-04-29 21:13 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-29 16:45 - 2010-10-18 21:18 - 00000000 ____D () C:\VueScan
2015-04-29 08:31 - 2015-03-10 20:41 - 00003816 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426012878
2015-04-29 08:31 - 2010-10-24 21:53 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-26 19:39 - 2015-03-25 23:08 - 00000000 ____D () C:\Users\oem\Documents\AVerTV
2015-04-25 20:41 - 2013-12-24 23:17 - 00000000 ____D () C:\Users\oem\Documents\e-knihy
2015-04-25 18:17 - 2013-12-30 21:29 - 00000000 ____D () C:\Users\oem\Desktop\Helena půjčky
2015-04-25 10:12 - 2012-05-05 15:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 23:18 - 2010-10-28 15:02 - 00000000 ____D () C:\Users\oem\AppData\Roaming\OpenOffice.org2
2015-04-18 20:44 - 2014-04-22 17:18 - 00000000 ____D () C:\Users\oem\Documents\Vyúčtování elektřiny
2015-04-18 15:36 - 2014-11-27 00:52 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-16 20:20 - 2015-03-25 23:07 - 00000000 ____D () C:\ProgramData\AVerTV 3D
2015-04-16 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 09:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 07:30 - 2014-12-11 08:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 07:30 - 2014-05-06 21:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 07:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 00:00 - 2014-01-27 19:52 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 23:57 - 2012-06-27 16:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 23:57 - 2012-06-27 16:17 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 23:56 - 2013-08-20 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 23:52 - 2010-10-05 16:41 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 21:01 - 2010-10-09 20:09 - 00000000 ____D () C:\Users\oem\Documents\LIBOR
2015-04-15 16:54 - 2012-09-23 18:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 16:54 - 2012-09-23 18:13 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 16:54 - 2011-11-29 19:37 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-11 13:30 - 2010-11-30 19:04 - 00000000 ____D () C:\Users\oem\Documents\FILIP
2015-04-08 19:24 - 2012-07-13 12:21 - 00000000 ____D () C:\Users\oem\Documents\Vyúčtování SIPO
2015-04-05 23:07 - 2008-03-07 20:08 - 00000000 ____D () C:\Users\oem\Documents\Ptákoviny
2015-04-05 22:36 - 2014-05-15 18:16 - 00000000 ____D () C:\Users\oem\Documents\Vyúčtování UPC
==================== Files in the root of some directories =======
2015-05-01 23:21 - 2015-05-01 23:21 - 2204160 _____ () C:\Program Files (x86)\Adwcleaner.exe
2011-05-16 22:49 - 2011-05-16 22:49 - 0050688 _____ (Atribune.org) C:\Program Files (x86)\ATF-Cleaner.exe
2011-05-07 17:34 - 2011-05-07 17:34 - 0388608 _____ (Trend Micro Inc.) C:\Program Files (x86)\HiJackThis.exe
2010-11-05 20:52 - 2010-11-05 20:53 - 6274424 _____ (Microsoft Corporation) C:\Program Files (x86)\Silverlight.exe
2014-12-20 15:40 - 2014-11-02 15:21 - 19603608 _____ (SUPERAntiSpyware) C:\Program Files (x86)\SUPERAntiSpyware.exe
2014-12-20 15:43 - 2014-12-20 15:43 - 0448512 _____ (OldTimer Tools) C:\Program Files (x86)\TFC.exe
2015-05-01 23:30 - 2015-05-01 23:30 - 1305600 _____ () C:\Program Files (x86)\Zoek.exe
2010-10-27 22:53 - 2011-06-26 16:56 - 0003584 _____ () C:\Users\oem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-24 20:46 - 2010-10-24 20:46 - 0007605 _____ () C:\Users\oem\AppData\Local\Resmon.ResmonCfg
2010-10-18 21:04 - 2010-10-18 21:04 - 0005006 _____ () C:\ProgramData\mtbjfghn.xbe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 09:55
==================== End Of Log ============================
Tdy je první log (oba zaráz mi tady nepustilo):
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by oem (administrator) on OEM-PC on 02-05-2015 12:26:12
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available profiles: oem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2770432 2010-02-10] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-18] (Avast Software s.r.o.)
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: {48c33ac0-0de4-11e1-9297-485b3976fef1} - I:\setup.EXE /AUTORUN
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2015-03-25]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2015-03-25]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-18] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> {6756B50A-E297-40C7-992B-B4F9516677AE} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-18] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18] (Avast Software s.r.o.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-03] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-03] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml [2015-02-25]
FF Extension: WOT - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-11-13]
FF Extension: Adblock Plus - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-24]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-24] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Google Docs) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Google Drive) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-18]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-18]
CHR Extension: (Google Search) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Google Sheets) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Avast Online Security) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-18]
CHR Extension: (Google Wallet) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-18] (Avast Software s.r.o.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-18] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-18] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-18] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-18] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-18] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-18] ()
R3 AVerA706_x64; C:\Windows\System32\DRIVERS\AVerA706_x64.sys [1478656 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVerBDA3x_x64; C:\Windows\System32\DRIVERS\AVerBDA3x_x64.sys [1523840 2008-08-27] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-10] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 12:26 - 2015-05-02 12:26 - 00017837 _____ () C:\Users\oem\Desktop\FRST.txt
2015-05-02 12:25 - 2015-05-02 12:26 - 00000000 ____D () C:\FRST
2015-05-02 12:25 - 2015-05-02 12:25 - 02101248 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2015-05-02 09:19 - 2015-05-02 09:20 - 00000000 ____D () C:\Users\oem\Desktop\Logy
2015-05-02 00:05 - 2015-05-01 23:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-01 23:33 - 2015-05-02 00:07 - 00013012 _____ () C:\zoek-results.log
2015-05-01 23:31 - 2015-05-02 00:06 - 00000000 ____D () C:\zoek_backup
2015-05-01 23:30 - 2015-05-01 23:30 - 01305600 _____ () C:\Program Files (x86)\Zoek.exe
2015-05-01 23:21 - 2015-05-01 23:26 - 00000000 ____D () C:\AdwCleaner
2015-05-01 23:21 - 2015-05-01 23:21 - 02204160 _____ () C:\Program Files (x86)\Adwcleaner.exe
2015-04-24 20:53 - 2015-04-24 20:57 - 00000000 ____D () C:\Users\oem\Desktop\váha
2015-04-24 08:40 - 2015-04-24 08:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 23:23 - 2015-04-18 23:23 - 00001419 _____ () C:\Users\oem\Desktop\FreeViewer.lnk
2015-04-18 23:20 - 2015-04-18 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Viewer
2015-04-18 23:20 - 2015-04-18 23:20 - 00000000 ____D () C:\Program Files\Free Viewer
2015-04-18 23:20 - 2015-04-18 23:20 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-04-18 23:20 - 2010-03-15 12:31 - 00165376 _____ () C:\Windows\SysWOW64\unrar.dll
2015-04-18 23:19 - 2015-04-18 23:19 - 31661320 _____ (Free Viewer, LLC ) C:\Users\oem\Downloads\freeviewer-setup.exe
2015-04-18 15:36 - 2015-04-18 15:36 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-18 15:36 - 2015-04-18 15:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-15 23:57 - 2015-04-15 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 08:47 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 08:47 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 08:47 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 08:47 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 08:47 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 08:47 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 08:47 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 08:46 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 08:46 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 08:46 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 08:46 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 08:46 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 08:46 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 08:45 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:45 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 08:45 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 08:45 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 08:45 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 08:45 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 08:45 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 08:45 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 08:45 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 08:45 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 08:45 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 08:45 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 08:45 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 08:45 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 08:45 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 08:45 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 08:45 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 08:45 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 08:45 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 08:45 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 08:45 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 08:45 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 08:45 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 08:45 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 08:45 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:45 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:45 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 08:45 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 08:45 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 08:45 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 08:44 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 08:44 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 08:44 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 08:44 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 08:44 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:44 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 08:44 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 08:44 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 08:44 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:44 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 08:44 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:44 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 08:44 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 08:44 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 08:44 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 08:44 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:44 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 08:44 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 08:44 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:44 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 08:44 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 08:44 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 08:44 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:44 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 08:44 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 08:44 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 08:44 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 08:44 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 08:44 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 08:44 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 08:44 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 08:44 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 08:44 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 08:44 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 08:44 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 08:44 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 08:44 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 08:44 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 08:44 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 08:44 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 08:44 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 08:44 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:44 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:44 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 08:44 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 08:44 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 08:44 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 08:44 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 08:44 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 08:44 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 08:44 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 08:44 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 08:44 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 08:44 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 08:44 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 08:44 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 08:44 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 08:44 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 08:44 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 08:43 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 08:43 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 08:43 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 13:57 - 2015-04-11 13:57 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2015-04-04 21:34 - 2015-04-04 21:34 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 21:34 - 2015-04-04 21:34 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-02 20:03 - 2015-04-03 12:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 11:54 - 2012-09-23 18:13 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 11:47 - 2010-10-12 00:03 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9E96628D-BBFB-4CC0-9713-A66DD0244522}
2015-05-02 11:46 - 2010-10-05 14:40 - 01231837 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 11:44 - 2014-06-21 16:14 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d5b25fe0c8d.job
2015-05-02 10:20 - 2010-10-09 11:17 - 00000323 _____ () C:\Windows\Brownie.ini
2015-05-02 09:44 - 2010-10-08 22:10 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-02 09:15 - 2014-01-27 22:42 - 00000000 ___RD () C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ochrana PC
2015-05-02 08:53 - 2014-11-03 09:10 - 00185462 _____ () C:\Windows\setupact.log
2015-05-02 00:16 - 2014-11-08 13:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-02 00:14 - 2009-07-14 06:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 00:14 - 2009-07-14 06:45 - 00023568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 00:06 - 2014-11-03 18:07 - 00052470 _____ () C:\Windows\PFRO.log
2015-05-02 00:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-01 23:59 - 2014-11-02 22:51 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-05-01 23:35 - 2014-11-30 16:01 - 00000000 ____D () C:\Users\oem\AppData\Local\CrashDumps
2015-05-01 10:43 - 2014-11-27 00:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-30 16:34 - 2010-10-09 20:36 - 00000000 ____D () C:\Users\oem\Documents\IVANA
2015-04-29 21:13 - 2009-07-14 17:18 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2015-04-29 21:13 - 2009-07-14 17:18 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2015-04-29 21:13 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-29 16:45 - 2010-10-18 21:18 - 00000000 ____D () C:\VueScan
2015-04-29 08:31 - 2015-03-10 20:41 - 00003816 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426012878
2015-04-29 08:31 - 2010-10-24 21:53 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-26 19:39 - 2015-03-25 23:08 - 00000000 ____D () C:\Users\oem\Documents\AVerTV
2015-04-25 20:41 - 2013-12-24 23:17 - 00000000 ____D () C:\Users\oem\Documents\e-knihy
2015-04-25 18:17 - 2013-12-30 21:29 - 00000000 ____D () C:\Users\oem\Desktop\Helena půjčky
2015-04-25 10:12 - 2012-05-05 15:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 23:18 - 2010-10-28 15:02 - 00000000 ____D () C:\Users\oem\AppData\Roaming\OpenOffice.org2
2015-04-18 20:44 - 2014-04-22 17:18 - 00000000 ____D () C:\Users\oem\Documents\Vyúčtování elektřiny
2015-04-18 15:36 - 2014-11-27 00:52 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-18 15:36 - 2014-11-27 00:52 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-16 20:20 - 2015-03-25 23:07 - 00000000 ____D () C:\ProgramData\AVerTV 3D
2015-04-16 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 09:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 07:30 - 2014-12-11 08:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 07:30 - 2014-05-06 21:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 07:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 00:00 - 2014-01-27 19:52 - 01559340 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 23:57 - 2012-06-27 16:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 23:57 - 2012-06-27 16:17 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 23:56 - 2013-08-20 23:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 23:52 - 2010-10-05 16:41 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 21:01 - 2010-10-09 20:09 - 00000000 ____D () C:\Users\oem\Documents\LIBOR
2015-04-15 16:54 - 2012-09-23 18:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 16:54 - 2012-09-23 18:13 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 16:54 - 2011-11-29 19:37 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-11 13:30 - 2010-11-30 19:04 - 00000000 ____D () C:\Users\oem\Documents\FILIP
2015-04-08 19:24 - 2012-07-13 12:21 - 00000000 ____D () C:\Users\oem\Documents\Vyúčtování SIPO
2015-04-05 23:07 - 2008-03-07 20:08 - 00000000 ____D () C:\Users\oem\Documents\Ptákoviny
2015-04-05 22:36 - 2014-05-15 18:16 - 00000000 ____D () C:\Users\oem\Documents\Vyúčtování UPC
==================== Files in the root of some directories =======
2015-05-01 23:21 - 2015-05-01 23:21 - 2204160 _____ () C:\Program Files (x86)\Adwcleaner.exe
2011-05-16 22:49 - 2011-05-16 22:49 - 0050688 _____ (Atribune.org) C:\Program Files (x86)\ATF-Cleaner.exe
2011-05-07 17:34 - 2011-05-07 17:34 - 0388608 _____ (Trend Micro Inc.) C:\Program Files (x86)\HiJackThis.exe
2010-11-05 20:52 - 2010-11-05 20:53 - 6274424 _____ (Microsoft Corporation) C:\Program Files (x86)\Silverlight.exe
2014-12-20 15:40 - 2014-11-02 15:21 - 19603608 _____ (SUPERAntiSpyware) C:\Program Files (x86)\SUPERAntiSpyware.exe
2014-12-20 15:43 - 2014-12-20 15:43 - 0448512 _____ (OldTimer Tools) C:\Program Files (x86)\TFC.exe
2015-05-01 23:30 - 2015-05-01 23:30 - 1305600 _____ () C:\Program Files (x86)\Zoek.exe
2010-10-27 22:53 - 2011-06-26 16:56 - 0003584 _____ () C:\Users\oem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-24 20:46 - 2010-10-24 20:46 - 0007605 _____ () C:\Users\oem\AppData\Local\Resmon.ResmonCfg
2010-10-18 21:04 - 2010-10-18 21:04 - 0005006 _____ () C:\ProgramData\mtbjfghn.xbe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 09:55
==================== End Of Log ============================
Re: Pomalé PC
A tady je tan druhý:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by oem at 2015-05-02 12:27:33
Running from C:\Users\oem\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1790967181-1192606045-1394816446-500 - Administrator - Disabled)
Guest (S-1-5-21-1790967181-1192606045-1394816446-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1790967181-1192606045-1394816446-1002 - Limited - Enabled)
oem (S-1-5-21-1790967181-1192606045-1394816446-1000 - Administrator - Enabled) => C:\Users\oem
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agfa ScanWise 1.70 (HKLM-x32\...\Agfa ScanWise 1.70) (Version: - )
Agfa ScanWise 2.00 (HKLM-x32\...\Agfa ScanWise 2.00) (Version: - )
AGFAnet Print Service (HKLM-x32\...\AGFAnet Print Service) (Version: - )
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{8E3FABF5-C3B9-7F7E-4AAE-977D77D48C51}) (Version: 3.0.782.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
AVerMedia M135-Series PCI TV Tuner 3.6.64.15 (HKLM-x32\...\AVerMedia M135-Series PCI TV Tuner) (Version: 3.6.64.15 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Media Center Plug-ins 2.0.8.0 (HKLM-x32\...\AVerMedia Media Center Plug-ins) (Version: 2.0.8.0 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
AVerTV 3D (x32 Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
BlazeDVD 6.0 (HKLM-x32\...\BlazeDVD 6.0_is1) (Version: - )
bodykey by NUTRILITE 1024x768 (HKLM-x32\...\bodykey by NUTRILITE 1024x768_is1) (Version: - )
Brother HL-2035 (HKLM-x32\...\{F1C88595-815F-44D3-BE90-84509DD428BE}) (Version: 1.00 - Brother)
capella reader (HKLM-x32\...\{6C70FBE1-6451-4F49-B0C0-7E464E73DF9B}) (Version: 7.1.16 - capella software AG)
ccc-core-static (x32 Version: 2010.0706.2128.36662 - Název společnosti:) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CODEXIS JUSTICE 5.23.1 (HKLM-x32\...\CDJUS_is1) (Version: - ATLAS consulting, spol. s r.o.)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free Audio Editor (HKLM-x32\...\Free Audio Editor) (Version: - FAE Inc.)
