Prosím o preventivku

[Klára]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Klára at 2014-07-21 19:55:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 330 GB (72%) free of 456 GB
Total RAM: 3691 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:01, on 21.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Klára.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11321 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3856016
\??\C:\Windows\system32\conhost.exe "1110870230-24740071391214193515272829151123919093312258298-875526967402105188
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2328
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {69D839BA-80BF-481F-92DD-40B7622C26D9}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
QueryAppBlock.exe /apps /appinv "C:\Windows\TEMP\CompatTelemetryLogs\WICA_Programs_KLÁRA-HP.xml" /devinv "C:\Windows\TEMP\CompatTelemetryLogs\WICA_Devices_KLÁRA-HP.xml" /out "C:\Windows\TEMP\CompatTelemetryLogs\WICA_QueryAppBlock_KLÁRA-HP.xml" /os "6.2" /appSdb "C:\Windows\system32\CompatTel\sysmain32.sdb" "C:\Windows\system32\CompatTel\sysmain64.sdb" /log "C:\Windows\TEMP\CompatTelemetryLogs" "C:\Windows\system32\CompatTel" /REDUCED /runtimeAppSdb "C:\Windows\system32\CompatTel\sysmain32Runtime.sdb" "C:\Windows\system32\CompatTel\sysmain64Runtime.sdb"
\??\C:\Windows\system32\conhost.exe "-1205690120-1327131405-21385908761401279153-205941558015721220042074715118-1100729756
"C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1568.0.1851004180\807243329" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9806 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.861.1.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group18 pct:1i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_A2_R1/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="1568.5.807584001\1449265612" /prefetch:673131151

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\sppsvc.exe
"C:\Users\Klára\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job - C:\Windows\TEMP\{38877AEA-FF13-4749-8DB0-06CCB67E8E5C}.exe --uninstall=1
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{6DBD4E1D-02D1-4794-A0CD-9CA39E7DD3D0}.exe --uninstall=1
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job - C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job - C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job - C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job - C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForKLÁRA-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForKLÁRA-HP$ (null)
C:\Windows\tasks\HPCeeScheduleForKlára.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForKlára (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-11 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912]
"SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-06-27 42808]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-07-08 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-23 136176]
"Facebook Update"=C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 138096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-05 336384]
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-06-28 168504]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-05-17 61112]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-08-10 52920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-21 19:55:46 ----D---- C:\Program Files\trend micro
2014-07-21 19:55:45 ----D---- C:\rsit
2014-07-20 14:42:20 ----D---- C:\ProgramData\ESET
2014-07-20 14:42:20 ----D---- C:\Program Files\ESET
2014-07-12 19:41:18 ----A---- C:\Windows\system32\aepdu.dll
2014-07-12 19:41:17 ----A---- C:\Windows\system32\aeinv.dll
2014-07-12 19:40:10 ----A---- C:\Windows\system32\win32k.sys
2014-07-12 19:40:08 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-12 19:40:08 ----A---- C:\Windows\system32\osk.exe
2014-07-12 19:39:50 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-12 19:39:50 ----A---- C:\Windows\system32\qedit.dll
2014-07-12 19:39:33 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-12 19:39:10 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-12 19:39:10 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-12 19:39:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-12 19:39:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-12 19:39:10 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-12 19:39:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-12 19:39:10 ----A---- C:\Windows\system32\wdigest.dll
2014-07-12 19:39:10 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-12 19:39:10 ----A---- C:\Windows\system32\schannel.dll
2014-07-12 19:39:10 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-12 19:39:10 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-12 19:39:10 ----A---- C:\Windows\system32\kerberos.dll
2014-07-12 19:39:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-12 19:39:09 ----A---- C:\Windows\system32\credssp.dll
2014-07-12 19:38:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-12 19:38:01 ----A---- C:\Windows\system32\iernonce.dll
2014-07-12 19:38:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-12 19:38:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-12 19:37:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-12 19:37:59 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-12 19:37:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-12 19:37:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-12 19:37:59 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-12 19:37:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-12 19:37:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-12 19:37:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-12 19:37:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 19:37:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-12 19:37:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-12 19:37:54 ----A---- C:\Windows\system32\urlmon.dll
2014-07-12 19:37:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-12 19:37:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-12 19:37:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 19:37:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-12 19:37:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-12 19:37:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-12 19:37:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-12 19:37:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-12 19:37:52 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-12 19:37:51 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-12 19:37:50 ----A---- C:\Windows\system32\iesetup.dll
2014-07-12 19:37:49 ----A---- C:\Windows\system32\iertutil.dll
2014-07-12 19:37:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-12 19:37:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-12 19:37:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-12 19:37:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-12 19:37:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-12 19:37:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-12 19:37:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-12 19:37:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-12 19:37:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-12 19:37:45 ----A---- C:\Windows\system32\ieui.dll
2014-07-12 19:37:45 ----A---- C:\Windows\system32\ieframe.dll
2014-07-12 19:37:45 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-12 19:37:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-12 19:37:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-12 19:37:44 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-12 19:37:43 ----A---- C:\Windows\system32\vbscript.dll
2014-07-12 19:37:43 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-12 19:37:43 ----A---- C:\Windows\system32\jscript9.dll
2014-07-12 19:37:43 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-12 19:37:42 ----A---- C:\Windows\system32\wininet.dll
2014-07-12 19:37:41 ----A---- C:\Windows\system32\msrating.dll
2014-07-12 19:37:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-12 19:37:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-12 19:37:40 ----A---- C:\Windows\system32\mshtml.dll
2014-07-12 19:36:56 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-12 19:36:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-12 19:36:55 ----A---- C:\Windows\SYSWOW64\secur32.dll

