Pomalý zánovní NB

[fansan]

Ahoj, mám půl roku starý HP Elitebook, a od začátku mi přijde nějaký věčně zasekaný, např. když ho probudím ze spánku, trvá někdy i dvě minuty, než se mi zobrazí přihlašovací obrazovka... potom když se přihlásím, tak mu musím dát tak 5minut než se trošku rozjede, atd...věčně jede naplno větrák, a to i pokud píšu třeba něco v excelu...tohle není normální.
Můžete prosím někdo mrknot na log z HJS? Děkuji mockrát za rady !


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:32:35, on 1.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~2\RELEVA~1\rlvknlg32.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
C:\Program Files (x86)\IMSIDesign\TCWP20\Program\tcw20.exe
C:\Users\Tomáš\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Scm Group\Xilog Plus\msdxm.ocx
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LOCG Communication Service - Unknown owner - C:\Users\Tomáš\LOCG\CommunicationService\LOCG.CommunicationService.exe
O23 - Service: LOCG Service - Unknown owner - C:\Users\Tomáš\LOCG\Service\LOCG.Service.exe
O23 - Service: LOCG Update Service - Unknown owner - C:\Users\Tomáš\LOCG\UpdateService\Locg.UpdateService.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16295 bytes

[Rudy]

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[fansan]

Díky za odpověď, vkládám logy.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Tomáš (administrator) on TOMAS-HP on 02-02-2014 22:57:57
Running from C:\Users\Tomáš\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Tomáš\LOCG\CommunicationService\LOCG.CommunicationService.exe
() C:\Users\Tomáš\LOCG\UpdateService\Locg.UpdateService.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
(VoyagerSoft, LLC) C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
() C:\Users\Tomáš\LOCG\Service\LOCG.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
() C:\Users\Tomáš\LOCG\WebPageMonitor\Windows-KB2802968.exe
() C:\Users\Tomáš\LOCG\ApplicationMonitor\Windows-KB2792100.exe
(Microsoft) C:\Users\Tomáš\LOCG\ScreenshotCapturer\Windows-KB2800277.exe
() C:\Users\Tomáš\LOCG\FileSystemMonitor\Windows-KB2845690.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Users\Tomáš\LOCG\LogSender\Windows-KB2799494.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-09] (Synaptics Incorporated)
HKLM\...\Run: [MfeEpePcMonitor] - "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-09-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] - c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HPConnectionManager] - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-04-23] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-4273928537-4187574474-681750996-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4273928537-4187574474-681750996-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Scm Group\Xilog Plus\msdxm.ocx (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files (x86)\Scm Group\Xilog Plus\msdxm.ocx (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=13415
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-12]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-12]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-12]
CHR Extension: (Screen Capture (by Google)) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg [2013-11-11]
CHR Extension: (AdBlock) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-17]
CHR Extension: (Peněženka Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-12]

==================== Services (Whitelisted) =================

R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-13] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 LOCG Communication Service; C:\Users\Tomáš\LOCG\CommunicationService\LOCG.CommunicationService.exe [47104 2013-09-12] ()
R3 LOCG Service; C:\Users\Tomáš\LOCG\Service\LOCG.Service.exe [19968 2013-09-25] ()
R2 LOCG Update Service; C:\Users\Tomáš\LOCG\UpdateService\Locg.UpdateService.exe [16896 2013-09-25] ()
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-21] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG)
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.)
R2 ScReadSpool; C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [184320 2006-11-02] (VoyagerSoft, LLC)