Free AVI Player (HKLM-x32\...\{7DED55EA-FB69-4101-AD5D-3D7F985E68A7}) (Version: 1.00.0000 - Media Freeware)
Free Easy Burner V 5.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
Free Viewer (HKLM\...\{5EF92F52-FA16-4CA6-A204-811524BEE514}_is1) (Version: 1.0 - Free Viewer, LLC)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000405-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 cs)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyAshampoo Toolbar (HKLM-x32\...\MyAshampoo Toolbar) (Version: 6.2.6.0 - MyAshampoo) <==== ATTENTION
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
OpenOffice.org 1.9.129 (HKLM-x32\...\{9FD36563-6744-4A36-924C-9E2A863DC1EF}) (Version: 1.9129.8953 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version: 29.0.1795.47 - Opera Software ASA)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Lord of the Rings FREE Trial (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Název společnosti:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VueScan (HKLM-x32\...\VueScan) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
XnView 1.97.8 (HKLM-x32\...\XnView_is1) (Version: 1.97.8 - Gougelet Pierre-e)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\oem\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
==================== Restore Points =========================
18-04-2015 15:33:54 avast! antivirus system restore point
21-04-2015 08:14:09 Windows Update
25-04-2015 10:32:25 Windows Update
01-05-2015 10:57:04 Windows Update
01-05-2015 23:33:49 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-01 23:35 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B} - System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => pcalua.exe -a "C:\Program Files\AP6\TV\setup.exe" -d "C:\Program Files\AP6\TV"
Task: {02D7A8AA-73F6-4898-8F7B-707DBEBD8FDE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-18] (Avast Software s.r.o.)
Task: {02FC32A9-58D1-45D5-882B-A628F9083C4C} - System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {07384B14-007F-4289-B9D0-C3B6C6200C50} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {079A3CC1-2E49-4E50-A2BB-2DB0D6365529} - System32\Tasks\Opera scheduled Autoupdate 1426012878 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
Task: {0852946E-2ED1-42D8-8944-3F59CB8CD40D} - System32\Tasks\{740941F6-B678-4D46-9DA7-343A1CF1DDC2} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {0F85E834-EDA3-4E4C-A83A-30B166B9B599} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {16BE0755-E983-43A4-955D-F5BAE265BFAF} - System32\Tasks\{511EFB78-1B11-455A-8754-94E6196D36B9} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {2C4BB480-96CA-4040-81D4-AED50702C4E8} - System32\Tasks\{EA5B5004-DC11-418B-89F1-4EE0BC92C221} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {2EE98366-5153-4308-BA4B-38E978C11A41} - System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => pcalua.exe -a "C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe" -d "C:\Program Files (x86)\FreeHDSport TV"
Task: {33D31CF6-E19E-403F-BD2A-7E68B456FDB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {38CB1DFC-B36E-45F8-9200-78D17E3543A6} - System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => pcalua.exe -a C:\Users\oem\AppData\Local\Temp\Temp1_SUPERAntiSpyware4221014czechlng.zip\SUPERAntiSpyware4221014czech.lng.exe
Task: {3E30B45B-FABC-4954-BB59-49E04DD6F233} - System32\Tasks\{BB269DD7-6808-4D6C-A4FB-98D7FB3325BB} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {40CDB2C7-3A77-49F0-8F25-816A79C494BB} - System32\Tasks\{3CD28AC0-DF80-4E53-A283-033B1FBFDA58} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {41D982BF-6747-426B-B8DA-A6FA2499DCB3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {47E81A88-6813-416B-AB07-92FD04D48A50} - System32\Tasks\{C67CD2E5-F81C-490B-96BE-FEE18BA18692} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {4A841B53-5665-4846-8AE2-ED77FF9A8851} - System32\Tasks\{5FB4FF8E-876B-4117-8C3E-C7DA9F342BBB} => pcalua.exe -a "C:\Program Files\AP6\SnugTV\ISSetupPrerequisites\{083DC809-22E2-4629-AC9B-CEF3CDE9B52E}\vcredist_x86.exe" -d "C:\Program Files\AP6\SnugTV\ISSetupPrerequisites\{083DC809-22E2-4629-AC9B-CEF3CDE9B52E}"
Task: {4C552DA7-BEC1-43F8-A98B-C5DBF79F4866} - System32\Tasks\{5D13063D-6CFF-4088-B96B-76B85F2C9A29} => C:\Program Files (x86)\Agfa\ScanWise 1_70\scanwise.exe [2001-02-05] (Agfa)
Task: {4E2A69B4-F63D-4A97-B18C-D0EB40C05BAE} - System32\Tasks\{A96B60A5-8E25-4B19-B9EF-3B6670CAC0FF} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {504891CD-A715-4A23-AF6A-DCD6B2A27C9D} - System32\Tasks\{2B73FD21-25FC-43B3-832B-160767D4069C} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {506DD5CE-12FA-406E-B8EA-0FF3D33E259C} - System32\Tasks\{F5BDB4CB-51F0-42C8-A887-F6103995F11F} => pcalua.exe -a D:\menu.exe -d D:\
Task: {545C95AE-8C40-48EA-8D7A-33FDF8184E31} - System32\Tasks\{CA9530F7-AC00-4F50-80E6-951BA7304DA0} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {5D9736C1-7743-4FA6-814F-475BCC29EE0D} - System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => pcalua.exe -a C:\Users\oem\Downloads\iv395cz-mini-205f-saj.exe -d C:\Users\oem\Downloads
Task: {5FA39806-04A0-4580-9E06-9304FE6E7BBE} - System32\Tasks\{60CD2873-BCF7-441B-A3FE-BDFA1E3EBB4A} => C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2012-10-17] ()
Task: {649D2B97-95F6-4373-AC3A-F23B51EEE715} - System32\Tasks\{D2AD59F3-B3BD-485C-9724-B0C03EA7FD46} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {65E7B6D8-3440-4B8A-9C5A-E873E560D708} - System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => pcalua.exe -a "C:\Users\oem\Downloads\InstallDriver_M135_Drv3.6.0.6_SWEncoder_3.0.1.6_MCE_Plugins_2.0.8.0_Vista_x86_Win7 x86_090724.exe" -d C:\Users\oem\Downloads
Task: {6F74C553-9A94-495C-8B2B-95C447B951E9} - System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => pcalua.exe -a C:\Users\oem\Documents\Install\SUPERAntiSpyware_4.15.1000_cz.exe -d C:\Users\oem\Documents\Install
Task: {7509BFB5-AB5B-4356-85BD-21CE6AA272ED} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {768BBB0E-EFC4-41F8-945E-D2DB02E45013} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7A106C83-564D-46D3-A442-65921D2A7B26} - System32\Tasks\{BDB1CC77-CF81-4C39-B89A-9930B794C8FB} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {7C38978A-85D6-4B1D-AE57-EACA9BCAE4B9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD} - System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => pcalua.exe -a C:\Users\oem\Downloads\BlazeDVDSetup.exe -d C:\Users\oem\Downloads
Task: {7ECFC5BC-CAC7-41AB-B728-C53FC6E53C59} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {848EB751-3D37-4358-8C50-C4A73C49C410} - System32\Tasks\{BC0C5950-D154-40AB-B982-5FC258C23257} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {8A78CFC8-AF28-4A50-9BC7-414643567144} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {94ADCC71-BC10-4C36-B107-F449A039E547} - System32\Tasks\{F452DCDD-36EA-449B-BE7B-7BB656DF496E} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {9F19E7F7-FF54-43C5-8C2B-09E7A38C5C16} - System32\Tasks\{63820B26-03C3-4825-99A7-29241EC6EE12} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {A8175D07-FA84-4799-8A98-5187E2C4C18C} - System32\Tasks\{5B360BCD-E536-4C21-AC7C-B0C55FD96DBC} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {B00EB4B4-3322-43C6-8C0A-991F4234B119} - System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => pcalua.exe -a D:\AutoRunPro.exe -d D:\
Task: {B53B9BE1-74D4-4F7D-9F30-E2FF3358ECAB} - System32\Tasks\{101BE7D7-E102-4007-B2D9-9CD4F4AB5F81} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {B7C70446-C70D-44FE-9D4F-DA4C362EC60E} - System32\Tasks\{78B8041F-4B40-4557-91DC-4F8B557C3DB5} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {C697E36A-74C5-4537-9ADC-2B312CAF31F8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C6B44FD6-0412-4C4F-B445-BB9EB5CAF7A6} - System32\Tasks\{D35A96BF-F067-4AEB-95A0-0D4220149C99} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {C7B8CFF6-F476-42C6-B4FD-E96F967DCA62} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC157064-44B8-44AB-B2B5-2AFC280177BA} - System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: {D2C9E76E-9D7E-4292-804E-351786362A85} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8d5b25fe0c8d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {D3C6D430-74DC-47E7-B3C3-492BD3EDFC5B} - System32\Tasks\{FE7F8B51-955C-457A-80DF-DA970C52F3E7} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {D4421C0D-00CB-4986-B752-AEBFDFF86181} - System32\Tasks\{E75CCFB8-946F-496C-AF3F-A41D7B187401} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {D6020B7B-F586-4AAE-A6E3-7E46D0DCB27E} - System32\Tasks\{381F4E99-B1D7-4C27-8B7B-46BEC37C145C} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {D6813670-D55A-44E0-BBA1-53762D043F23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {D7C307F0-CAE3-45A9-ADC9-70C9433FEB78} - System32\Tasks\{92CDA227-EFBD-4F5E-B887-4BA8C1529B25} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {DD1970EA-558D-4E34-8625-7B58A9749E3E} - System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup.exe -d C:\Users\oem\Downloads
Task: {DFCBC3FC-D821-4FAE-8288-9592074871C1} - System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup(1).exe -d C:\Users\oem\Downloads
Task: {E7591A54-28F7-4233-97A6-35D17449B3A4} - System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => pcalua.exe -a C:\Users\oem\Downloads\iview395.exe -d C:\Users\oem\Downloads
Task: {EA8F7012-7449-408B-BFDC-882387894D53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {F31BA45F-7AF4-4745-9F02-FBBCCEADD412} - System32\Tasks\{5D08BA52-FAFC-4E0D-8020-4EFBD9C5DA8A} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {FA4A507C-C485-44E4-B5CF-E723C97700C2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FAF661B5-D30B-493B-991E-BD0BF7AA35C9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {FBCD2056-BA40-473C-AEC5-A0AB6C913542} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FF7F6C5B-F011-49D7-B18D-6FB17F64234C} - System32\Tasks\{211A7952-A09A-4B19-9667-A54346FB0102} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d5b25fe0c8d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2010-10-08 23:10 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-25 22:58 - 2011-04-01 08:52 - 00403456 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2015-03-25 22:58 - 2012-10-17 09:24 - 00163840 ____R () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2010-10-05 15:45 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2010-10-05 15:45 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-10-05 15:45 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2010-10-05 15:45 - 2009-11-03 05:12 - 47601664 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2010-04-16 14:20 - 2010-04-16 14:20 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-06 21:26 - 2010-07-06 21:26 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-04-18 15:36 - 2015-04-18 15:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-18 15:36 - 2015-04-18 15:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-01 21:08 - 2015-05-01 21:08 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050101\algo.dll
2015-03-25 22:58 - 2012-06-09 12:33 - 00053248 ____R () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2015-03-21 14:38 - 2015-03-21 14:38 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-15 16:54 - 2015-04-15 16:54 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