======List of files/folders modified in the last 1 month======

2014-07-21 19:55:46 ----RD---- C:\Program Files
2014-07-21 19:55:33 ----D---- C:\Windows\Temp
2014-07-21 19:38:15 ----D---- C:\Windows\system32\config
2014-07-21 19:32:19 ----D---- C:\Windows\inf
2014-07-21 19:31:15 ----D---- C:\Windows
2014-07-20 15:28:47 ----D---- C:\Windows\debug
2014-07-20 15:19:03 ----D---- C:\Windows\winsxs
2014-07-20 15:16:14 ----SD---- C:\Windows\system32\CompatTel
2014-07-20 15:16:13 ----D---- C:\Windows\System32
2014-07-20 15:16:12 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-20 15:16:12 ----D---- C:\Windows\system32\Dism
2014-07-20 15:16:04 ----D---- C:\Windows\SysWOW64
2014-07-20 15:16:04 ----D---- C:\Windows\ehome
2014-07-20 15:16:03 ----D---- C:\Windows\system32\drivers
2014-07-20 15:03:38 ----SHD---- C:\Windows\Installer
2014-07-20 15:02:32 ----D---- C:\Windows\system32\MRT
2014-07-20 14:59:14 ----A---- C:\Windows\system32\MRT.exe
2014-07-20 14:58:32 ----SHD---- C:\System Volume Information
2014-07-20 14:44:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-20 14:43:22 ----D---- C:\Windows\system32\DriverStore
2014-07-20 14:43:22 ----D---- C:\Windows\system32\catroot
2014-07-20 14:43:20 ----D---- C:\Windows\system32\catroot2
2014-07-20 14:42:20 ----HD---- C:\ProgramData
2014-07-20 14:31:35 ----D---- C:\Windows\SoftwareDistribution
2014-07-18 18:42:46 ----D---- C:\Windows\system32\cs-CZ
2014-07-18 18:42:46 ----D---- C:\Program Files\Internet Explorer
2014-07-18 18:42:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-18 18:42:42 ----D---- C:\Windows\system32\en-US
2014-07-18 18:42:39 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-12 19:43:39 ----D---- C:\Windows\Tasks
2014-07-12 19:43:39 ----D---- C:\Windows\system32\Tasks
2014-07-12 19:31:24 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-09 18:19:39 ----D---- C:\Users\Klára\AppData\Roaming\SoftGrid Client
2014-07-03 19:46:30 ----D---- C:\Windows\Prefetch
2014-06-28 17:32:55 ----D---- C:\Windows\system32\wfp
2014-06-28 17:32:53 ----D---- C:\Windows\system32\wbem
2014-06-28 17:31:59 ----D---- C:\Windows\registration
2014-06-28 17:31:45 ----RHD---- C:\MSOCache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-06 9359872]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-06 309760]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2011-06-16 133160]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-11-09 4729408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-06-15 620584]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-06-15 165416]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-06-15 178728]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2011-05-21 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-02-14 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-06-15 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-30 44672]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-06 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-05 365568]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-06-16 1083680]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-20 262320]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-24 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[vyosek]

Zdravim a vitam Vas u nas na foru

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Klára]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kl ra on po 21.07.2014 at 21:25:46,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ftdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2f603a45-d956-496b-81b5-50d782424976}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b85c4cb2-b352-4bd8-818c-bce353599107}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3A9EE724-A19A-4C46-90B6-7930B3C5DA5F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FE702C48-4CAA-40FD-B058-A0E2F2B68835}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{FE702C48-4CAA-40FD-B058-A0E2F2B68835}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Kl ra\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Kl ra\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Empty Folder] C:\Users\Kl ra\appdata\local\{A269734C-0893-42F8-8243-0ADCABE4A0F6}
Successfully deleted: [Empty Folder] C:\Users\Kl ra\appdata\local\{DFA7BB50-5EC0-4346-9D4C-45FC48275A4B}
Successfully deleted: [Empty Folder] C:\Users\Kl ra\appdata\local\{E4DFD62E-1D26-40C5-88FD-12F4F6281AF7}
Successfully deleted: [Empty Folder] C:\Users\Kl ra\appdata\local\{E69D28E3-E091-402C-B959-DE9FBB39A539}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Kl ra\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 21.07.2014 at 21:46:39,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Klára]