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-20] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-02 22:57 - 2014-02-02 22:58 - 00020853 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-02-02 22:57 - 2014-02-02 22:57 - 00000000 ____D () C:\FRST
2014-02-02 22:56 - 2014-02-02 22:56 - 00015327 _____ () C:\Users\Tomáš\Desktop\LM.bat
2014-02-02 22:56 - 2014-01-08 16:32 - 00001171 _____ () C:\Users\Tomáš\Desktop\Plocha.lnk
2014-02-02 22:53 - 2014-02-02 22:53 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher (3).exe
2014-02-02 22:52 - 2014-02-02 22:52 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Downloads\Nepotvrzeno 940345.crdownload
2014-02-02 22:51 - 2014-02-02 22:51 - 02080256 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-02-02 22:51 - 2014-02-02 22:51 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Downloads\Nepotvrzeno 256414.crdownload
2014-02-02 22:51 - 2014-02-02 22:51 - 00000000 _____ () C:\Users\Tomáš\Downloads\Nepotvrzeno 237011.crdownload
2014-01-31 16:37 - 2014-01-31 16:38 - 00000000 ____D () C:\Program Files (x86)\TurboCAD 20US Professional 32-bit Setup
2014-01-31 14:48 - 2014-01-31 14:48 - 00000000 ____D () C:\Users\Tomáš\Desktop\Plug-in_CAM_for_TurboCAD
2014-01-31 14:07 - 2014-01-31 14:08 - 00000000 ____D () C:\Program Files (x86)\TurboCAD 20 US Professional 32-bit Setup
2014-01-31 14:05 - 2013-09-05 21:25 - 425176832 _____ (IMSIDesign ) C:\Users\Tomáš\Desktop\TurboCAD20Professional32-bit.exe
2014-01-29 20:28 - 2014-01-29 20:28 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\IMSIDesign,_LLC
2014-01-28 13:57 - 2014-01-28 13:57 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\PDF Architect
2014-01-28 13:34 - 2014-01-28 13:34 - 00000993 _____ () C:\Users\Tomáš\Desktop\PDF Architect.lnk
2014-01-28 13:34 - 2014-01-28 13:34 - 00000000 ____D () C:\Users\Tomáš\Documents\PDF Architect Files
2014-01-28 13:34 - 2014-01-28 13:34 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-01-28 13:33 - 2014-01-28 13:33 - 00001031 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-01-28 13:33 - 2014-01-28 13:33 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\pdfforge
2014-01-28 13:32 - 2014-01-28 13:56 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-01-28 13:32 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\windows\system32\pdfcmon.dll
2014-01-28 13:32 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCT2.OCX
2014-01-28 13:32 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMAPI32.OCX
2014-01-28 13:32 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPIDE.DLL
2014-01-28 13:28 - 2014-01-28 13:29 - 23899180 _____ () C:\Users\Tomáš\Downloads\pdfcreator-setup.exe
2014-01-27 15:32 - 2014-01-27 15:36 - 00000167 _____ () C:\windows\ConverterCore.INI
2014-01-27 15:29 - 2014-01-27 15:29 - 00002693 _____ () C:\Users\Public\Desktop\Solid Converter PDF.lnk
2014-01-27 15:27 - 2014-01-27 15:27 - 17708544 _____ (Solid Documents, LLC) C:\Users\Tomáš\Downloads\solidconverterpdf_trial.exe
2014-01-27 12:58 - 2014-01-27 12:58 - 01737651 _____ (Igor Pavlov) C:\Users\Tomáš\Downloads\MP - UNO_ok.exe
2014-01-24 15:44 - 2014-02-01 13:32 - 00016297 _____ () C:\Users\Tomáš\Downloads\hijackthis.log
2014-01-24 15:43 - 2014-01-24 15:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tomáš\Downloads\hijackthis.exe
2014-01-24 13:31 - 2014-01-24 13:31 - 00002139 _____ () C:\Users\Public\Desktop\TurboCAD Professional 20 - x64.lnk
2014-01-24 13:27 - 2014-01-24 13:27 - 00000000 ____D () C:\Users\Tomáš\Documents\IMSIDesign
2014-01-24 13:07 - 2014-01-24 13:19 - 00000000 ____D () C:\Program Files (x86)\TurboCAD 20 Professional 64-bit Setup
2014-01-23 16:51 - 2014-01-23 16:51 - 00000000 ____D () C:\Users\Tomáš\Desktop\SCREENY BAUFORMAT
2014-01-22 10:58 - 2014-01-23 15:21 - 00000000 ____D () C:\Nastroje
2014-01-17 13:15 - 2011-04-26 16:27 - 00000002 _____ () C:\Users\Tomáš\Desktop\MontFixCtgExcl.dxm
2014-01-16 16:24 - 2014-01-16 16:27 - 36825088 _____ () C:\Users\Tomáš\Downloads\spszr.ppt
2014-01-16 12:33 - 2014-01-16 12:33 - 00000000 ____D () C:\Nová složka
2014-01-15 10:16 - 2014-01-15 10:16 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\AVG2013
2014-01-15 10:15 - 2014-01-15 10:15 - 00003230 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-01-15 10:14 - 2014-01-15 10:14 - 00000977 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-01-15 10:13 - 2014-01-15 10:15 - 00000000 ____D () C:\ProgramData\AVG2013
2014-01-15 10:13 - 2014-01-15 10:13 - 00000000 ___HD () C:\$AVG
2014-01-15 10:12 - 2014-01-15 10:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-01-15 10:10 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 10:10 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 10:10 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 10:10 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 10:10 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 10:10 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 10:10 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 10:10 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 10:10 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-15 09:45 - 2014-02-02 22:33 - 00000000 ____D () C:\ProgramData\MFAData
2014-01-15 09:45 - 2014-01-15 11:34 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Avg2013
2014-01-15 09:45 - 2014-01-15 09:45 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\MFAData
2014-01-15 09:25 - 2014-01-15 09:32 - 174697440 _____ (AVG Technologies) C:\Users\Tomáš\Downloads\avg_ibw_x64_all_ltst_3462a6876.exe
2014-01-12 18:03 - 2014-01-12 18:03 - 00002332 _____ () C:\Users\Tomáš\Downloads\e244053065751214.ics
2014-01-09 11:29 - 2014-01-09 16:44 - 00095312 _____ () C:\Users\Tomáš\Desktop\Provedení.xml
2014-01-09 11:26 - 2014-01-09 16:43 - 01491456 _____ () C:\Users\Tomáš\Desktop\Provedení.TCW
2014-01-08 03:01 - 2014-01-08 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-08 03:01 - 2014-01-08 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-06 17:29 - 2014-01-06 17:29 - 00000000 ____D () C:\ProgramData\Iminent
2014-01-06 17:28 - 2014-01-06 17:28 - 00000660 _____ () C:\windows\SysWOW64\InstallUtil.InstallLog
2014-01-06 17:28 - 2014-01-06 17:28 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Iminent
2014-01-06 17:27 - 2014-01-06 17:28 - 00000000 ____D () C:\Program Files (x86)\My Cute Buddy
2014-01-06 17:25 - 2014-01-06 17:29 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\SIEMENS EUROSET 2015 user guide
2014-01-06 17:23 - 2014-01-06 17:23 - 00624648 _____ (LiveSoftAction) C:\Users\Tomáš\Downloads\SIEMENS EUROSET 2015 user guide provided through czechmanuals.com.exe