2015-04-02 20:03 - 2015-04-02 20:03 - 03348592 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-04-02 20:03 - 2015-04-02 20:03 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-02 20:03 - 2015-04-02 20:03 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\oem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [TCP Query User{764965A8-FF50-435B-9F8C-12E8F0310148}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CBD34C1B-969E-4246-801B-A8645D1DEEF9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A383A3C1-4283-49BE-BD80-1036D630579E}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{9049E893-59D7-4ACC-8E9C-B1F6970DC0D4}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{95BBE1B3-2FFD-47DE-B0E3-1718A9240F05}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{AAE37DAC-F747-4B25-86CC-12BFCD799859}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{3705AD44-6E92-4484-B727-D05CAB7814D4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5F72047F-4375-4C4C-9A31-A6CE5188C12B}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{D163A11F-169B-4723-A62A-4D6BC61FF2FB}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [TCP Query User{1D3681EB-7AEB-4488-A5E3-BF7315968E3C}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{BD81A70D-56FC-4551-AD7F-F140F21D837E}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [{F94E57FE-A2D7-4752-8E99-BC55E5179330}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{185EE718-5E0A-4D2F-9EB5-79E21E1AC48E}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{D264CF18-C9D0-4C25-9855-9A93309E9DBD}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe
FirewallRules: [{61FBA6E7-BA70-46DE-ADA9-916F3BA655AB}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A3242554-71B3-48B4-821C-D36C4F2D84BC}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4DAD4A23-D5DC-4F58-B623-029BFB8BE43D}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{7482C050-9DBE-43E8-BD02-E9208575DADA}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{7565979C-CBA7-4C53-AB3D-34E763D4E4A7}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{48E2B6ED-C763-4DAB-92E0-77981A2420D0}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{FABB8620-2940-48FE-9B85-C991121027F4}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{244D0A97-0D40-4502-9A2C-FDC19BCB7725}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{459F7128-9255-4809-9A48-A1A2A0307026}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{C7C029AC-DF52-4BD2-88CA-9F11164617B1}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F08B3159-712D-48AB-9E6D-48D662CDC9CB}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{9C792014-9C6C-42F7-A52C-E0DFDDD04621}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{AD194D74-D6F3-4909-9F8A-6CC321D0D916}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FC5B1CFA-B346-4766-9718-D9ABCB3E877A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1A26D096-828F-4EF7-8A99-CE9E980B3F61}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{428EDF4D-B67B-47ED-886B-18D7659DF730}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{AF3470F3-069A-4D77-B9E7-38544ED8E223}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{CAF18FFD-314B-44F5-9C05-DA97D70EC651}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{E66D9B3D-2CEE-48A2-99A8-3DDCBAED561F}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{B5619FC0-4A2C-46E2-8337-BCA478754A58}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F4EB9708-16FA-4C2F-82FA-A21C6EC567EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF0072C1-0753-4573-BD64-DE5B59A18B48}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [{702C1EAD-B5D1-4E30-A2FF-B11A9D5B4F46}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [{2CF1ACF6-AE65-447A-9D48-D16D61AB57E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 02:15:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (05/01/2015 11:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 37.0.2.5583, časové razítko: 0x552ef76c
Název chybujícího modulu: mozalloc.dll, verze: 37.0.2.5583, časové razítko: 0x552ee9ae
Kód výjimky: 0x80000003
Posun chyby: 0x00001aa1
ID chybujícího procesu: 0x1380
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Error: (05/01/2015 05:05:53 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Došlo k selhání kritického systémového procesu C:\Windows\system32\lsass.exe se stavovým kódem 255. Počítač je nyní nutné restartovat.
Error: (05/01/2015 05:05:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: lsass.exe, verze: 6.1.7601.18798, časové razítko: 0x5507a4a4
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18798, časové razítko: 0x5507b864
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000200ba
ID chybujícího procesu: 0x234
Čas spuštění chybující aplikace: 0xlsass.exe0
Cesta k chybující aplikaci: lsass.exe1
Cesta k chybujícímu modulu: lsass.exe2
ID zprávy: lsass.exe3
Error: (04/30/2015 00:22:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/29/2015 08:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WINWORD.EXE, verze: 9.0.0.2823, časové razítko: 0x3720dbd6
Název chybujícího modulu: WINWORD.EXE, verze: 9.0.0.2823, časové razítko: 0x3720dbd6
Kód výjimky: 0xc0000005
Posun chyby: 0x0032a25f
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0xWINWORD.EXE0
Cesta k chybující aplikaci: WINWORD.EXE1
Cesta k chybujícímu modulu: WINWORD.EXE2
ID zprávy: WINWORD.EXE3
Error: (04/28/2015 10:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 09:37:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 10:14:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (04/26/2015 01:46:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
System errors:
=============
Error: (05/02/2015 08:53:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (05/02/2015 08:53:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (05/02/2015 08:53:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (05/02/2015 08:53:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (05/02/2015 08:53:30 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (05/02/2015 08:53:29 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (05/02/2015 06:07:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (05/02/2015 06:07:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (05/02/2015 06:07:27 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (05/02/2015 00:08:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (05/02/2015 02:15:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (05/01/2015 11:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1138001d08455fee3bd21C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlleb426182-f049-11e4-b605-485b3976fef1
Error: (05/01/2015 05:05:53 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsass.exe255
Error: (05/01/2015 05:05:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lsass.exe6.1.7601.187985507a4a4ntdll.dll6.1.7601.187985507b864c000000500000000000200ba23401d083eadc357212C:\Windows\system32\lsass.exeC:\Windows\SYSTEM32\ntdll.dll8996fa4d-f013-11e4-b544-485b3976fef1
Error: (04/30/2015 00:22:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/29/2015 08:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.28233720dbd6WINWORD.EXE9.0.0.28233720dbd6c00000050032a25fdb801d082aa21049aceC:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXEC:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE67f6619e-ee9d-11e4-9f1a-485b3976fef1
Error: (04/28/2015 10:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 09:37:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 10:14:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (04/26/2015 01:46:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
CodeIntegrity Errors:
===================================
Date: 2014-10-26 12:09:12.642
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.483
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-04-25 20:35:04.275
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerBDA3x_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-04-25 20:35:04.197
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerBDA3x_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-04-21 13:05:00.868
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerA706_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-04-21 13:05:00.790
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerA706_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 240e Processor
Percentage of memory in use: 74%
Total physical RAM: 1790.05 MB
Available physical RAM: 452.98 MB
Total Pagefile: 3580.1 MB
Available Pagefile: 1229.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:316.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: E7F4425A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by oem at 2015-05-02 12:27:33
Running from C:\Users\oem\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1790967181-1192606045-1394816446-500 - Administrator - Disabled)
Guest (S-1-5-21-1790967181-1192606045-1394816446-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1790967181-1192606045-1394816446-1002 - Limited - Enabled)
oem (S-1-5-21-1790967181-1192606045-1394816446-1000 - Administrator - Enabled) => C:\Users\oem
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agfa ScanWise 1.70 (HKLM-x32\...\Agfa ScanWise 1.70) (Version: - )
Agfa ScanWise 2.00 (HKLM-x32\...\Agfa ScanWise 2.00) (Version: - )
AGFAnet Print Service (HKLM-x32\...\AGFAnet Print Service) (Version: - )
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{8E3FABF5-C3B9-7F7E-4AAE-977D77D48C51}) (Version: 3.0.782.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
AVerMedia M135-Series PCI TV Tuner 3.6.64.15 (HKLM-x32\...\AVerMedia M135-Series PCI TV Tuner) (Version: 3.6.64.15 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Media Center Plug-ins 2.0.8.0 (HKLM-x32\...\AVerMedia Media Center Plug-ins) (Version: 2.0.8.0 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
AVerTV 3D (x32 Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
BlazeDVD 6.0 (HKLM-x32\...\BlazeDVD 6.0_is1) (Version: - )
bodykey by NUTRILITE 1024x768 (HKLM-x32\...\bodykey by NUTRILITE 1024x768_is1) (Version: - )
Brother HL-2035 (HKLM-x32\...\{F1C88595-815F-44D3-BE90-84509DD428BE}) (Version: 1.00 - Brother)
capella reader (HKLM-x32\...\{6C70FBE1-6451-4F49-B0C0-7E464E73DF9B}) (Version: 7.1.16 - capella software AG)
ccc-core-static (x32 Version: 2010.0706.2128.36662 - Název společnosti:) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CODEXIS JUSTICE 5.23.1 (HKLM-x32\...\CDJUS_is1) (Version: - ATLAS consulting, spol. s r.o.)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free Audio Editor (HKLM-x32\...\Free Audio Editor) (Version: - FAE Inc.)
Free AVI Player (HKLM-x32\...\{7DED55EA-FB69-4101-AD5D-3D7F985E68A7}) (Version: 1.00.0000 - Media Freeware)
Free Easy Burner V 5.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
Free Viewer (HKLM\...\{5EF92F52-FA16-4CA6-A204-811524BEE514}_is1) (Version: 1.0 - Free Viewer, LLC)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000405-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 cs)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyAshampoo Toolbar (HKLM-x32\...\MyAshampoo Toolbar) (Version: 6.2.6.0 - MyAshampoo) <==== ATTENTION
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
OpenOffice.org 1.9.129 (HKLM-x32\...\{9FD36563-6744-4A36-924C-9E2A863DC1EF}) (Version: 1.9129.8953 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version: 29.0.1795.47 - Opera Software ASA)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Lord of the Rings FREE Trial (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Název společnosti:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VueScan (HKLM-x32\...\VueScan) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
XnView 1.97.8 (HKLM-x32\...\XnView_is1) (Version: 1.97.8 - Gougelet Pierre-e)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\oem\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
==================== Restore Points =========================
18-04-2015 15:33:54 avast! antivirus system restore point
21-04-2015 08:14:09 Windows Update
25-04-2015 10:32:25 Windows Update
01-05-2015 10:57:04 Windows Update
01-05-2015 23:33:49 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-01 23:35 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B} - System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => pcalua.exe -a "C:\Program Files\AP6\TV\setup.exe" -d "C:\Program Files\AP6\TV"
Task: {02D7A8AA-73F6-4898-8F7B-707DBEBD8FDE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-18] (Avast Software s.r.o.)