# AdwCleaner v3.216 - Report created 21/07/2014 at 21:51:20
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Klára - KLÁRA-HP
# Running from : C:\Users\Klára\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Klára\AppData\Local\apn
Folder Deleted : C:\Users\Klára\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Klára\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\Klára\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Klára\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10401&locale=en_CZ&apn_uid=a39583f9-de7c-43aa-b12d-96883ec37952&apn_ptnrs=%5EABZ&apn_sauid=DF43BD9F-946B-4666-8B6B-910792587420&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
Deleted [Search Provider] : hxxp://www.jcu.cz/search?SearchableText={searchTerms}
Deleted [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

*************************

AdwCleaner[R0].txt - [4610 octets] - [21/07/2014 21:49:54]
AdwCleaner[S0].txt - [4370 octets] - [21/07/2014 21:51:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4430 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Klára]

Zoek.exe v5.0.0.0 Updated 19-07-2014
Tool run by Kl ra on po 21.07.2014 at 22:07:45,97.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\KLRA~1\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

21.7.2014 22:09:57 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\KLRA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Lingea Lexicon 2002 deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\\LocalLow deleted successfully
C:\Users\KLRA~1\AppData\Local\CrashDumps deleted successfully
C:\Users\KLRA~1\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\ICQ deleted
C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Users\KLRA~1\Searches deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\KLRA~1\AppData\Local\Temp ====
2014-07-21 19:25:26 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\KLRA~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-07-21 19:50:37 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll
2014-07-12 17:40:08 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe
2014-07-12 17:39:50 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll
2014-07-12 17:39:10 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll
2014-07-12 17:39:10 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2014-07-12 17:39:10 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 17:39:10 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 17:39:10 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 17:39:10 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2014-07-12 17:39:09 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2014-07-12 17:38:01 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 17:38:00 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 17:38:00 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 17:37:59 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 17:37:59 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-07-12 17:37:59 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-07-12 17:37:58 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 17:37:58 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-07-12 17:37:58 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 17:37:56 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 17:37:55 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-07-12 17:37:55 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 17:37:54 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-07-12 17:37:53 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 17:37:53 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 17:37:52 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-07-12 17:37:52 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-07-12 17:37:52 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 17:37:48 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 17:37:48 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-07-12 17:37:48 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 17:37:47 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-07-12 17:37:47 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-07-12 17:37:47 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 17:37:47 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 17:37:47 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-07-12 17:36:55 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2014-07-12 17:36:55 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-07-12 17:41:18 03282D1ADC4F64D27D697CBB63F972C2 519168 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-07-12 17:41:17 980394E1FF94E460C4D71C1B098A0B4F 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll
2014-07-12 17:40:10 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-07-12 17:40:08 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe
2014-07-12 17:39:50 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll
2014-07-12 17:39:10 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll
2014-07-12 17:39:10 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2014-07-12 17:39:10 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2014-07-12 17:39:10 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-07-12 17:39:10 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2014-07-12 17:39:10 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2014-07-12 17:39:09 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2014-07-12 17:38:01 FC50DF22550C565DD096ACFAF18A37ED 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-07-12 17:37:59 DA5BAC4C5BDB22BBC6771534EA95AD33 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-07-12 17:37:59 C2F62DF01E3552DB0571FEF4D514675B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-07-12 17:37:59 C0F9F52C36E584C0339406ABF6DA1FBA 266424 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-07-12 17:37:58 5E646AD50848A409291418B5759595B9 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-07-12 17:37:54 73C7D1FCF6F58F3BF077FB42B0214BC0 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-07-12 17:37:53 7176CB0FFAAC3E54ABB2014E821120F9 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-07-12 17:37:53 391D68668CFC061F26BE593A61F745E0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-07-12 17:37:52 D8E6706AECD7AA50764E126CE3F36555 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-07-12 17:37:52 2E40D5E11BCC597352EE0314AF629A0F 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-07-12 17:37:51 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-07-12 17:37:50 7469D4E046BD7D155CAC2697BD28B58B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-07-12 17:37:49 A21C6231459F4CAC212676A9367A1A68 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-07-12 17:37:49 1685AA234852657C4A6D253CCBBE84E0 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-07-12 17:37:47 8B2ADE09864BF3F7AA6D395DAFEC41B5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-07-12 17:37:45 854C5F171F5CEE272232AC0286F3B3B9 598016 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-07-12 17:37:45 415DF2B045167D6D85223CFFF00FCFC7 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-07-12 17:37:45 366FA6D38406DC8BED62825C196144D1 13527040 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-07-12 17:37:44 CD76B3D60D28634A67B0AD7CB2E45929 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-07-12 17:37:44 945FA19B388FCF0FEA6124B5FD71C72F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-07-12 17:37:44 1FD6C2F6AC489C271565730F6E9E1A05 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-07-12 17:37:43 BDD4A74421B023C81DA63168BD10C01B 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-07-12 17:37:43 50FF2DD806CC6CF3B3F98F9A1A711603 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-07-12 17:37:43 4EC7738394D2BC7BCB5F7A3657F57252 5721088 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-07-12 17:37:43 00401347C3BC466E5F2516387EBBCA7D 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-07-12 17:37:42 2EE102DF0EDD8A1EDD3D1E9B99A91BEC 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-07-12 17:37:41 F876957CA193B20A21D52F91418657D7 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-07-12 17:37:41 89A53CDE0DA5680AF48A181D82C752CA 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-07-12 17:37:40 FEC19C351EF1B2C998A85D1BFD765675 23464448 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-07-12 17:37:40 52012C83F7E9AF65D13F04415F0508F5 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-07-12 17:36:56 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll
====== C:\Windows\Sysnative\drivers =====
2014-07-12 17:39:33 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
====== C:\Windows\Tasks ======
2014-07-12 17:43:39 D5058CEDD23C081AC53C2B28223A5271 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForKlára
2014-07-12 17:43:39 BDC586ED4475C01557338F3A117478B1 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForKlára.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-21 17:55:46 -------- d-----w- C:\Program Files\trend micro
2014-07-20 12:42:20 -------- d-----w- C:\Program Files\ESET
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\KLRA~1\AppData ======
2014-06-30 19:51:58 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\ESET
2014-06-28 17:30:16 -------- d-----w- C:\Users\KLRA~1\AppData\Local\ESET
====== C:\Users\KLRA~1 ======
2014-07-21 19:49:00 B653DD91D5D6E519D3357A80A15A5DFB 1354223 ----a-w- C:\Users\KLRA~1\Desktop\adwcleaner_3.216.exe
2014-07-21 19:48:31 B653DD91D5D6E519D3357A80A15A5DFB 1354223 ----a-w- C:\Users\KLRA~1\Downloads\adwcleaner_3.216.exe
2014-07-21 19:25:06 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\KLRA~1\Desktop\JRT (1).exe
2014-07-21 19:24:40 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\KLRA~1\Downloads\JRT (1).exe
2014-07-21 19:24:07 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\KLRA~1\Downloads\JRT.exe
2014-07-21 17:54:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\KLRA~1\Downloads\RSITx64.exe
2014-07-20 12:42:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-07-20 12:42:20 -------- d-----w- C:\ProgramData\ESET