2014-01-04 16:57 - 2014-01-04 16:57 - 00000000 ____D () C:\Program Files (x86)\TurboCAD LTE Pro 6.0 x64 Setup
2014-01-04 16:49 - 2014-01-04 16:56 - 262456553 _____ (IMSIDesign ) C:\Users\Tomáš\Downloads\TurboCADLTEPro6x64.exe
2014-01-03 19:15 - 2014-01-03 19:15 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Tomáš\Downloads\HPU_v2.2.3.exe

==================== One Month Modified Files and Folders =======

2014-02-02 22:58 - 2014-02-02 22:57 - 00020853 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-02-02 22:58 - 2013-12-10 12:21 - 00000278 _____ () C:\windows\Tasks\LOCG ScreenshotCapturer - Tomáš.job
2014-02-02 22:58 - 2013-12-10 12:21 - 00000278 _____ () C:\windows\Tasks\LOCG ApplicationMonitor - Tomáš.job
2014-02-02 22:58 - 2013-12-10 12:21 - 00000276 _____ () C:\windows\Tasks\LOCG FileSystemMonitor - Tomáš.job
2014-02-02 22:58 - 2013-12-10 12:21 - 00000270 _____ () C:\windows\Tasks\LOCG WebPageMonitor - Tomáš.job
2014-02-02 22:57 - 2014-02-02 22:57 - 00000000 ____D () C:\FRST
2014-02-02 22:56 - 2014-02-02 22:56 - 00015327 _____ () C:\Users\Tomáš\Desktop\LM.bat
2014-02-02 22:55 - 2013-09-14 09:23 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Skype
2014-02-02 22:53 - 2014-02-02 22:53 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher (3).exe
2014-02-02 22:52 - 2014-02-02 22:52 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Downloads\Nepotvrzeno 940345.crdownload
2014-02-02 22:51 - 2014-02-02 22:51 - 02080256 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-02-02 22:51 - 2014-02-02 22:51 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Downloads\Nepotvrzeno 256414.crdownload
2014-02-02 22:51 - 2014-02-02 22:51 - 00000000 _____ () C:\Users\Tomáš\Downloads\Nepotvrzeno 237011.crdownload
2014-02-02 22:50 - 2013-12-10 12:21 - 00000260 _____ () C:\windows\Tasks\LOCG LogSender - Tomáš.job
2014-02-02 22:50 - 2013-07-05 14:07 - 01597760 _____ () C:\windows\WindowsUpdate.log
2014-02-02 22:41 - 2013-09-12 14:49 - 00000950 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 22:33 - 2014-01-15 09:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-02 22:08 - 2013-05-07 02:18 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-02 21:54 - 2013-11-06 09:49 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-02-02 21:49 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 21:49 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 21:43 - 2013-09-12 14:49 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 21:39 - 2013-12-22 18:24 - 00005170 _____ () C:\windows\PFRO.log
2014-02-02 21:39 - 2013-12-19 15:37 - 00002407 _____ () C:\windows\setupact.log
2014-02-02 21:39 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-02 21:30 - 2013-12-13 11:59 - 00000000 ____D () C:\Users\Tomáš\.VirtualBox
2014-02-01 13:32 - 2014-01-24 15:44 - 00016297 _____ () C:\Users\Tomáš\Downloads\hijackthis.log
2014-02-01 13:20 - 2013-10-14 15:00 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\CrashDumps
2014-01-31 16:38 - 2014-01-31 16:37 - 00000000 ____D () C:\Program Files (x86)\TurboCAD 20US Professional 32-bit Setup
2014-01-31 14:48 - 2014-01-31 14:48 - 00000000 ____D () C:\Users\Tomáš\Desktop\Plug-in_CAM_for_TurboCAD
2014-01-31 14:47 - 2013-09-16 09:07 - 00000000 _____ () C:\RwRenderDump.txt
2014-01-31 14:08 - 2014-01-31 14:07 - 00000000 ____D () C:\Program Files (x86)\TurboCAD 20 US Professional 32-bit Setup