Task: {02FC32A9-58D1-45D5-882B-A628F9083C4C} - System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {07384B14-007F-4289-B9D0-C3B6C6200C50} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {079A3CC1-2E49-4E50-A2BB-2DB0D6365529} - System32\Tasks\Opera scheduled Autoupdate 1426012878 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
Task: {0852946E-2ED1-42D8-8944-3F59CB8CD40D} - System32\Tasks\{740941F6-B678-4D46-9DA7-343A1CF1DDC2} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {0F85E834-EDA3-4E4C-A83A-30B166B9B599} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {16BE0755-E983-43A4-955D-F5BAE265BFAF} - System32\Tasks\{511EFB78-1B11-455A-8754-94E6196D36B9} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {2C4BB480-96CA-4040-81D4-AED50702C4E8} - System32\Tasks\{EA5B5004-DC11-418B-89F1-4EE0BC92C221} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {2EE98366-5153-4308-BA4B-38E978C11A41} - System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => pcalua.exe -a "C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe" -d "C:\Program Files (x86)\FreeHDSport TV"
Task: {33D31CF6-E19E-403F-BD2A-7E68B456FDB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {38CB1DFC-B36E-45F8-9200-78D17E3543A6} - System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => pcalua.exe -a C:\Users\oem\AppData\Local\Temp\Temp1_SUPERAntiSpyware4221014czechlng.zip\SUPERAntiSpyware4221014czech.lng.exe
Task: {3E30B45B-FABC-4954-BB59-49E04DD6F233} - System32\Tasks\{BB269DD7-6808-4D6C-A4FB-98D7FB3325BB} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {40CDB2C7-3A77-49F0-8F25-816A79C494BB} - System32\Tasks\{3CD28AC0-DF80-4E53-A283-033B1FBFDA58} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {41D982BF-6747-426B-B8DA-A6FA2499DCB3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {47E81A88-6813-416B-AB07-92FD04D48A50} - System32\Tasks\{C67CD2E5-F81C-490B-96BE-FEE18BA18692} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {4A841B53-5665-4846-8AE2-ED77FF9A8851} - System32\Tasks\{5FB4FF8E-876B-4117-8C3E-C7DA9F342BBB} => pcalua.exe -a "C:\Program Files\AP6\SnugTV\ISSetupPrerequisites\{083DC809-22E2-4629-AC9B-CEF3CDE9B52E}\vcredist_x86.exe" -d "C:\Program Files\AP6\SnugTV\ISSetupPrerequisites\{083DC809-22E2-4629-AC9B-CEF3CDE9B52E}"
Task: {4C552DA7-BEC1-43F8-A98B-C5DBF79F4866} - System32\Tasks\{5D13063D-6CFF-4088-B96B-76B85F2C9A29} => C:\Program Files (x86)\Agfa\ScanWise 1_70\scanwise.exe [2001-02-05] (Agfa)
Task: {4E2A69B4-F63D-4A97-B18C-D0EB40C05BAE} - System32\Tasks\{A96B60A5-8E25-4B19-B9EF-3B6670CAC0FF} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {504891CD-A715-4A23-AF6A-DCD6B2A27C9D} - System32\Tasks\{2B73FD21-25FC-43B3-832B-160767D4069C} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {506DD5CE-12FA-406E-B8EA-0FF3D33E259C} - System32\Tasks\{F5BDB4CB-51F0-42C8-A887-F6103995F11F} => pcalua.exe -a D:\menu.exe -d D:\
Task: {545C95AE-8C40-48EA-8D7A-33FDF8184E31} - System32\Tasks\{CA9530F7-AC00-4F50-80E6-951BA7304DA0} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {5D9736C1-7743-4FA6-814F-475BCC29EE0D} - System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => pcalua.exe -a C:\Users\oem\Downloads\iv395cz-mini-205f-saj.exe -d C:\Users\oem\Downloads
Task: {5FA39806-04A0-4580-9E06-9304FE6E7BBE} - System32\Tasks\{60CD2873-BCF7-441B-A3FE-BDFA1E3EBB4A} => C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2012-10-17] ()
Task: {649D2B97-95F6-4373-AC3A-F23B51EEE715} - System32\Tasks\{D2AD59F3-B3BD-485C-9724-B0C03EA7FD46} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {65E7B6D8-3440-4B8A-9C5A-E873E560D708} - System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => pcalua.exe -a "C:\Users\oem\Downloads\InstallDriver_M135_Drv3.6.0.6_SWEncoder_3.0.1.6_MCE_Plugins_2.0.8.0_Vista_x86_Win7 x86_090724.exe" -d C:\Users\oem\Downloads
Task: {6F74C553-9A94-495C-8B2B-95C447B951E9} - System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => pcalua.exe -a C:\Users\oem\Documents\Install\SUPERAntiSpyware_4.15.1000_cz.exe -d C:\Users\oem\Documents\Install
Task: {7509BFB5-AB5B-4356-85BD-21CE6AA272ED} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {768BBB0E-EFC4-41F8-945E-D2DB02E45013} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7A106C83-564D-46D3-A442-65921D2A7B26} - System32\Tasks\{BDB1CC77-CF81-4C39-B89A-9930B794C8FB} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {7C38978A-85D6-4B1D-AE57-EACA9BCAE4B9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD} - System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => pcalua.exe -a C:\Users\oem\Downloads\BlazeDVDSetup.exe -d C:\Users\oem\Downloads
Task: {7ECFC5BC-CAC7-41AB-B728-C53FC6E53C59} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {848EB751-3D37-4358-8C50-C4A73C49C410} - System32\Tasks\{BC0C5950-D154-40AB-B982-5FC258C23257} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {8A78CFC8-AF28-4A50-9BC7-414643567144} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {94ADCC71-BC10-4C36-B107-F449A039E547} - System32\Tasks\{F452DCDD-36EA-449B-BE7B-7BB656DF496E} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {9F19E7F7-FF54-43C5-8C2B-09E7A38C5C16} - System32\Tasks\{63820B26-03C3-4825-99A7-29241EC6EE12} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {A8175D07-FA84-4799-8A98-5187E2C4C18C} - System32\Tasks\{5B360BCD-E536-4C21-AC7C-B0C55FD96DBC} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {B00EB4B4-3322-43C6-8C0A-991F4234B119} - System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => pcalua.exe -a D:\AutoRunPro.exe -d D:\
Task: {B53B9BE1-74D4-4F7D-9F30-E2FF3358ECAB} - System32\Tasks\{101BE7D7-E102-4007-B2D9-9CD4F4AB5F81} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {B7C70446-C70D-44FE-9D4F-DA4C362EC60E} - System32\Tasks\{78B8041F-4B40-4557-91DC-4F8B557C3DB5} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {C697E36A-74C5-4537-9ADC-2B312CAF31F8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {C6B44FD6-0412-4C4F-B445-BB9EB5CAF7A6} - System32\Tasks\{D35A96BF-F067-4AEB-95A0-0D4220149C99} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {C7B8CFF6-F476-42C6-B4FD-E96F967DCA62} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC157064-44B8-44AB-B2B5-2AFC280177BA} - System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: {D2C9E76E-9D7E-4292-804E-351786362A85} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8d5b25fe0c8d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {D3C6D430-74DC-47E7-B3C3-492BD3EDFC5B} - System32\Tasks\{FE7F8B51-955C-457A-80DF-DA970C52F3E7} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {D4421C0D-00CB-4986-B752-AEBFDFF86181} - System32\Tasks\{E75CCFB8-946F-496C-AF3F-A41D7B187401} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {D6020B7B-F586-4AAE-A6E3-7E46D0DCB27E} - System32\Tasks\{381F4E99-B1D7-4C27-8B7B-46BEC37C145C} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {D6813670-D55A-44E0-BBA1-53762D043F23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {D7C307F0-CAE3-45A9-ADC9-70C9433FEB78} - System32\Tasks\{92CDA227-EFBD-4F5E-B887-4BA8C1529B25} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {DD1970EA-558D-4E34-8625-7B58A9749E3E} - System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup.exe -d C:\Users\oem\Downloads
Task: {DFCBC3FC-D821-4FAE-8288-9592074871C1} - System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup(1).exe -d C:\Users\oem\Downloads
Task: {E7591A54-28F7-4233-97A6-35D17449B3A4} - System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => pcalua.exe -a C:\Users\oem\Downloads\iview395.exe -d C:\Users\oem\Downloads
Task: {EA8F7012-7449-408B-BFDC-882387894D53} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {F31BA45F-7AF4-4745-9F02-FBBCCEADD412} - System32\Tasks\{5D08BA52-FAFC-4E0D-8020-4EFBD9C5DA8A} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {FA4A507C-C485-44E4-B5CF-E723C97700C2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1790967181-1192606045-1394816446-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FAF661B5-D30B-493B-991E-BD0BF7AA35C9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {FBCD2056-BA40-473C-AEC5-A0AB6C913542} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FF7F6C5B-F011-49D7-B18D-6FB17F64234C} - System32\Tasks\{211A7952-A09A-4B19-9667-A54346FB0102} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d5b25fe0c8d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2010-10-08 23:10 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-25 22:58 - 2011-04-01 08:52 - 00403456 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2015-03-25 22:58 - 2012-10-17 09:24 - 00163840 ____R () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2010-10-05 15:45 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2010-10-05 15:45 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-10-05 15:45 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2010-10-05 15:45 - 2009-11-03 05:12 - 47601664 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2010-04-16 14:20 - 2010-04-16 14:20 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-06 21:26 - 2010-07-06 21:26 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-04-18 15:36 - 2015-04-18 15:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-18 15:36 - 2015-04-18 15:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-01 21:08 - 2015-05-01 21:08 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050101\algo.dll
2015-03-25 22:58 - 2012-06-09 12:33 - 00053248 ____R () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2015-03-21 14:38 - 2015-03-21 14:38 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-15 16:54 - 2015-04-15 16:54 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
2015-04-02 20:03 - 2015-04-02 20:03 - 03348592 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-04-02 20:03 - 2015-04-02 20:03 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-02 20:03 - 2015-04-02 20:03 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\oem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [TCP Query User{764965A8-FF50-435B-9F8C-12E8F0310148}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CBD34C1B-969E-4246-801B-A8645D1DEEF9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A383A3C1-4283-49BE-BD80-1036D630579E}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{9049E893-59D7-4ACC-8E9C-B1F6970DC0D4}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{95BBE1B3-2FFD-47DE-B0E3-1718A9240F05}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{AAE37DAC-F747-4B25-86CC-12BFCD799859}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{3705AD44-6E92-4484-B727-D05CAB7814D4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5F72047F-4375-4C4C-9A31-A6CE5188C12B}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{D163A11F-169B-4723-A62A-4D6BC61FF2FB}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [TCP Query User{1D3681EB-7AEB-4488-A5E3-BF7315968E3C}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [UDP Query User{BD81A70D-56FC-4551-AD7F-F140F21D837E}D:\easysetupassistant\wr741n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr741n\easysetupassistant.exe
FirewallRules: [{F94E57FE-A2D7-4752-8E99-BC55E5179330}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{185EE718-5E0A-4D2F-9EB5-79E21E1AC48E}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{D264CF18-C9D0-4C25-9855-9A93309E9DBD}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe
FirewallRules: [{61FBA6E7-BA70-46DE-ADA9-916F3BA655AB}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A3242554-71B3-48B4-821C-D36C4F2D84BC}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{4DAD4A23-D5DC-4F58-B623-029BFB8BE43D}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{7482C050-9DBE-43E8-BD02-E9208575DADA}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{7565979C-CBA7-4C53-AB3D-34E763D4E4A7}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{48E2B6ED-C763-4DAB-92E0-77981A2420D0}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{FABB8620-2940-48FE-9B85-C991121027F4}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{244D0A97-0D40-4502-9A2C-FDC19BCB7725}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{459F7128-9255-4809-9A48-A1A2A0307026}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{C7C029AC-DF52-4BD2-88CA-9F11164617B1}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F08B3159-712D-48AB-9E6D-48D662CDC9CB}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{9C792014-9C6C-42F7-A52C-E0DFDDD04621}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{AD194D74-D6F3-4909-9F8A-6CC321D0D916}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FC5B1CFA-B346-4766-9718-D9ABCB3E877A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1A26D096-828F-4EF7-8A99-CE9E980B3F61}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{428EDF4D-B67B-47ED-886B-18D7659DF730}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{AF3470F3-069A-4D77-B9E7-38544ED8E223}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{CAF18FFD-314B-44F5-9C05-DA97D70EC651}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{E66D9B3D-2CEE-48A2-99A8-3DDCBAED561F}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{B5619FC0-4A2C-46E2-8337-BCA478754A58}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F4EB9708-16FA-4C2F-82FA-A21C6EC567EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF0072C1-0753-4573-BD64-DE5B59A18B48}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [{702C1EAD-B5D1-4E30-A2FF-B11A9D5B4F46}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [{2CF1ACF6-AE65-447A-9D48-D16D61AB57E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 02:15:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (05/01/2015 11:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 37.0.2.5583, časové razítko: 0x552ef76c
Název chybujícího modulu: mozalloc.dll, verze: 37.0.2.5583, časové razítko: 0x552ee9ae
Kód výjimky: 0x80000003
Posun chyby: 0x00001aa1
ID chybujícího procesu: 0x1380
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Error: (05/01/2015 05:05:53 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Došlo k selhání kritického systémového procesu C:\Windows\system32\lsass.exe se stavovým kódem 255. Počítač je nyní nutné restartovat.