====== C: exe-files ==
2014-07-21 19:49:00 B653DD91D5D6E519D3357A80A15A5DFB 1354223 ----a-w- C:\Users\Klára\Desktop\adwcleaner_3.216.exe
2014-07-21 19:48:31 B653DD91D5D6E519D3357A80A15A5DFB 1354223 ----a-w- C:\Users\Klára\Downloads\adwcleaner_3.216.exe
2014-07-21 19:25:26 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-07-21 19:25:06 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Klára\Desktop\JRT (1).exe
2014-07-21 19:24:40 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Klára\Downloads\JRT (1).exe
2014-07-21 19:24:07 CA630DBADEB5B6101531F986ADFE46C9 1016261 ----a-w- C:\Users\Klára\Downloads\JRT.exe
2014-07-21 18:01:26 C5D237A3DA4A914D19D825C73FDE4487 8848464 ----a-w- C:\Users\Klára\AppData\Local\Google\Update\Install\{C879FA74-0756-4C41-8A5A-B82ECF8507F4}\36.0.1985.125_35.0.1916.153_chrome_updater.exe
2014-07-21 18:01:25 C5D237A3DA4A914D19D825C73FDE4487 8848464 ----a-w- C:\Users\Klára\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.125\36.0.1985.125_35.0.1916.153_chrome_updater.exe
2014-07-21 17:55:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Klára.exe
2014-07-21 17:54:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Klára\Downloads\RSITx64.exe
2014-07-20 12:43:27 B237D9D29FA55BEB1B4EBE5B82F76A30 2953096 ----a-w- C:\Program Files\ESET\ESET NOD32 Antivirus\speclean.exe
=== C: other files ==
2014-07-21 19:25:24 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\TDL4.bat
2014-07-21 19:25:24 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\searchlnk.bat
2014-07-21 19:25:24 7D8282EB94B5D639B7378811C1924A8F 9516 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\runvalues.bat
2014-07-21 19:25:24 5B71358F97544D9DE58A9A0893079506 39458 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\prelim.bat
2014-07-21 19:25:23 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\medfos.bat
2014-07-21 19:25:23 A87CD1BAC46CAC0EEEDB571F07077032 8104 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\modules.bat
2014-07-21 19:25:23 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\firefox.bat
2014-07-21 19:25:23 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\ev_clear.bat
2014-07-21 19:25:23 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\delorphans.bat
2014-07-21 19:25:23 5B92615B0CEA08D6BA1217C08CBB1443 15919 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\get.bat
2014-07-21 19:25:23 53B191266B30D57F2F835ABBF54C68C5 13963 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\chrome.bat
2014-07-21 19:25:23 3BC04DEBBE9027060D51901133F60101 154678 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\misc.bat
2014-07-21 19:25:23 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\ask.bat
2014-07-21 19:25:23 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\iexplore.bat
2014-07-21 19:25:23 2F80D807DB405C8F6E0F3706B9FED710 10161 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\JRT.bat
2014-07-21 19:25:23 0D08FBD2E6F6C6AC6A504712C4CE6CE3 1226 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\FWPolicy.bat
2014-07-21 19:25:23 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Klára\AppData\Local\Temp\jrt\delfolders.bat
2014-07-21 18:53:11 37E2872E1C7D2B7F2E4691B7ED901B42 118249202 ----a-w- C:\Users\Klára\Downloads\cae_result_workbook_with_listening.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Kl ra\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\Kl ra\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Kl ra\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\Kl ra\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe"
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Kl ra\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""