2014-01-31 14:06 - 2013-09-16 12:40 - 00000000 ____D () C:\ProgramData\firebird
2014-01-31 11:05 - 2013-09-14 10:28 - 00000000 ____D () C:\Users\Tomáš\Desktop\Manuály
2014-01-30 13:54 - 2013-05-07 00:30 - 00668756 _____ () C:\windows\system32\perfh005.dat
2014-01-30 13:54 - 2013-05-07 00:30 - 00141320 _____ () C:\windows\system32\perfc005.dat
2014-01-30 13:54 - 2009-07-14 06:13 - 01583938 _____ () C:\windows\system32\PerfStringBackup.INI
2014-01-30 08:50 - 2013-12-10 12:21 - 00003018 _____ () C:\windows\System32\Tasks\LOCG ScreenshotCapturer - Tomáš
2014-01-30 08:50 - 2013-12-10 12:21 - 00003018 _____ () C:\windows\System32\Tasks\LOCG ApplicationMonitor - Tomáš
2014-01-30 08:50 - 2013-12-10 12:21 - 00003016 _____ () C:\windows\System32\Tasks\LOCG FileSystemMonitor - Tomáš
2014-01-30 08:50 - 2013-12-10 12:21 - 00003010 _____ () C:\windows\System32\Tasks\LOCG WebPageMonitor - Tomáš
2014-01-30 08:49 - 2013-12-10 12:21 - 00003106 _____ () C:\windows\System32\Tasks\LOCG LogSender - Tomáš
2014-01-29 20:28 - 2014-01-29 20:28 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\IMSIDesign,_LLC
2014-01-29 12:40 - 2013-09-18 11:10 - 00000000 ____D () C:\Users\Tomáš\Desktop\KUBA
2014-01-28 13:57 - 2014-01-28 13:57 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\PDF Architect
2014-01-28 13:56 - 2014-01-28 13:32 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-01-28 13:34 - 2014-01-28 13:34 - 00000993 _____ () C:\Users\Tomáš\Desktop\PDF Architect.lnk
2014-01-28 13:34 - 2014-01-28 13:34 - 00000000 ____D () C:\Users\Tomáš\Documents\PDF Architect Files
2014-01-28 13:34 - 2014-01-28 13:34 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-01-28 13:33 - 2014-01-28 13:33 - 00001031 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-01-28 13:33 - 2014-01-28 13:33 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\pdfforge
2014-01-28 13:29 - 2014-01-28 13:28 - 23899180 _____ () C:\Users\Tomáš\Downloads\pdfcreator-setup.exe
2014-01-27 15:36 - 2014-01-27 15:32 - 00000167 _____ () C:\windows\ConverterCore.INI
2014-01-27 15:29 - 2014-01-27 15:29 - 00002693 _____ () C:\Users\Public\Desktop\Solid Converter PDF.lnk
2014-01-27 15:27 - 2014-01-27 15:27 - 17708544 _____ (Solid Documents, LLC) C:\Users\Tomáš\Downloads\solidconverterpdf_trial.exe
2014-01-27 12:58 - 2014-01-27 12:58 - 01737651 _____ (Igor Pavlov) C:\Users\Tomáš\Downloads\MP - UNO_ok.exe
2014-01-24 15:43 - 2014-01-24 15:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tomáš\Downloads\hijackthis.exe
2014-01-24 14:12 - 2013-09-14 10:39 - 00000000 ____D () C:\ProgramData\IMSIDesign
2014-01-24 13:31 - 2014-01-24 13:31 - 00002139 _____ () C:\Users\Public\Desktop\TurboCAD Professional 20 - x64.lnk
2014-01-24 13:27 - 2014-01-24 13:27 - 00000000 ____D () C:\Users\Tomáš\Documents\IMSIDesign
2014-01-24 13:27 - 2013-11-05 14:09 - 00000000 ____D () C:\Program Files\IMSIDesign
2014-01-24 13:19 - 2014-01-24 13:07 - 00000000 ____D () C:\Program Files (x86)\TurboCAD 20 Professional 64-bit Setup
2014-01-23 16:51 - 2014-01-23 16:51 - 00000000 ____D () C:\Users\Tomáš\Desktop\SCREENY BAUFORMAT
2014-01-23 15:21 - 2014-01-22 10:58 - 00000000 ____D () C:\Nastroje
2014-01-23 14:43 - 2013-09-16 19:46 - 00000000 ____D () C:\Users\Tomáš\Desktop\Zakázky
2014-01-22 12:07 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-01-21 14:09 - 2013-09-12 12:06 - 00003760 _____ () C:\windows\System32\Tasks\Registration