Error: (05/01/2015 05:05:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: lsass.exe, verze: 6.1.7601.18798, časové razítko: 0x5507a4a4
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18798, časové razítko: 0x5507b864
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000200ba
ID chybujícího procesu: 0x234
Čas spuštění chybující aplikace: 0xlsass.exe0
Cesta k chybující aplikaci: lsass.exe1
Cesta k chybujícímu modulu: lsass.exe2
ID zprávy: lsass.exe3
Error: (04/30/2015 00:22:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/29/2015 08:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WINWORD.EXE, verze: 9.0.0.2823, časové razítko: 0x3720dbd6
Název chybujícího modulu: WINWORD.EXE, verze: 9.0.0.2823, časové razítko: 0x3720dbd6
Kód výjimky: 0xc0000005
Posun chyby: 0x0032a25f
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0xWINWORD.EXE0
Cesta k chybující aplikaci: WINWORD.EXE1
Cesta k chybujícímu modulu: WINWORD.EXE2
ID zprávy: WINWORD.EXE3
Error: (04/28/2015 10:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 09:37:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 10:14:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (04/26/2015 01:46:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
System errors:
=============
Error: (05/02/2015 08:53:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (05/02/2015 08:53:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (05/02/2015 08:53:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (05/02/2015 08:53:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (05/02/2015 08:53:30 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (05/02/2015 08:53:29 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (05/02/2015 06:07:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (05/02/2015 06:07:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (05/02/2015 06:07:27 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (05/02/2015 00:08:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (05/02/2015 02:15:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (05/01/2015 11:35:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1138001d08455fee3bd21C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlleb426182-f049-11e4-b605-485b3976fef1
Error: (05/01/2015 05:05:53 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsass.exe255
Error: (05/01/2015 05:05:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: lsass.exe6.1.7601.187985507a4a4ntdll.dll6.1.7601.187985507b864c000000500000000000200ba23401d083eadc357212C:\Windows\system32\lsass.exeC:\Windows\SYSTEM32\ntdll.dll8996fa4d-f013-11e4-b544-485b3976fef1
Error: (04/30/2015 00:22:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/29/2015 08:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE9.0.0.28233720dbd6WINWORD.EXE9.0.0.28233720dbd6c00000050032a25fdb801d082aa21049aceC:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXEC:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE67f6619e-ee9d-11e4-9f1a-485b3976fef1
Error: (04/28/2015 10:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 09:37:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (04/28/2015 10:14:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (04/26/2015 01:46:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
CodeIntegrity Errors:
===================================
Date: 2014-10-26 12:09:12.642
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.483
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-10-26 12:09:12.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-04-25 20:35:04.275
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerBDA3x_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-04-25 20:35:04.197
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerBDA3x_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-04-21 13:05:00.868
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerA706_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-04-21 13:05:00.790
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVerA706_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 240e Processor
Percentage of memory in use: 74%
Total physical RAM: 1790.05 MB
Available physical RAM: 452.98 MB
Total Pagefile: 3580.1 MB
Available Pagefile: 1229.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:316.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: E7F4425A)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Pomalé PC
Ještě něco. Protože su ve věku počínající sklerózy, zapomněl jsem teď při tom posledním skenování (FRST) vypnout antivir! Vadí to? Jestli jo, provedu to ještě jednou...
Re: Pomalé PC
Nevadí.
Odinstaluj prosím tyto programy:
------------------------------------------------------------
Aplikuj fixlist pro FRST:
Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.
Poté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.
Odinstaluj prosím tyto programy:
Kód: Vybrat vše
Ad-Aware Antivirus
MyAshampoo Toolbar
Skype Click to Call------------------------------------------------------------
Aplikuj fixlist pro FRST:
Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
Task: {0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B} - System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => pcalua.exe -a "C:\Program Files\AP6\TV\setup.exe" -d "C:\Program Files\AP6\TV"
Task: {02FC32A9-58D1-45D5-882B-A628F9083C4C} - System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {2EE98366-5153-4308-BA4B-38E978C11A41} - System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => pcalua.exe -a "C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe" -d "C:\Program Files (x86)\FreeHDSport TV"
Task: {38CB1DFC-B36E-45F8-9200-78D17E3543A6} - System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => pcalua.exe -a C:\Users\oem\AppData\Local\Temp\Temp1_SUPERAntiSpyware4221014czechlng.zip\SUPERAntiSpyware4221014czech.lng.exe
Task: {5D9736C1-7743-4FA6-814F-475BCC29EE0D} - System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => pcalua.exe -a C:\Users\oem\Downloads\iv395cz-mini-205f-saj.exe -d C:\Users\oem\Downloads
Task: {65E7B6D8-3440-4B8A-9C5A-E873E560D708} - System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => pcalua.exe -a "C:\Users\oem\Downloads\InstallDriver_M135_Drv3.6.0.6_SWEncoder_3.0.1.6_MCE_Plugins_2.0.8.0_Vista_x86_Win7 x86_090724.exe" -d C:\Users\oem\Downloads
Task: {6F74C553-9A94-495C-8B2B-95C447B951E9} - System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => pcalua.exe -a C:\Users\oem\Documents\Install\SUPERAntiSpyware_4.15.1000_cz.exe -d C:\Users\oem\Documents\Install
Task: {7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD} - System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => pcalua.exe -a C:\Users\oem\Downloads\BlazeDVDSetup.exe -d C:\Users\oem\Downloads
Task: {B00EB4B4-3322-43C6-8C0A-991F4234B119} - System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => pcalua.exe -a D:\AutoRunPro.exe -d D:\
Task: {C7B8CFF6-F476-42C6-B4FD-E96F967DCA62} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC157064-44B8-44AB-B2B5-2AFC280177BA} - System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\SUPERAntiSpyware
Task: {DD1970EA-558D-4E34-8625-7B58A9749E3E} - System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup.exe -d C:\Users\oem\Downloads
Task: {DFCBC3FC-D821-4FAE-8288-9592074871C1} - System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup(1).exe -d C:\Users\oem\Downloads
Task: {E7591A54-28F7-4233-97A6-35D17449B3A4} - System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => pcalua.exe -a C:\Users\oem\Downloads\iview395.exe -d C:\Users\oem\Downloads
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: {48c33ac0-0de4-11e1-9297-485b3976fef1} - I:\setup.EXE /AUTORUN
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml [2015-02-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-24]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-24] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\*.job
C:\ProgramData\RogueKiller
C:\Program Files (x86)\Adwcleaner.exe
C:\Program Files (x86)\ATF-Cleaner.exe
C:\Program Files (x86)\SUPERAntiSpyware.exe
C:\Program Files (x86)\TFC.exe
C:\Program Files (x86)\Zoek.exe
C:\ProgramData\mtbjfghn.xbe
CMD: bitsadmin /reset /allusers
CMD: dir C:\Windows\system32\%LOCALAPPDATA%
CMD: dir %appdata%
CMD: dir %programdata%
EmptyTemp:
EndPoté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.
Re: Pomalé PC
Ten Ad-aware antivir se mě nepodařilo odinstalovat. Ani přes ovládací panely ani přes CCleaner (což prý bývá účinnější - jo?) Tentokrát jsem měl svůj antivir (Avast) skutečně vypnutej, všechny tři štíty. Vypnul jsem pro jistotu i firewall (integr. ve Windows), ale furt to hlásí při odinstalaci nějakej error. Jestli mám ještě nějakou trvající ochranu, která tomu snad brání, to fakt nevím.
Ten "fix ve FRST" jsem teda udělal bez odinstalace toho Ad-aware antiviru:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by oem at 2015-05-02 14:43:16 Run:1
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available profiles: oem)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B} - System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => pcalua.exe -a "C:\Program Files\AP6\TV\setup.exe" -d "C:\Program Files\AP6\TV"
Task: {02FC32A9-58D1-45D5-882B-A628F9083C4C} - System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {2EE98366-5153-4308-BA4B-38E978C11A41} - System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => pcalua.exe -a "C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe" -d "C:\Program Files (x86)\FreeHDSport TV"
Task: {38CB1DFC-B36E-45F8-9200-78D17E3543A6} - System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => pcalua.exe -a C:\Users\oem\AppData\Local\Temp\Temp1_SUPERAntiSpyware4221014czechlng.zip\SUPERAntiSpyware4221014czech.lng.exe
Task: {5D9736C1-7743-4FA6-814F-475BCC29EE0D} - System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => pcalua.exe -a C:\Users\oem\Downloads\iv395cz-mini-205f-saj.exe -d C:\Users\oem\Downloads
Task: {65E7B6D8-3440-4B8A-9C5A-E873E560D708} - System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => pcalua.exe -a "C:\Users\oem\Downloads\InstallDriver_M135_Drv3.6.0.6_SWEncoder_3.0.1.6_MCE_Plugins_2.0.8.0_Vista_x86_Win7 x86_090724.exe" -d C:\Users\oem\Downloads
Task: {6F74C553-9A94-495C-8B2B-95C447B951E9} - System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => pcalua.exe -a C:\Users\oem\Documents\Install\SUPERAntiSpyware_4.15.1000_cz.exe -d C:\Users\oem\Documents\Install
Task: {7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD} - System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => pcalua.exe -a C:\Users\oem\Downloads\BlazeDVDSetup.exe -d C:\Users\oem\Downloads
Task: {B00EB4B4-3322-43C6-8C0A-991F4234B119} - System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => pcalua.exe -a D:\AutoRunPro.exe -d D:\
Task: {C7B8CFF6-F476-42C6-B4FD-E96F967DCA62} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC157064-44B8-44AB-B2B5-2AFC280177BA} - System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\SUPERAntiSpyware
Task: {DD1970EA-558D-4E34-8625-7B58A9749E3E} - System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup.exe -d C:\Users\oem\Downloads
Task: {DFCBC3FC-D821-4FAE-8288-9592074871C1} - System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup(1).exe -d C:\Users\oem\Downloads
Task: {E7591A54-28F7-4233-97A6-35D17449B3A4} - System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => pcalua.exe -a C:\Users\oem\Downloads\iview395.exe -d C:\Users\oem\Downloads
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: {48c33ac0-0de4-11e1-9297-485b3976fef1} - I:\setup.EXE /AUTORUN
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml [2015-02-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-24]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-24] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\*.job
C:\ProgramData\RogueKiller
C:\Program Files (x86)\Adwcleaner.exe
C:\Program Files (x86)\ATF-Cleaner.exe
C:\Program Files (x86)\SUPERAntiSpyware.exe
C:\Program Files (x86)\TFC.exe
C:\Program Files (x86)\Zoek.exe
C:\ProgramData\mtbjfghn.xbe
CMD: bitsadmin /reset /allusers
CMD: dir C:\Windows\system32\%LOCALAPPDATA%
CMD: dir %appdata%
CMD: dir %programdata%
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D095C7A4-5EC2-4607-BB07-7617FF1198C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02FC32A9-58D1-45D5-882B-A628F9083C4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02FC32A9-58D1-45D5-882B-A628F9083C4C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C44540A4-2F2C-417C-920C-AB57D218E2F3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EE98366-5153-4308-BA4B-38E978C11A41}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE98366-5153-4308-BA4B-38E978C11A41}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38CB1DFC-B36E-45F8-9200-78D17E3543A6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38CB1DFC-B36E-45F8-9200-78D17E3543A6}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0275E610-1E21-45E8-842C-76826AF04596}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D9736C1-7743-4FA6-814F-475BCC29EE0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D9736C1-7743-4FA6-814F-475BCC29EE0D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4D838F71-29E8-4000-B2BA-666B2BC103AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65E7B6D8-3440-4B8A-9C5A-E873E560D708}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65E7B6D8-3440-4B8A-9C5A-E873E560D708}" => Key deleted successfully.
C:\Windows\System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F74C553-9A94-495C-8B2B-95C447B951E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F74C553-9A94-495C-8B2B-95C447B951E9}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F09B0009-4A4B-479D-BEAB-555B73ABD104}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B00EB4B4-3322-43C6-8C0A-991F4234B119}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B00EB4B4-3322-43C6-8C0A-991F4234B119}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E164646-BDDC-4F83-A9D2-31B650A10D59}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7B8CFF6-F476-42C6-B4FD-E96F967DCA62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B8CFF6-F476-42C6-B4FD-E96F967DCA62}" => Key deleted successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC157064-44B8-44AB-B2B5-2AFC280177BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC157064-44B8-44AB-B2B5-2AFC280177BA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2407AC5A-ED58-4D7E-B396-5742FCE442ED}" => Key deleted successfully.
"C:\Program Files (x86)\SUPERAntiSpyware" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD1970EA-558D-4E34-8625-7B58A9749E3E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD1970EA-558D-4E34-8625-7B58A9749E3E}" => Key deleted successfully.
C:\Windows\System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFCBC3FC-D821-4FAE-8288-9592074871C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFCBC3FC-D821-4FAE-8288-9592074871C1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{99F61512-F02F-4C1A-B03D-1DF10CCB9364}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7591A54-28F7-4233-97A6-35D17449B3A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7591A54-28F7-4233-97A6-35D17449B3A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6277B2D6-D567-4757-B2B7-B8DA478F11B5}" => Key deleted successfully.
"HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K" => Key deleted successfully.
"HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48c33ac0-0de4-11e1-9297-485b3976fef1}" => Key deleted successfully.
HKCR\CLSID\{48c33ac0-0de4-11e1-9297-485b3976fef1} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCR\PROTOCOLS\Handler\skypec2c => Key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi not found.
C:\Program Files (x86)\mozilla firefox\firefox.cfg => Moved successfully.
c2cautoupdatesvc => Service not found.
c2cpnrsvc => Service not found.
C:\Windows\Tasks\*.job => Moved successfully.
C:\ProgramData\RogueKiller => Moved successfully.