==== Startup Folders ======================

2011-11-09 16:28:17 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20.07.2014 14:44]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job --a------ C:\Users\Klra\AppData\Local\Facebook\Update\FacebookUpdate.exe []
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job --a------ C:\Users\Klra\AppData\Local\Facebook\Update\FacebookUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job --a------ C:\Users\Klra\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job --a------ C:\Users\Klra\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\HPCeeScheduleForKLÁRA-HP$.job [Undetermined Task]
C:\Windows\tasks\HPCeeScheduleForKlára.job [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [C:\Users\Kl ra\AppData\Local\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core" [C:\Users\Kl ra\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA" [C:\Users\Kl ra\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Kl ra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98" [C:\Users\Kl ra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21" [C:\Users\Kl ra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7BD1777A-2608-4A23-B157-1F6EA59874A1}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chrome Look ======================

Google Wallet - KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.bing.com?pc=CPNTDF"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\KLRA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\KLRA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=52 folders=8 290878 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\KLRA~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\KLRA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 21.07.2014 at 22:44:12,64 ======================

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

[Klára]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Klára (administrator) on KLÁRA-HP on 23-07-2014 11:10:45
Running from C:\Users\Klára\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(forum.viry.cz) C:\Users\Klára\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [168504 2011-06-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Run: [Google Update] => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-23] (Google Inc.)
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Run: [Facebook Update] => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-30] (Facebook Inc.)
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Policies\system: [DisableChangePassword] 0
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - {FE702C48-4CAA-40FD-B058-A0E2F2B68835} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-10] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=0.9.9 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Klára\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Klára\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Klára\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-07-20]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Extension: (Peněženka Google) - C:\Users\Klára\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR StartMenuInternet: Google Chrome - C:\Users\Klára\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133160 2011-06-16] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-23 11:10 - 2014-07-23 11:11 - 00013397 _____ () C:\Users\Klára\Desktop\FRST.txt
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\FRST
2014-07-23 10:45 - 2014-07-23 10:46 - 00112640 _____ (forum.viry.cz) C:\Users\Klára\Desktop\FRSTLauncher.exe
2014-07-23 10:44 - 2014-07-23 10:44 - 02090496 _____ (Farbar) C:\Users\Klára\Desktop\FRST64.exe
2014-07-23 10:36 - 2014-07-23 10:36 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKlára
2014-07-23 10:36 - 2014-07-23 10:36 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForKlára.job
2014-07-21 22:42 - 2014-07-21 22:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 22:09 - 2014-07-21 22:44 - 00027245 _____ () C:\zoek-results.log
2014-07-21 22:07 - 2014-07-21 22:31 - 00000000 ____D () C:\zoek_backup
2014-07-21 22:07 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Desktop\zoek.exe
2014-07-21 22:06 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Downloads\zoek.exe
2014-07-21 21:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 21:49 - 2014-07-21 22:03 - 00000000 ____D () C:\AdwCleaner
2014-07-21 21:49 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Desktop\adwcleaner_3.216.exe
2014-07-21 21:48 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Downloads\adwcleaner_3.216.exe
2014-07-21 21:25 - 2014-07-21 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 21:25 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Desktop\JRT (1).exe
2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT.exe
2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT (1).exe
2014-07-21 21:18 - 2014-07-21 21:30 - 205756416 _____ () C:\Users\Klára\Downloads\the.nanny.s01e13.fs.dvdrip.xvid.multidub.cz-vid.avi
2014-07-21 21:01 - 2014-07-21 21:05 - 60002616 _____ () C:\Users\Klára\Downloads\CAE-RESULT-poslechy.rar
2014-07-21 20:53 - 2014-07-21 20:59 - 118249202 _____ () C:\Users\Klára\Downloads\cae_result_workbook_with_listening.zip
2014-07-21 20:38 - 2014-07-21 20:44 - 101424590 _____ () C:\Users\Klára\Downloads\CAE-Result-Student's-Book-and-Workbook.rar
2014-07-21 19:55 - 2014-07-21 20:21 - 00000000 ____D () C:\rsit
2014-07-21 19:55 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files\trend micro
2014-07-21 19:54 - 2014-07-21 19:55 - 01222144 _____ () C:\Users\Klára\Downloads\RSITx64.exe
2014-07-20 14:42 - 2014-07-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-07-20 14:42 - 2014-07-20 14:42 - 00000000 ____D () C:\ProgramData\ESET
2014-07-20 14:42 - 2014-07-20 14:42 - 00000000 ____D () C:\Program Files\ESET
2014-07-12 19:41 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-12 19:41 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-12 19:40 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 19:40 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 19:40 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 19:39 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-12 19:39 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-12 19:39 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 19:39 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 19:39 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-12 19:38 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 19:38 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 19:38 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 19:38 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 19:37 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 19:37 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 19:37 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 19:37 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 19:37 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 19:37 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 19:37 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 19:37 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 19:37 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 19:37 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 19:37 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 19:37 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 19:37 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 19:37 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 19:37 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 19:37 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 19:37 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-12 19:37 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 19:37 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 19:37 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 19:37 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 19:37 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 19:37 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 19:37 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 19:37 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 19:37 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 19:37 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 19:37 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 19:37 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 19:37 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 19:37 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 19:37 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 19:37 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 19:37 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 19:37 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 19:37 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 19:37 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 19:37 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 19:37 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 19:37 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 19:37 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 19:37 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 19:37 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 19:37 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 19:37 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 19:37 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 19:37 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 19:37 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 19:37 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 19:37 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 19:37 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 19:37 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 19:36 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-12 19:36 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-12 19:36 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 21:51 - 2014-07-06 22:00 - 114562647 _____ () C:\Users\Klára\Downloads\40-Min-Cardio-HIIT-Workout-+-Butt,-Thighs,-Abs--Ultimate-Workout-for-Belly-Fat-Loss,-No-Equipment.mp4
2014-06-28 19:30 - 2014-06-28 19:30 - 00000000 ____D () C:\Users\Klára\AppData\Local\ESET
2014-06-23 22:32 - 2014-06-23 22:32 - 09927168 _____ () C:\Users\Klára\Downloads\Transcendentalism.ppt
2014-06-23 22:32 - 2014-06-23 22:32 - 03186688 _____ () C:\Users\Klára\Downloads\Sea Novels and Moby Dick.ppt
2014-06-23 22:32 - 2014-06-23 22:32 - 02493952 _____ () C:\Users\Klára\Downloads\Hermann Melville (1819–1891).ppt
2014-06-23 22:30 - 2014-06-23 22:30 - 00276992 _____ () C:\Users\Klára\Downloads\Periodization, Early Lit..ppt