2014-01-21 09:34 - 2013-09-20 08:15 - 00000184 _____ () C:\windows\MaterialsDlg.ini
2014-01-20 10:23 - 2013-09-19 11:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-01-16 22:44 - 2009-07-14 05:45 - 00422736 _____ () C:\windows\system32\FNTCACHE.DAT
2014-01-16 16:27 - 2014-01-16 16:24 - 36825088 _____ () C:\Users\Tomáš\Downloads\spszr.ppt
2014-01-16 12:33 - 2014-01-16 12:33 - 00000000 ____D () C:\Nová složka
2014-01-15 11:34 - 2014-01-15 09:45 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Avg2013
2014-01-15 10:16 - 2014-01-15 10:16 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\AVG2013
2014-01-15 10:15 - 2014-01-15 10:15 - 00003230 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-01-15 10:15 - 2014-01-15 10:13 - 00000000 ____D () C:\ProgramData\AVG2013
2014-01-15 10:14 - 2014-01-15 10:14 - 00000977 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-01-15 10:13 - 2014-01-15 10:13 - 00000000 ___HD () C:\$AVG
2014-01-15 10:12 - 2014-01-15 10:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-01-15 09:45 - 2014-01-15 09:45 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\MFAData
2014-01-15 09:32 - 2014-01-15 09:25 - 174697440 _____ (AVG Technologies) C:\Users\Tomáš\Downloads\avg_ibw_x64_all_ltst_3462a6876.exe
2014-01-13 22:00 - 2013-12-10 12:19 - 00000000 ____D () C:\Users\Tomáš\LOCG
2014-01-12 18:03 - 2014-01-12 18:03 - 00002332 _____ () C:\Users\Tomáš\Downloads\e244053065751214.ics
2014-01-10 18:06 - 2013-09-27 08:26 - 00000000 ____D () C:\Users\Tomáš\Desktop\Úkoly
2014-01-10 12:08 - 2012-05-14 13:47 - 00000000 ____D () C:\Users\Tomáš\Desktop\FILIP_ZÁLOHA_05_2012
2014-01-09 16:44 - 2014-01-09 11:29 - 00095312 _____ () C:\Users\Tomáš\Desktop\Provedení.xml
2014-01-09 16:43 - 2014-01-09 11:26 - 01491456 _____ () C:\Users\Tomáš\Desktop\Provedení.TCW
2014-01-09 09:28 - 2013-11-26 10:29 - 00000000 ____D () C:\Users\Tomáš\Downloads\2013_10_17_DCPII_Provedení
2014-01-08 16:32 - 2014-02-02 22:56 - 00001171 _____ () C:\Users\Tomáš\Desktop\Plocha.lnk
2014-01-08 03:01 - 2014-01-08 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-08 03:01 - 2014-01-08 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-06 17:29 - 2014-01-06 17:29 - 00000000 ____D () C:\ProgramData\Iminent
2014-01-06 17:29 - 2014-01-06 17:25 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\SIEMENS EUROSET 2015 user guide
2014-01-06 17:28 - 2014-01-06 17:28 - 00000660 _____ () C:\windows\SysWOW64\InstallUtil.InstallLog
2014-01-06 17:28 - 2014-01-06 17:28 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Iminent
2014-01-06 17:28 - 2014-01-06 17:27 - 00000000 ____D () C:\Program Files (x86)\My Cute Buddy
2014-01-06 17:23 - 2014-01-06 17:23 - 00624648 _____ (LiveSoftAction) C:\Users\Tomáš\Downloads\SIEMENS EUROSET 2015 user guide provided through czechmanuals.com.exe
2014-01-06 08:18 - 2013-09-18 15:34 - 00000000 ____D () C:\Users\Tomáš\Desktop\Výkresy
2014-01-04 16:57 - 2014-01-04 16:57 - 00000000 ____D () C:\Program Files (x86)\TurboCAD LTE Pro 6.0 x64 Setup
2014-01-04 16:56 - 2014-01-04 16:49 - 262456553 _____ (IMSIDesign ) C:\Users\Tomáš\Downloads\TurboCADLTEPro6x64.exe
2014-01-03 19:15 - 2014-01-03 19:15 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Tomáš\Downloads\HPU_v2.2.3.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-23 13:06