C:\Program Files (x86)\Adwcleaner.exe => Moved successfully.
C:\Program Files (x86)\ATF-Cleaner.exe => Moved successfully.
C:\Program Files (x86)\SUPERAntiSpyware.exe => Moved successfully.
C:\Program Files (x86)\TFC.exe => Moved successfully.
C:\Program Files (x86)\Zoek.exe => Moved successfully.
C:\ProgramData\mtbjfghn.xbe => Moved successfully.
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {B7292FC8-2155-43F3-9A44-210507AD923B}.
0 out of 1 jobs canceled.
========= End of CMD: =========
========= dir C:\Windows\system32\%LOCALAPPDATA% =========
N�zev souboru �i adres��e nebo jmenovka svazku je nespr�vn�.
========= End of CMD: =========
========= dir %appdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je DA60-1B84.
V�pis adres��e C:\Users\oem\AppData\Roaming
01.05.2015 23:36 <DIR> .
01.05.2015 23:36 <DIR> ..
30.09.2012 10:49 <DIR> Adobe
20.12.2011 08:59 <DIR> Apple Computer
08.12.2013 16:42 <DIR> Ashampoo
05.10.2010 16:01 <DIR> ATI
27.11.2014 00:53 <DIR> AVAST Software
12.10.2010 00:22 <DIR> Brother
16.02.2015 19:54 <DIR> Canneverbe Limited
11.09.2013 15:44 <DIR> capella-software
18.10.2010 21:04 <DIR> Carambis
10.11.2013 17:43 <DIR> DAEMON Tools Lite
27.11.2014 00:56 <DIR> Dropbox
06.03.2014 17:45 <DIR> dvdcss
04.12.2013 17:40 <DIR> FileZilla
20.09.2012 17:59 <DIR> Free Audio Editor
16.02.2015 19:42 <DIR> FreeBurner
05.10.2010 14:46 <DIR> Identities
22.12.2014 14:13 <DIR> IsolatedStorage
12.11.2014 21:11 <DIR> Lavasoft
02.11.2014 23:01 <DIR> LavasoftStatistics
05.10.2010 16:06 <DIR> Macromedia
14.07.2009 17:36 <DIR> Media Center Programs
08.10.2010 21:08 <DIR> Microsoft Web Folders
08.10.2010 18:59 <DIR> Mozilla
15.02.2015 18:25 <DIR> Nero
18.04.2015 23:18 <DIR> OpenOffice.org2
24.10.2010 21:53 <DIR> Opera
10.03.2015 20:41 <DIR> Opera Software
04.10.2014 18:53 <DIR> Real
01.02.2014 12:04 <DIR> Skype
08.10.2010 19:50 <DIR> Thunderbird
17.10.2010 17:07 <DIR> TomTom
06.03.2014 17:44 <DIR> U3
16.02.2015 23:40 <DIR> vlc
01.12.2014 19:44 <DIR> Winamp
04.02.2015 22:35 <DIR> XnView
Soubor�: 0, Bajt�: 0
Adres���: 37, Voln�ch bajt�: 341�151�125�504
========= End of CMD: =========
========= dir %programdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je DA60-1B84.
V�pis adres��e C:\ProgramData
29.11.2013 08:41 <DIR> Adobe
21.01.2011 21:44 <DIR> Apple
25.09.2014 20:16 <DIR> ashampoo
17.10.2010 16:30 <DIR> ATI
22.10.2013 20:54 <DIR> AVAST Software
25.03.2015 23:12 <DIR> AVerMedia
11.01.2011 10:19 <DIR> AVerSetup
08.10.2010 19:14 <DIR> AVerTempFolder
16.04.2015 20:20 <DIR> AVerTV 3D
17.10.2010 22:57 <DIR> BlazeVideo
16.02.2015 19:54 <DIR> Canneverbe Limited
13.11.2011 21:33 <DIR> DAEMON Tools Lite
02.08.2013 21:31 <DIR> Google
22.12.2014 14:13 <DIR> IsolatedStorage
01.05.2015 23:59 <DIR> Lavasoft
08.11.2014 13:56 <DIR> Malwarebytes
29.11.2011 19:36 <DIR> McAfee
05.05.2012 15:59 <DIR> Mozilla
31.10.2010 20:33 <DIR> NCH Swift Sound
01.02.2014 12:19 <DIR> Nero
29.12.2013 13:07 <DIR> Norton
15.11.2013 16:13 <DIR> NortonInstaller
26.10.2014 18:13 262�144 ntuser.dat
04.10.2014 18:53 <DIR> Real
15.04.2015 23:57 <DIR> Skype
12.11.2014 21:08 <DIR> Spybot - Search & Destroy
01.02.2014 12:26 <DIR> SUPERAntiSpyware.com
21.12.2014 20:26 <DIR> SUPERSetup
19.06.2013 16:45 <DIR> Symantec
13.11.2010 23:49 <DIR> TomTom
Soubor�: 1, Bajt�: 262�144
Adres���: 29, Voln�ch bajt�: 341�151�125�504
========= End of CMD: =========
EmptyTemp: => Removed 217.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 14:44:21 ====
P.S. Avast jsem nechal vypnutej, firewall mám zapnutej (jestli to může mít na něco vliv).
Ten "fix ve FRST" jsem teda udělal bez odinstalace toho Ad-aware antiviru:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by oem at 2015-05-02 14:43:16 Run:1
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available profiles: oem)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B} - System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => pcalua.exe -a "C:\Program Files\AP6\TV\setup.exe" -d "C:\Program Files\AP6\TV"
Task: {02FC32A9-58D1-45D5-882B-A628F9083C4C} - System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {2EE98366-5153-4308-BA4B-38E978C11A41} - System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => pcalua.exe -a "C:\Program Files (x86)\FreeHDSport TV\Uninstall.exe" -d "C:\Program Files (x86)\FreeHDSport TV"
Task: {38CB1DFC-B36E-45F8-9200-78D17E3543A6} - System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => pcalua.exe -a C:\Users\oem\AppData\Local\Temp\Temp1_SUPERAntiSpyware4221014czechlng.zip\SUPERAntiSpyware4221014czech.lng.exe
Task: {5D9736C1-7743-4FA6-814F-475BCC29EE0D} - System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => pcalua.exe -a C:\Users\oem\Downloads\iv395cz-mini-205f-saj.exe -d C:\Users\oem\Downloads
Task: {65E7B6D8-3440-4B8A-9C5A-E873E560D708} - System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => pcalua.exe -a "C:\Users\oem\Downloads\InstallDriver_M135_Drv3.6.0.6_SWEncoder_3.0.1.6_MCE_Plugins_2.0.8.0_Vista_x86_Win7 x86_090724.exe" -d C:\Users\oem\Downloads
Task: {6F74C553-9A94-495C-8B2B-95C447B951E9} - System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => pcalua.exe -a C:\Users\oem\Documents\Install\SUPERAntiSpyware_4.15.1000_cz.exe -d C:\Users\oem\Documents\Install
Task: {7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD} - System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => pcalua.exe -a C:\Users\oem\Downloads\BlazeDVDSetup.exe -d C:\Users\oem\Downloads
Task: {B00EB4B4-3322-43C6-8C0A-991F4234B119} - System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => pcalua.exe -a D:\AutoRunPro.exe -d D:\
Task: {C7B8CFF6-F476-42C6-B4FD-E96F967DCA62} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC157064-44B8-44AB-B2B5-2AFC280177BA} - System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\SUPERAntiSpyware
Task: {DD1970EA-558D-4E34-8625-7B58A9749E3E} - System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup.exe -d C:\Users\oem\Downloads
Task: {DFCBC3FC-D821-4FAE-8288-9592074871C1} - System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => pcalua.exe -a C:\Users\oem\Downloads\iview437_setup(1).exe -d C:\Users\oem\Downloads
Task: {E7591A54-28F7-4233-97A6-35D17449B3A4} - System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => pcalua.exe -a C:\Users\oem\Downloads\iview395.exe -d C:\Users\oem\Downloads
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\...\MountPoints2: {48c33ac0-0de4-11e1-9297-485b3976fef1} - I:\setup.EXE /AUTORUN
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-1790967181-1192606045-1394816446-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml [2015-02-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-24]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-24] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\*.job
C:\ProgramData\RogueKiller
C:\Program Files (x86)\Adwcleaner.exe
C:\Program Files (x86)\ATF-Cleaner.exe
C:\Program Files (x86)\SUPERAntiSpyware.exe
C:\Program Files (x86)\TFC.exe
C:\Program Files (x86)\Zoek.exe
C:\ProgramData\mtbjfghn.xbe
CMD: bitsadmin /reset /allusers
CMD: dir C:\Windows\system32\%LOCALAPPDATA%
CMD: dir %appdata%
CMD: dir %programdata%
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0089C9A4-74AD-42BC-B4B2-AE84D1BE9E3B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D095C7A4-5EC2-4607-BB07-7617FF1198C2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D095C7A4-5EC2-4607-BB07-7617FF1198C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02FC32A9-58D1-45D5-882B-A628F9083C4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02FC32A9-58D1-45D5-882B-A628F9083C4C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C44540A4-2F2C-417C-920C-AB57D218E2F3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C44540A4-2F2C-417C-920C-AB57D218E2F3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EE98366-5153-4308-BA4B-38E978C11A41}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE98366-5153-4308-BA4B-38E978C11A41}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FC42EFA-A808-4D5F-972E-F2E8408A7FF1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38CB1DFC-B36E-45F8-9200-78D17E3543A6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38CB1DFC-B36E-45F8-9200-78D17E3543A6}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0275E610-1E21-45E8-842C-76826AF04596} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0275E610-1E21-45E8-842C-76826AF04596}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D9736C1-7743-4FA6-814F-475BCC29EE0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D9736C1-7743-4FA6-814F-475BCC29EE0D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{4D838F71-29E8-4000-B2BA-666B2BC103AC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4D838F71-29E8-4000-B2BA-666B2BC103AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65E7B6D8-3440-4B8A-9C5A-E873E560D708}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65E7B6D8-3440-4B8A-9C5A-E873E560D708}" => Key deleted successfully.
C:\Windows\System32\Tasks\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ABFD99A9-746D-4A2D-A1D0-370FD512EC16}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F74C553-9A94-495C-8B2B-95C447B951E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F74C553-9A94-495C-8B2B-95C447B951E9}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F09B0009-4A4B-479D-BEAB-555B73ABD104} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F09B0009-4A4B-479D-BEAB-555B73ABD104}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E107CDA-7639-4F2F-85C7-9A89BA1C2DDD}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E0A8841-2C14-4DD4-9939-CB1580A8A9B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B00EB4B4-3322-43C6-8C0A-991F4234B119}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B00EB4B4-3322-43C6-8C0A-991F4234B119}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2E164646-BDDC-4F83-A9D2-31B650A10D59} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E164646-BDDC-4F83-A9D2-31B650A10D59}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7B8CFF6-F476-42C6-B4FD-E96F967DCA62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B8CFF6-F476-42C6-B4FD-E96F967DCA62}" => Key deleted successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC157064-44B8-44AB-B2B5-2AFC280177BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC157064-44B8-44AB-B2B5-2AFC280177BA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2407AC5A-ED58-4D7E-B396-5742FCE442ED} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2407AC5A-ED58-4D7E-B396-5742FCE442ED}" => Key deleted successfully.
"C:\Program Files (x86)\SUPERAntiSpyware" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD1970EA-558D-4E34-8625-7B58A9749E3E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD1970EA-558D-4E34-8625-7B58A9749E3E}" => Key deleted successfully.
C:\Windows\System32\Tasks\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{71405E49-D37F-4EE2-9690-7DFA8AEF56AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFCBC3FC-D821-4FAE-8288-9592074871C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFCBC3FC-D821-4FAE-8288-9592074871C1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{99F61512-F02F-4C1A-B03D-1DF10CCB9364} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{99F61512-F02F-4C1A-B03D-1DF10CCB9364}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7591A54-28F7-4233-97A6-35D17449B3A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7591A54-28F7-4233-97A6-35D17449B3A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6277B2D6-D567-4757-B2B7-B8DA478F11B5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6277B2D6-D567-4757-B2B7-B8DA478F11B5}" => Key deleted successfully.
"HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K" => Key deleted successfully.
"HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48c33ac0-0de4-11e1-9297-485b3976fef1}" => Key deleted successfully.
HKCR\CLSID\{48c33ac0-0de4-11e1-9297-485b3976fef1} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKU\S-1-5-21-1790967181-1192606045-1394816446-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCR\PROTOCOLS\Handler\skypec2c => Key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\y504fwoy.default\searchplugins\youtube.xml => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi not found.
C:\Program Files (x86)\mozilla firefox\firefox.cfg => Moved successfully.
c2cautoupdatesvc => Service not found.
c2cpnrsvc => Service not found.
C:\Windows\Tasks\*.job => Moved successfully.
C:\ProgramData\RogueKiller => Moved successfully.
C:\Program Files (x86)\Adwcleaner.exe => Moved successfully.
C:\Program Files (x86)\ATF-Cleaner.exe => Moved successfully.
C:\Program Files (x86)\SUPERAntiSpyware.exe => Moved successfully.
C:\Program Files (x86)\TFC.exe => Moved successfully.
C:\Program Files (x86)\Zoek.exe => Moved successfully.
C:\ProgramData\mtbjfghn.xbe => Moved successfully.
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {B7292FC8-2155-43F3-9A44-210507AD923B}.
0 out of 1 jobs canceled.
========= End of CMD: =========
========= dir C:\Windows\system32\%LOCALAPPDATA% =========
N�zev souboru �i adres��e nebo jmenovka svazku je nespr�vn�.
========= End of CMD: =========
========= dir %appdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je DA60-1B84.
V�pis adres��e C:\Users\oem\AppData\Roaming
01.05.2015 23:36 <DIR> .
01.05.2015 23:36 <DIR> ..
30.09.2012 10:49 <DIR> Adobe
20.12.2011 08:59 <DIR> Apple Computer
08.12.2013 16:42 <DIR> Ashampoo
05.10.2010 16:01 <DIR> ATI
27.11.2014 00:53 <DIR> AVAST Software
12.10.2010 00:22 <DIR> Brother
16.02.2015 19:54 <DIR> Canneverbe Limited
11.09.2013 15:44 <DIR> capella-software
18.10.2010 21:04 <DIR> Carambis
10.11.2013 17:43 <DIR> DAEMON Tools Lite
27.11.2014 00:56 <DIR> Dropbox
06.03.2014 17:45 <DIR> dvdcss
04.12.2013 17:40 <DIR> FileZilla
20.09.2012 17:59 <DIR> Free Audio Editor
16.02.2015 19:42 <DIR> FreeBurner
05.10.2010 14:46 <DIR> Identities
22.12.2014 14:13 <DIR> IsolatedStorage
12.11.2014 21:11 <DIR> Lavasoft
02.11.2014 23:01 <DIR> LavasoftStatistics
05.10.2010 16:06 <DIR> Macromedia
14.07.2009 17:36 <DIR> Media Center Programs
08.10.2010 21:08 <DIR> Microsoft Web Folders
08.10.2010 18:59 <DIR> Mozilla
15.02.2015 18:25 <DIR> Nero
18.04.2015 23:18 <DIR> OpenOffice.org2
24.10.2010 21:53 <DIR> Opera
10.03.2015 20:41 <DIR> Opera Software
04.10.2014 18:53 <DIR> Real
01.02.2014 12:04 <DIR> Skype
08.10.2010 19:50 <DIR> Thunderbird
17.10.2010 17:07 <DIR> TomTom
06.03.2014 17:44 <DIR> U3
16.02.2015 23:40 <DIR> vlc
01.12.2014 19:44 <DIR> Winamp
04.02.2015 22:35 <DIR> XnView
Soubor�: 0, Bajt�: 0
Adres���: 37, Voln�ch bajt�: 341�151�125�504
========= End of CMD: =========
========= dir %programdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je DA60-1B84.
V�pis adres��e C:\ProgramData
29.11.2013 08:41 <DIR> Adobe
21.01.2011 21:44 <DIR> Apple
25.09.2014 20:16 <DIR> ashampoo
17.10.2010 16:30 <DIR> ATI
22.10.2013 20:54 <DIR> AVAST Software
25.03.2015 23:12 <DIR> AVerMedia
11.01.2011 10:19 <DIR> AVerSetup
08.10.2010 19:14 <DIR> AVerTempFolder
16.04.2015 20:20 <DIR> AVerTV 3D
17.10.2010 22:57 <DIR> BlazeVideo
16.02.2015 19:54 <DIR> Canneverbe Limited
13.11.2011 21:33 <DIR> DAEMON Tools Lite
02.08.2013 21:31 <DIR> Google
22.12.2014 14:13 <DIR> IsolatedStorage
01.05.2015 23:59 <DIR> Lavasoft
08.11.2014 13:56 <DIR> Malwarebytes
29.11.2011 19:36 <DIR> McAfee
05.05.2012 15:59 <DIR> Mozilla
31.10.2010 20:33 <DIR> NCH Swift Sound
01.02.2014 12:19 <DIR> Nero
29.12.2013 13:07 <DIR> Norton
15.11.2013 16:13 <DIR> NortonInstaller
26.10.2014 18:13 262�144 ntuser.dat
04.10.2014 18:53 <DIR> Real
15.04.2015 23:57 <DIR> Skype
12.11.2014 21:08 <DIR> Spybot - Search & Destroy
01.02.2014 12:26 <DIR> SUPERAntiSpyware.com
21.12.2014 20:26 <DIR> SUPERSetup
19.06.2013 16:45 <DIR> Symantec
13.11.2010 23:49 <DIR> TomTom
Soubor�: 1, Bajt�: 262�144
Adres���: 29, Voln�ch bajt�: 341�151�125�504
========= End of CMD: =========
EmptyTemp: => Removed 217.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 14:44:21 ====
P.S. Avast jsem nechal vypnutej, firewall mám zapnutej (jestli to může mít na něco vliv).
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Pomalé PC
Zkus tento program:
http://www.techsupportall.com/adware-removal-tool/
http://www.techsupportall.com/adware-removal-tool/
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Pomalé PC
Tak jsem ho zkusil, sice to hlásilo nějakou "nehlášenou výjimku" a že to může ignorovat a projet to i bez ní, tak to projelo a napsalo toto:
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Adware Removal Tool v3.9
Time: 2015_05_03_15_56_15
OS: Windows 7 - 64 Bit
OS FulName: Microsoft Windows 7 Home Premium - 64 Bit
OS System: Microsoft Windows NT 6.1.7601 Service Pack 1 - 64 Bit
Account Name: oem
U0L0S1
\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\
Found - File - C:\program files (x86)\Opera\locale\pt-BR\standard_speeddial.ini
// Finished
\\\\\\\\\\\\\\\\\\\\\\\ Start-Up \\\\\\\\\\\\\\\\\\\\
uRun - DAEMON Tools Lite - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun - Sidebar - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun - HDAudDeck - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun - StartCCC - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun - ATICustomerCare - "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun - APSDaemon - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun - AvastUI.exe - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
\\\\\\\\\\\\\\\\\\\\\\\ Installed Programs \\\\\\\\\\\\\\\\\\\\
- Adobe Flash Player 17 ActiveX - Adobe Systems Incorporated - : Adobe Flash Player ActiveX
- Adobe Flash Player 17 NPAPI - Adobe Systems Incorporated - : Adobe Flash Player NPAPI
- Agfa ScanWise 1.70 - - : Agfa ScanWise 1.70
- Agfa ScanWise 2.00 - - : Agfa ScanWise 2.00
- AGFAnet Print Service - - : AGFAnet Print Service
- Avast Free Antivirus - AVAST Software - : Avast
- AVerMedia M135-Series PCI TV Tuner 3.6.64.15 - AVerMedia TECHNOLOGIES, Inc. - : AVerMedia M135-Series PCI TV Tuner
- AVerMedia Media Center Plug-ins 2.0.8.0 - AVerMedia TECHNOLOGIES, Inc. - : AVerMedia Media Center Plug-ins
- BlazeDVD 6.0 - - 20101017 : BlazeDVD 6.0_is1
- bodykey by NUTRILITE 1024x768 - - 20150223 : bodykey by NUTRILITE 1024x768_is1
- CODEXIS JUSTICE 5.23.1 - ATLAS consulting, spol. s r.o. - : CDJUS_is1
- Cole2k Media - Codec Pack (Advanced) 8.0.2 - Cole2k Media - : Cole2k Media - Codec Pack
- DAEMON Tools Lite - Disc Soft Ltd - : DAEMON Tools Lite
- ffdshow v1.2.4422 [2012-04-09] - - 20131022 : ffdshow_is1
- FileZilla Client 3.7.3 - Tim Kosse - : FileZilla Client
- Free Audio Editor - FAE Inc. - : Free Audio Editor
- Free Easy Burner V 5.1 - Koyote soft - 20131208 : Free Easy Burner_is1
- Google Chrome - Google Inc. - 20101008 : Google Chrome
- Haali Media Splitter - - : HaaliMkx
- VIA Platforma Ovladače zařízení - VIA Technologies, Inc. - 20101005 : InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
- AVerTV 3D - AVerMedia Technologies, Inc. - 20150325 : InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}
- NEC Electronics USB 3.0 Host Controller Driver - NEC Electronics Corporation - 20101005 : InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}
- K-Lite Codec Pack 7.0.0 (Standard) - - 20150418 : KLiteCodecPack_is1
- Malwarebytes Anti-Malware verze 2.0.4.1028 - Malwarebytes Corporation - 20141220 : Malwarebytes Anti-Malware_is1
- Mozilla Firefox 37.0.2 (x86 cs) - Mozilla - : Mozilla Firefox 37.0.2 (x86 cs)
- Mozilla Thunderbird 31.6.0 (x86 cs) - Mozilla - : Mozilla Thunderbird 31.6.0 (x86 cs)
- Mozilla Maintenance Service - Mozilla - : MozillaMaintenanceService
- Opera 12.17 - Opera Software ASA - : Opera 12.17.1863
- Opera Stable 29.0.1795.47 - Opera Software ASA - : Opera 29.0.1795.47
- Veetle TV 0.9.18 - Veetle, Inc - : Veetle TV
- VLC media player - VideoLAN - : VLC media player
- VueScan - - : VueScan
- Winamp - Nullsoft, Inc - : Winamp
- WinRAR - - : WinRAR archiver
- XnView 1.97.8 - Gougelet Pierre-e - 20101024 : XnView_is1
- Microsoft Office 2000 Premium - Microsoft Corporation - 20101008 : {00000405-78E1-11D2-B60F-006097C998E7}
- ATI Catalyst Registration - ATI Technologies Inc. - 20101017 : {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
- Google Toolbar for Internet Explorer - Google Inc. - 20130802 : {18455581-E099-4BA8-BC6B-F34B2F06600C}
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - Microsoft Corporation - 20130902 : {196BB40D-1578-3D01-B289-BEFC77A11A1E}
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - Microsoft Corporation - 20101008 : {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
- Platform - VIA Technologies, Inc. - 20101005 : {20D4A895-748C-4D88-871C-FDB1695B0169}
- Google Toolbar for Internet Explorer - Google Inc. - : {2318C2B1-4965-11d4-9B18-009027A5CD4F}
- Skype™ 7.0 - Skype Technologies S.A. - 20150415 : {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
- Google Earth Plug-in - Google - 20140504 : {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}
- AVerTV 3D - AVerMedia Technologies, Inc. - 20150325 : {5016185F-05AF-455F-AA70-6B6E5D6D4E70}
- CCC Help English - ATI - 20101017 : {5662D815-DB58-5082-315B-0326B37EB7CB}
- neroxml - Nero AG - 20101017 : {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
- Google Update Helper - Google Inc. - 20150206 : {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
- swMSM - Adobe Systems, Inc - 20120506 : {612C34C7-5E90-47D8-9B5C-0F717DD82726}
- Windows Media Player Firefox Plugin - Microsoft Corp - 20101010 : {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
- capella reader - capella software AG - 20130911 : {6C70FBE1-6451-4F49-B0C0-7E464E73DF9B}
- Microsoft Visual C++ 2005 Redistributable - Microsoft Corporation - 20110615 : {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
- Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - Microsoft Corporation - 20120124 : {770657D0-A123-3C07-8E44-1C83EC895118}
- Nero StartSmart - Nero AG - 20140201 : {7748AC8C-18E3-43BB-959B-088FAEA16FB2}
- Apple Software Update - Apple Inc. - 20110816 : {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
- TomTom HOME - Název společnosti: - 20140702 : {7A2BB1C8-903D-4585-9F3B-CADD67D07D37}
- Free AVI Player - Media Freeware - 20141006 : {7DED55EA-FB69-4101-AD5D-3D7F985E68A7}
- CDBurnerXP - CDBurnerXP - 20150216 : {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
- Microsoft Visual C++ 2005 Redistributable - Microsoft Corporation - 20140201 : {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
- MSXML 4.0 SP2 (KB954430) - Microsoft Corporation - 20101017 : {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
- Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - Microsoft Corporation - 20110506 : {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
- Catalyst Control Center - Branding - ATI - 20101017 : {87323561-58BA-4D5B-BADA-A791B69D1705}
- Realtek Ethernet Controller Driver For Windows 7 - Realtek - 20101005 : {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
- The Lord of the Rings FREE Trial - ATI Technologies Inc. - 20101017 : {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
- Catalyst Control Center Graphics Previews Common - ATI - 20101017 : {8C65C65C-530F-B2DB-BBD7-AF554ABEBBA1}
- TomTom HOME Visual Studio Merge Modules - TomTom International B.V. - 20101017 : {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
- Ashampoo Burning Studio FREE v.1.14.5 - Ashampoo GmbH & Co. KG - 20140925 : {91B33C97-91F8-FFB3-581B-BC952C901685}_is1
- Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) - Microsoft Corporation - : {92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581
- Microsoft PowerPoint Viewer - Microsoft Corporation - 20150415 : {95140000-00AF-0409-0000-0000000FF1CE}
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - Microsoft Corporation - 20101005 : {9A25302D-30C0-39D9-BD6F-21E6EC160475}
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - Microsoft Corporation - 20110615 : {9BE518E6-ECC6-35A9-88E4-87755C07200F}
- OpenOffice.org 1.9.129 - OpenOffice.org - 20141222 : {9FD36563-6744-4A36-924C-9E2A863DC1EF}
- Google Update Helper - Google Inc. - 20141113 : {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
- Adobe Refresh Manager - Adobe Systems Incorporated - 20141225 : {AC76BA86-0804-1033-1959-001802114130}
- Adobe Reader XI (11.0.10) - Czech - Adobe Systems Incorporated - 20141213 : {AC76BA86-7AD7-1029-7B44-AB0000000001}
- Advertising Center - Nero AG - 20140201 : {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
- Nero ControlCenter - Nero AG - 20140201 : {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
- Nero Online Upgrade - Nero AG - 20140201 : {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
- Catalyst Control Center Graphics Previews Vista - ATI - 20101017 : {D69D4AE5-717C-5E56-A56F-542EF5F6A84C}
- NEC Electronics USB 3.0 Host Controller Driver - NEC Electronics Corporation - 20101005 : {D7BF9739-8A68-4335-BBEE-37752AD9E86B}
- ccc-core-static - Název společnosti: - 20101017 : {DB837E02-82D0-3888-6DEC-D29587CCDC2F}
- Nero Installer - Nero AG - 20140201 : {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
- Microsoft SQL Server 2005 Compact Edition [ENU] - Microsoft Corporation - 20101005 : {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
- Brother HL-2035 - Brother - 20101009 : {F1C88595-815F-44D3-BE90-84509DD428BE}
- Apple Application Support - Apple Inc. - 20121119 : {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
- MSXML 4.0 SP2 (KB973688) - Microsoft Corporation - 20101017 : {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
- Catalyst Control Center InstallProxy - ATI Technologies, Inc. - 20101017 : {F86B6849-38E0-7818-F21E-6DC637932076}
\\ Finished
b1:- 135
b2:- 151
b3:- 140
b4:- 20
b5:- 145
b6:- 141
b7:- 136
b8:- 141
_______________________________________________________________________
Takže mám ještě něco zkusit nebo je "léčba" ukončena? Já v téhle chvíli neposoudím, jestli se to zpomalování zcela ztratilo, ale zatím se zdá, že jo.
Akorát se mně nepodařilo odinstalovat ten Ad-Aware Antivirus (ani jsem nevěděl, že ho tam ještě mám a ani ho nemůžu nikde v program files najít).
Díky.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Adware Removal Tool v3.9
Time: 2015_05_03_15_56_15
OS: Windows 7 - 64 Bit
OS FulName: Microsoft Windows 7 Home Premium - 64 Bit
OS System: Microsoft Windows NT 6.1.7601 Service Pack 1 - 64 Bit
Account Name: oem
U0L0S1
\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\
Found - File - C:\program files (x86)\Opera\locale\pt-BR\standard_speeddial.ini
// Finished
\\\\\\\\\\\\\\\\\\\\\\\ Start-Up \\\\\\\\\\\\\\\\\\\\
uRun - DAEMON Tools Lite - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun - Sidebar - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun - HDAudDeck - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun - StartCCC - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun - ATICustomerCare - "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun - APSDaemon - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun - AvastUI.exe - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
\\\\\\\\\\\\\\\\\\\\\\\ Installed Programs \\\\\\\\\\\\\\\\\\\\
- Adobe Flash Player 17 ActiveX - Adobe Systems Incorporated - : Adobe Flash Player ActiveX
- Adobe Flash Player 17 NPAPI - Adobe Systems Incorporated - : Adobe Flash Player NPAPI
- Agfa ScanWise 1.70 - - : Agfa ScanWise 1.70
- Agfa ScanWise 2.00 - - : Agfa ScanWise 2.00
- AGFAnet Print Service - - : AGFAnet Print Service
- Avast Free Antivirus - AVAST Software - : Avast
- AVerMedia M135-Series PCI TV Tuner 3.6.64.15 - AVerMedia TECHNOLOGIES, Inc. - : AVerMedia M135-Series PCI TV Tuner
- AVerMedia Media Center Plug-ins 2.0.8.0 - AVerMedia TECHNOLOGIES, Inc. - : AVerMedia Media Center Plug-ins
- BlazeDVD 6.0 - - 20101017 : BlazeDVD 6.0_is1
- bodykey by NUTRILITE 1024x768 - - 20150223 : bodykey by NUTRILITE 1024x768_is1
- CODEXIS JUSTICE 5.23.1 - ATLAS consulting, spol. s r.o. - : CDJUS_is1
- Cole2k Media - Codec Pack (Advanced) 8.0.2 - Cole2k Media - : Cole2k Media - Codec Pack
- DAEMON Tools Lite - Disc Soft Ltd - : DAEMON Tools Lite
- ffdshow v1.2.4422 [2012-04-09] - - 20131022 : ffdshow_is1
- FileZilla Client 3.7.3 - Tim Kosse - : FileZilla Client
- Free Audio Editor - FAE Inc. - : Free Audio Editor
- Free Easy Burner V 5.1 - Koyote soft - 20131208 : Free Easy Burner_is1
- Google Chrome - Google Inc. - 20101008 : Google Chrome
- Haali Media Splitter - - : HaaliMkx
- VIA Platforma Ovladače zařízení - VIA Technologies, Inc. - 20101005 : InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
- AVerTV 3D - AVerMedia Technologies, Inc. - 20150325 : InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}
- NEC Electronics USB 3.0 Host Controller Driver - NEC Electronics Corporation - 20101005 : InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}
- K-Lite Codec Pack 7.0.0 (Standard) - - 20150418 : KLiteCodecPack_is1
- Malwarebytes Anti-Malware verze 2.0.4.1028 - Malwarebytes Corporation - 20141220 : Malwarebytes Anti-Malware_is1
- Mozilla Firefox 37.0.2 (x86 cs) - Mozilla - : Mozilla Firefox 37.0.2 (x86 cs)
- Mozilla Thunderbird 31.6.0 (x86 cs) - Mozilla - : Mozilla Thunderbird 31.6.0 (x86 cs)
- Mozilla Maintenance Service - Mozilla - : MozillaMaintenanceService
- Opera 12.17 - Opera Software ASA - : Opera 12.17.1863
- Opera Stable 29.0.1795.47 - Opera Software ASA - : Opera 29.0.1795.47
- Veetle TV 0.9.18 - Veetle, Inc - : Veetle TV
- VLC media player - VideoLAN - : VLC media player
- VueScan - - : VueScan
- Winamp - Nullsoft, Inc - : Winamp
- WinRAR - - : WinRAR archiver
- XnView 1.97.8 - Gougelet Pierre-e - 20101024 : XnView_is1
- Microsoft Office 2000 Premium - Microsoft Corporation - 20101008 : {00000405-78E1-11D2-B60F-006097C998E7}
- ATI Catalyst Registration - ATI Technologies Inc. - 20101017 : {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
- Google Toolbar for Internet Explorer - Google Inc. - 20130802 : {18455581-E099-4BA8-BC6B-F34B2F06600C}
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - Microsoft Corporation - 20130902 : {196BB40D-1578-3D01-B289-BEFC77A11A1E}
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - Microsoft Corporation - 20101008 : {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
- Platform - VIA Technologies, Inc. - 20101005 : {20D4A895-748C-4D88-871C-FDB1695B0169}
- Google Toolbar for Internet Explorer - Google Inc. - : {2318C2B1-4965-11d4-9B18-009027A5CD4F}
- Skype™ 7.0 - Skype Technologies S.A. - 20150415 : {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
- Google Earth Plug-in - Google - 20140504 : {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}
- AVerTV 3D - AVerMedia Technologies, Inc. - 20150325 : {5016185F-05AF-455F-AA70-6B6E5D6D4E70}
- CCC Help English - ATI - 20101017 : {5662D815-DB58-5082-315B-0326B37EB7CB}
- neroxml - Nero AG - 20101017 : {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
- Google Update Helper - Google Inc. - 20150206 : {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
- swMSM - Adobe Systems, Inc - 20120506 : {612C34C7-5E90-47D8-9B5C-0F717DD82726}
- Windows Media Player Firefox Plugin - Microsoft Corp - 20101010 : {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
- capella reader - capella software AG - 20130911 : {6C70FBE1-6451-4F49-B0C0-7E464E73DF9B}
- Microsoft Visual C++ 2005 Redistributable - Microsoft Corporation - 20110615 : {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
- Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - Microsoft Corporation - 20120124 : {770657D0-A123-3C07-8E44-1C83EC895118}
- Nero StartSmart - Nero AG - 20140201 : {7748AC8C-18E3-43BB-959B-088FAEA16FB2}
- Apple Software Update - Apple Inc. - 20110816 : {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
- TomTom HOME - Název společnosti: - 20140702 : {7A2BB1C8-903D-4585-9F3B-CADD67D07D37}
- Free AVI Player - Media Freeware - 20141006 : {7DED55EA-FB69-4101-AD5D-3D7F985E68A7}
- CDBurnerXP - CDBurnerXP - 20150216 : {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
- Microsoft Visual C++ 2005 Redistributable - Microsoft Corporation - 20140201 : {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
- MSXML 4.0 SP2 (KB954430) - Microsoft Corporation - 20101017 : {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
- Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - Microsoft Corporation - 20110506 : {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
- Catalyst Control Center - Branding - ATI - 20101017 : {87323561-58BA-4D5B-BADA-A791B69D1705}
- Realtek Ethernet Controller Driver For Windows 7 - Realtek - 20101005 : {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
- The Lord of the Rings FREE Trial - ATI Technologies Inc. - 20101017 : {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
- Catalyst Control Center Graphics Previews Common - ATI - 20101017 : {8C65C65C-530F-B2DB-BBD7-AF554ABEBBA1}
- TomTom HOME Visual Studio Merge Modules - TomTom International B.V. - 20101017 : {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
- Ashampoo Burning Studio FREE v.1.14.5 - Ashampoo GmbH & Co. KG - 20140925 : {91B33C97-91F8-FFB3-581B-BC952C901685}_is1
- Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) - Microsoft Corporation - : {92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581
- Microsoft PowerPoint Viewer - Microsoft Corporation - 20150415 : {95140000-00AF-0409-0000-0000000FF1CE}
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - Microsoft Corporation - 20101005 : {9A25302D-30C0-39D9-BD6F-21E6EC160475}
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - Microsoft Corporation - 20110615 : {9BE518E6-ECC6-35A9-88E4-87755C07200F}
- OpenOffice.org 1.9.129 - OpenOffice.org - 20141222 : {9FD36563-6744-4A36-924C-9E2A863DC1EF}
- Google Update Helper - Google Inc. - 20141113 : {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
- Adobe Refresh Manager - Adobe Systems Incorporated - 20141225 : {AC76BA86-0804-1033-1959-001802114130}
- Adobe Reader XI (11.0.10) - Czech - Adobe Systems Incorporated - 20141213 : {AC76BA86-7AD7-1029-7B44-AB0000000001}
- Advertising Center - Nero AG - 20140201 : {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
- Nero ControlCenter - Nero AG - 20140201 : {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
- Nero Online Upgrade - Nero AG - 20140201 : {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
- Catalyst Control Center Graphics Previews Vista - ATI - 20101017 : {D69D4AE5-717C-5E56-A56F-542EF5F6A84C}
- NEC Electronics USB 3.0 Host Controller Driver - NEC Electronics Corporation - 20101005 : {D7BF9739-8A68-4335-BBEE-37752AD9E86B}
- ccc-core-static - Název společnosti: - 20101017 : {DB837E02-82D0-3888-6DEC-D29587CCDC2F}
- Nero Installer - Nero AG - 20140201 : {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
- Microsoft SQL Server 2005 Compact Edition [ENU] - Microsoft Corporation - 20101005 : {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
- Brother HL-2035 - Brother - 20101009 : {F1C88595-815F-44D3-BE90-84509DD428BE}
- Apple Application Support - Apple Inc. - 20121119 : {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
- MSXML 4.0 SP2 (KB973688) - Microsoft Corporation - 20101017 : {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
- Catalyst Control Center InstallProxy - ATI Technologies, Inc. - 20101017 : {F86B6849-38E0-7818-F21E-6DC637932076}
\\ Finished
b1:- 135
b2:- 151
b3:- 140
b4:- 20
b5:- 145
b6:- 141
b7:- 136
b8:- 141
_______________________________________________________________________
Takže mám ještě něco zkusit nebo je "léčba" ukončena? Já v téhle chvíli neposoudím, jestli se to zpomalování zcela ztratilo, ale zatím se zdá, že jo.
Akorát se mně nepodařilo odinstalovat ten Ad-Aware Antivirus (ani jsem nevěděl, že ho tam ještě mám a ani ho nemůžu nikde v program files najít).
Díky.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Pomalé PC
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 112 hostů