==================== One Month Modified Files and Folders =======

2014-07-23 11:11 - 2014-07-23 11:10 - 00013397 _____ () C:\Users\Klára\Desktop\FRST.txt
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\FRST
2014-07-23 11:02 - 2014-06-17 13:55 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job
2014-07-23 11:02 - 2012-04-03 20:39 - 00002368 _____ () C:\Users\Klára\Desktop\Google Chrome.lnk
2014-07-23 10:46 - 2014-07-23 10:45 - 00112640 _____ (forum.viry.cz) C:\Users\Klára\Desktop\FRSTLauncher.exe
2014-07-23 10:44 - 2014-07-23 10:44 - 02090496 _____ (Farbar) C:\Users\Klára\Desktop\FRST64.exe
2014-07-23 10:44 - 2013-03-02 18:08 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-23 10:39 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-23 10:39 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-23 10:37 - 2014-06-05 19:11 - 00839408 ____N () C:\Windows\WindowsUpdate.log
2014-07-23 10:36 - 2014-07-23 10:36 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKlára
2014-07-23 10:36 - 2014-07-23 10:36 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForKlára.job
2014-07-23 10:35 - 2012-03-23 19:15 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7BD1777A-2608-4A23-B157-1F6EA59874A1}
2014-07-23 10:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 12:20 - 2012-06-21 16:12 - 00000000 ____D () C:\Users\Klára\AppData\Roaming\SoftGrid Client
2014-07-22 12:19 - 2013-10-02 09:22 - 00052646 _____ () C:\Users\Klára\Desktop\Wortschatz.xlsx
2014-07-22 11:37 - 2013-10-15 14:46 - 00074596 _____ () C:\Users\Klára\Desktop\Vocabulary.xlsx
2014-07-22 09:42 - 2013-07-30 21:37 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job
2014-07-22 08:52 - 2012-03-23 19:08 - 00000000 ____D () C:\Users\Klára
2014-07-21 22:44 - 2014-07-21 22:09 - 00027245 _____ () C:\zoek-results.log
2014-07-21 22:31 - 2014-07-21 22:07 - 00000000 ____D () C:\zoek_backup
2014-07-21 22:07 - 2014-07-21 22:42 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 22:07 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Desktop\zoek.exe
2014-07-21 22:07 - 2014-07-21 22:06 - 01287168 _____ () C:\Users\Klára\Downloads\zoek.exe
2014-07-21 22:03 - 2014-07-21 21:49 - 00000000 ____D () C:\AdwCleaner
2014-07-21 21:48 - 2014-07-21 21:49 - 01354223 _____ () C:\Users\Klára\Desktop\adwcleaner_3.216.exe
2014-07-21 21:48 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Downloads\adwcleaner_3.216.exe
2014-07-21 21:42 - 2013-07-30 21:37 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job
2014-07-21 21:30 - 2014-07-21 21:18 - 205756416 _____ () C:\Users\Klára\Downloads\the.nanny.s01e13.fs.dvdrip.xvid.multidub.cz-vid.avi
2014-07-21 21:25 - 2014-07-21 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 21:24 - 2014-07-21 21:25 - 01016261 _____ (Thisisu) C:\Users\Klára\Desktop\JRT (1).exe
2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT.exe
2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT (1).exe
2014-07-21 21:05 - 2014-07-21 21:01 - 60002616 _____ () C:\Users\Klára\Downloads\CAE-RESULT-poslechy.rar
2014-07-21 20:59 - 2014-07-21 20:53 - 118249202 _____ () C:\Users\Klára\Downloads\cae_result_workbook_with_listening.zip
2014-07-21 20:44 - 2014-07-21 20:38 - 101424590 _____ () C:\Users\Klára\Downloads\CAE-Result-Student's-Book-and-Workbook.rar
2014-07-21 20:21 - 2014-07-21 19:55 - 00000000 ____D () C:\rsit
2014-07-21 19:56 - 2014-07-21 19:55 - 00000000 ____D () C:\Program Files\trend micro
2014-07-21 19:55 - 2014-07-21 19:54 - 01222144 _____ () C:\Users\Klára\Downloads\RSITx64.exe
2014-07-20 15:18 - 2009-07-14 06:45 - 00277608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-20 15:16 - 2014-05-07 08:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-20 15:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-20 15:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-20 15:02 - 2013-08-10 09:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 14:59 - 2012-03-24 10:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-20 14:45 - 2013-03-02 18:08 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-20 14:44 - 2013-03-02 18:08 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-20 14:44 - 2011-08-10 19:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-20 14:42 - 2014-07-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-07-20 14:42 - 2014-07-20 14:42 - 00000000 ____D () C:\ProgramData\ESET
2014-07-20 14:42 - 2014-07-20 14:42 - 00000000 ____D () C:\Program Files\ESET
2014-07-20 14:12 - 2014-05-06 12:49 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job
2014-07-18 18:41 - 2012-12-02 17:17 - 00003218 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKLÁRA-HP$
2014-07-18 18:41 - 2012-12-02 17:17 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForKLÁRA-HP$.job
2014-07-12 19:32 - 2012-03-24 10:28 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-12 19:31 - 2012-04-29 13:25 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-06 22:00 - 2014-07-06 21:51 - 114562647 _____ () C:\Users\Klára\Downloads\40-Min-Cardio-HIIT-Workout-+-Butt,-Thighs,-Abs--Ultimate-Workout-for-Belly-Fat-Loss,-No-Equipment.mp4
2014-06-30 04:09 - 2014-07-12 19:41 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-12 19:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 19:30 - 2014-06-28 19:30 - 00000000 ____D () C:\Users\Klára\AppData\Local\ESET
2014-06-28 17:31 - 2012-06-21 16:19 - 00000000 __RHD () C:\MSOCache
2014-06-28 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-23 22:32 - 2014-06-23 22:32 - 09927168 _____ () C:\Users\Klára\Downloads\Transcendentalism.ppt
2014-06-23 22:32 - 2014-06-23 22:32 - 03186688 _____ () C:\Users\Klára\Downloads\Sea Novels and Moby Dick.ppt
2014-06-23 22:32 - 2014-06-23 22:32 - 02493952 _____ () C:\Users\Klára\Downloads\Hermann Melville (1819–1891).ppt
2014-06-23 22:30 - 2014-06-23 22:30 - 00276992 _____ () C:\Users\Klára\Downloads\Periodization, Early Lit..ppt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKLÁRA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKlára.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kl�ra\Desktop" je 1027 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
  HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
  HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
  HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Run: [Google Update] => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-23] (Google Inc.)
  HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Run: [Facebook Update] => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-30] (Facebook Inc.)
  HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Policies\system: [DisableLockWorkstation] 0
  HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Policies\system: [DisableChangePassword] 0
  