==================== End Of Log ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - No File
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.)
C:\Users\Tomáš\AppData\Roaming\pdfforge
C:\Program Files (x86)\RelevantKnowledge
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: {108EDDEE-4317-4375-AFA5-E6E991184D11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\ProgramData\Temp:B678D5F3
AlternateDataStreams: C:\ProgramData\Temp:BC039AC3
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[fansan]

Vkládám log:




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2014 04
Ran by Tomáš at 2014-02-03 21:03:06 Run:1
Running from C:\Users\Tomáš\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... c=CMNTDFJS
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - No File
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [186136 2013-08-17] (TMRG, Inc.)
C:\Users\Tomáš\AppData\Roaming\pdfforge
C:\Program Files (x86)\RelevantKnowledge
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: {108EDDEE-4317-4375-AFA5-E6E991184D11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-12] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\ProgramData\Temp:B678D5F3
AlternateDataStreams: C:\ProgramData\Temp:BC039AC3
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCR\PROTOCOLS\Handler\vnd.ms.radio => Key deleted successfully.
HKCR\CLSID\{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} => Key not found.
RelevantKnowledge => Service deleted successfully.
C:\Users\Tomáš\AppData\Roaming\pdfforge => Moved successfully.
C:\Program Files (x86)\RelevantKnowledge => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{108EDDEE-4317-4375-AFA5-E6E991184D11} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{108EDDEE-4317-4375-AFA5-E6E991184D11} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
C:\ProgramData\Temp => ":66BB1E73" ADS removed successfully.
C:\ProgramData\Temp => ":B678D5F3" ADS removed successfully.
C:\ProgramData\Temp => ":BC039AC3" ADS removed successfully.


The system needs a manual reboot.

==== End of Fixlog ====

[Rudy]

smazáno. Nastala nějaká změna?

[fansan]

Uvidíme po dlouhodobější zátěži, každopádně děkuji !

[Rudy]

OK, zatím není zač.