  SearchScopes: HKLM - {FE702C48-4CAA-40FD-B058-A0E2F2B68835} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
  SearchScopes: HKLM-x32 - DefaultScope value is missing.
  SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  
  2014-07-23 10:45 - 2014-07-23 10:46 - 00112640 _____ (forum.viry.cz) C:\Users\Klára\Desktop\FRSTLauncher.exe
  2014-07-21 22:42 - 2014-07-21 22:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-07-21 22:09 - 2014-07-21 22:44 - 00027245 _____ () C:\zoek-results.log
  2014-07-21 22:07 - 2014-07-21 22:31 - 00000000 ____D () C:\zoek_backup
  2014-07-21 22:07 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Desktop\zoek.exe
  2014-07-21 22:06 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Downloads\zoek.exe
  2014-07-21 21:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-07-21 21:49 - 2014-07-21 22:03 - 00000000 ____D () C:\AdwCleaner
  2014-07-21 21:49 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Desktop\adwcleaner_3.216.exe
  2014-07-21 21:48 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Downloads\adwcleaner_3.216.exe
  2014-07-21 21:25 - 2014-07-21 21:25 - 00000000 ____D () C:\Windows\ERUNT
  2014-07-21 21:25 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Desktop\JRT (1).exe
  2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT.exe
  2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT (1).exe
  2014-07-21 19:55 - 2014-07-21 20:21 - 00000000 ____D () C:\rsit
  2014-07-21 19:55 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files\trend micro
  2014-07-21 19:54 - 2014-07-21 19:55 - 01222144 _____ () C:\Users\Klára\Downloads\RSITx64.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\HPCeeScheduleForKLÁRA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
  Task: C:\Windows\Tasks\HPCeeScheduleForKlára.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Klára]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-07-2014
Ran by Klára at 2014-07-26 09:11:10 Run:1
Running from C:\Users\Klára\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Run: [Google Update] => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-03-23] (Google Inc.)
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Run: [Facebook Update] => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-30] (Facebook Inc.)
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\...\Policies\system: [DisableChangePassword] 0

SearchScopes: HKLM - {FE702C48-4CAA-40FD-B058-A0E2F2B68835} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}

2014-07-23 10:45 - 2014-07-23 10:46 - 00112640 _____ (forum.viry.cz) C:\Users\Klára\Desktop\FRSTLauncher.exe
2014-07-21 22:42 - 2014-07-21 22:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-21 22:09 - 2014-07-21 22:44 - 00027245 _____ () C:\zoek-results.log
2014-07-21 22:07 - 2014-07-21 22:31 - 00000000 ____D () C:\zoek_backup
2014-07-21 22:07 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Desktop\zoek.exe
2014-07-21 22:06 - 2014-07-21 22:07 - 01287168 _____ () C:\Users\Klára\Downloads\zoek.exe
2014-07-21 21:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 21:49 - 2014-07-21 22:03 - 00000000 ____D () C:\AdwCleaner
2014-07-21 21:49 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Desktop\adwcleaner_3.216.exe
2014-07-21 21:48 - 2014-07-21 21:48 - 01354223 _____ () C:\Users\Klára\Downloads\adwcleaner_3.216.exe
2014-07-21 21:25 - 2014-07-21 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 21:25 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Desktop\JRT (1).exe
2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT.exe
2014-07-21 21:24 - 2014-07-21 21:24 - 01016261 _____ (Thisisu) C:\Users\Klára\Downloads\JRT (1).exe
2014-07-21 19:55 - 2014-07-21 20:21 - 00000000 ____D () C:\rsit
2014-07-21 19:55 - 2014-07-21 19:56 - 00000000 ____D () C:\Program Files\trend micro
2014-07-21 19:54 - 2014-07-21 19:55 - 01222144 _____ () C:\Users\Klára\Downloads\RSITx64.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job => C:\Users\Klára\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job => C:\Users\Klára\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKLÁRA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKlára.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) => Value not found.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) => Value not found.
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
HKU\S-1-5-21-2490444064-3611964800-2747540804-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE702C48-4CAA-40FD-B058-A0E2F2B68835}" => Key deleted successfully.
"HKCR\CLSID\{FE702C48-4CAA-40FD-B058-A0E2F2B68835}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"C:\Users\Klára\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Klára\Desktop\zoek.exe => Moved successfully.
C:\Users\Klára\Downloads\zoek.exe => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Klára\Desktop\adwcleaner_3.216.exe => Moved successfully.
C:\Users\Klára\Downloads\adwcleaner_3.216.exe => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\Klára\Desktop\JRT (1).exe => Moved successfully.
C:\Users\Klára\Downloads\JRT.exe => Moved successfully.
C:\Users\Klára\Downloads\JRT (1).exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Klára\Downloads\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001Core1cf6918e300ac98.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2490444064-3611964800-2747540804-1001UA1cf8a22f903ef21.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForKLÁRA-HP$.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForKlára.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse