Nedeje mi prohlizec opera, ani google cchrome..prosím

[zuzijas]

Zdravím,

můžete mi prosím checknout log. Doteď jsem používala operu, ale najednou mi přestala fungovat a ráda bych ji používala dál. Děkuji za pomoc.

[Roli]

Zdravím,

můžete mi prosím checknout log

Zdravím, a kde ho najdu ?

[zuzijas]

pardon, tady to je:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zuzka at 2014-11-07 16:41:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 418 GB (71%) free of 588 GB
Total RAM: 4030 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:28, on 7.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Program Files\trend micro\Zuzka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13462 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\System32\Eap3Host.exe {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} -Embedding
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2820
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5632.18a8fa00.1575687992 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5632 "\\.\pipe\gecko-crash-server-pipe.5632" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --proxy-stub-channel=Flash6660.65CAAAA0.12274 --host-broker-channel=Flash6660.65CAAAA0.12092 --host-pid=6660 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --channel=324.004EF458.479397170 --proxy-stub-channel=Flash6660.65CAAAA0.12274 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" --host-npapi-version=27 --type=renderer

"C:\Users\Zuzka\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\HPCeeScheduleForZUZKA-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForZUZKA-HP$ (null)
C:\windows\tasks\HPCeeScheduleForZuzka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForZuzka (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\ovqz65j0.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\ovqz65j0.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-06 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-06 379040]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-02-09 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-06-18 2774256]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-06-26 1664000]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-16 800280]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-16 800280]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-28 299576]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-28 336384]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"HPQuickWebProxy"=c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-02-11 76344]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-07 16:41:23 ----D---- C:\rsit
2014-11-07 16:41:23 ----D---- C:\Program Files\trend micro
2014-11-06 18:37:19 ----D---- C:\$RECYCLE.BIN
2014-11-06 18:05:50 ----A---- C:\windows\zip.exe
2014-11-06 18:05:50 ----A---- C:\windows\SWSC.exe
2014-11-06 18:05:50 ----A---- C:\windows\SWREG.exe
2014-11-06 18:05:50 ----A---- C:\windows\sed.exe
2014-11-06 18:05:50 ----A---- C:\windows\PEV.exe
2014-11-06 18:05:50 ----A---- C:\windows\NIRCMD.exe
2014-11-06 18:05:50 ----A---- C:\windows\MBR.exe
2014-11-06 18:05:50 ----A---- C:\windows\grep.exe
2014-11-06 18:05:42 ----D---- C:\ComboFix
2014-11-06 18:05:37 ----D---- C:\Qoobox
2014-11-06 18:05:15 ----D---- C:\windows\erdnt
2014-11-04 15:25:20 ----D---- C:\Users\Zuzka\AppData\Roaming\IDT
2014-11-02 09:26:00 ----D---- C:\Program Files (x86)\Google
2014-11-01 19:52:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-27 20:50:05 ----D---- C:\Program Files\CCleaner
2014-10-27 14:43:27 ----D---- C:\Users\Zuzka\AppData\Roaming\ESET
2014-10-27 14:41:46 ----D---- C:\ProgramData\ESET
2014-10-27 14:41:46 ----D---- C:\Program Files\ESET
2014-10-27 14:05:32 ----A---- C:\windows\system32\RtNicProp64.dll
2014-10-27 14:05:32 ----A---- C:\windows\system32\drivers\Rt64win7.sys
2014-10-27 14:05:27 ----D---- C:\Program Files (x86)\Realtek
2014-10-27 13:53:42 ----A---- C:\windows\system32\drivers\athrx.sys
2014-10-27 13:52:49 ----A---- C:\windows\system32\athihvs.dll
2014-10-27 13:52:05 ----D---- C:\ProgramData\Qualcomm Atheros
2014-10-22 18:14:35 ----D---- C:\Users\Zuzka\AppData\Roaming\uTorrent
2014-10-15 16:50:03 ----A---- C:\windows\system32\win32k.sys
2014-10-15 16:49:51 ----A---- C:\windows\SYSWOW64\mscorier.dll
2014-10-15 16:49:51 ----A---- C:\windows\SYSWOW64\dfshim.dll
2014-10-15 16:49:51 ----A---- C:\windows\system32\mscorier.dll
2014-10-15 16:49:51 ----A---- C:\windows\system32\dfshim.dll
2014-10-15 16:49:50 ----A---- C:\windows\SYSWOW64\mscories.dll
2014-10-15 16:49:50 ----A---- C:\windows\system32\mscories.dll
2014-10-15 16:49:41 ----A---- C:\windows\SYSWOW64\blackbox.dll
2014-10-15 16:49:41 ----A---- C:\windows\system32\drmv2clt.dll
2014-10-15 16:49:41 ----A---- C:\windows\system32\blackbox.dll
2014-10-15 16:49:40 ----A---- C:\windows\SYSWOW64\drmv2clt.dll
2014-10-15 16:49:37 ----A---- C:\windows\system32\wmp.dll
2014-10-15 16:49:36 ----A---- C:\windows\system32\wmdrmsdk.dll
2014-10-15 16:49:36 ----A---- C:\windows\system32\mf.dll
2014-10-15 16:49:35 ----A---- C:\windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 16:49:34 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-10-15 16:49:33 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-10-15 16:49:30 ----A---- C:\windows\system32\drmmgrtn.dll
2014-10-15 16:49:29 ----A---- C:\windows\SYSWOW64\mf.dll
2014-10-15 16:49:29 ----A---- C:\windows\SYSWOW64\drmmgrtn.dll
2014-10-15 16:49:29 ----A---- C:\windows\system32\ci.dll
2014-10-15 16:49:28 ----A---- C:\windows\system32\drivers\PEAuth.sys
2014-10-15 16:49:27 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 16:49:26 ----A---- C:\windows\system32\winload.exe
2014-10-15 16:49:26 ----A---- C:\windows\system32\quartz.dll
2014-10-15 16:49:26 ----A---- C:\windows\system32\AudioEng.dll
2014-10-15 16:49:25 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-10-15 16:49:25 ----A---- C:\windows\system32\wintrust.dll
2014-10-15 16:49:25 ----A---- C:\windows\system32\winresume.exe
2014-10-15 16:49:25 ----A---- C:\windows\system32\ntoskrnl.exe
2014-10-15 16:49:25 ----A---- C:\windows\system32\cryptsvc.dll
2014-10-15 16:49:24 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 16:49:24 ----A---- C:\windows\system32\evr.dll
2014-10-15 16:49:23 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-10-15 16:49:23 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-10-15 16:49:23 ----A---- C:\windows\system32\EncDump.dll
2014-10-15 16:49:23 ----A---- C:\windows\system32\crypt32.dll
2014-10-15 16:49:23 ----A---- C:\windows\system32\AudioSes.dll
2014-10-15 16:49:22 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-10-15 16:49:22 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-10-15 16:49:22 ----A---- C:\windows\SYSWOW64\evr.dll
2014-10-15 16:49:22 ----A---- C:\windows\system32\mfplat.dll
2014-10-15 16:49:22 ----A---- C:\windows\system32\cryptui.dll
2014-10-15 16:49:22 ----A---- C:\windows\system32\audiosrv.dll
2014-10-15 16:49:21 ----A---- C:\windows\SYSWOW64\mfplat.dll
2014-10-15 16:49:21 ----A---- C:\windows\SYSWOW64\cryptui.dll
2014-10-15 16:49:21 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-10-15 16:49:21 ----A---- C:\windows\system32\srcore.dll
2014-10-15 16:49:21 ----A---- C:\windows\system32\pcasvc.dll
2014-10-15 16:49:20 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-10-15 16:49:20 ----A---- C:\windows\system32\cryptsp.dll
2014-10-15 16:49:19 ----A---- C:\windows\SYSWOW64\cryptsp.dll
2014-10-15 16:49:19 ----A---- C:\windows\system32\msscp.dll
2014-10-15 16:49:18 ----A---- C:\windows\system32\rstrui.exe
2014-10-15 16:49:18 ----A---- C:\windows\system32\msnetobj.dll
2014-10-15 16:49:18 ----A---- C:\windows\system32\appidsvc.dll
2014-10-15 16:49:18 ----A---- C:\windows\system32\appidapi.dll
2014-10-15 16:49:17 ----A---- C:\windows\SYSWOW64\msscp.dll
2014-10-15 16:49:17 ----A---- C:\windows\SYSWOW64\msnetobj.dll
2014-10-15 16:49:17 ----A---- C:\windows\system32\rrinstaller.exe
2014-10-15 16:49:17 ----A---- C:\windows\system32\drivers\appid.sys
2014-10-15 16:49:17 ----A---- C:\windows\system32\audiodg.exe
2014-10-15 16:49:16 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2014-10-15 16:49:16 ----A---- C:\windows\SYSWOW64\mfps.dll
2014-10-15 16:49:16 ----A---- C:\windows\system32\mfps.dll
2014-10-15 16:49:15 ----A---- C:\windows\SYSWOW64\appidapi.dll
2014-10-15 16:49:15 ----A---- C:\windows\system32\appidpolicyconverter.exe
2014-10-15 16:49:14 ----A---- C:\windows\system32\setbcdlocale.dll
2014-10-15 16:49:14 ----A---- C:\windows\system32\mfpmp.exe
2014-10-15 16:49:13 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-10-15 16:49:13 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2014-10-15 16:49:13 ----A---- C:\windows\system32\srclient.dll
2014-10-15 16:49:13 ----A---- C:\windows\system32\appidcertstorecheck.exe
2014-10-15 16:49:09 ----A---- C:\windows\SYSWOW64\spwmp.dll
2014-10-15 16:49:09 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2014-10-15 16:49:09 ----A---- C:\windows\system32\spwmp.dll
2014-10-15 16:49:09 ----A---- C:\windows\system32\dxmasf.dll
2014-10-15 16:49:08 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-10-15 16:49:08 ----A---- C:\windows\SYSWOW64\mferror.dll
2014-10-15 16:49:08 ----A---- C:\windows\system32\wmploc.DLL
2014-10-15 16:49:08 ----A---- C:\windows\system32\mferror.dll
2014-10-15 16:40:58 ----A---- C:\windows\system32\generaltel.dll
2014-10-15 16:40:57 ----A---- C:\windows\system32\aepdu.dll
2014-10-15 16:40:55 ----A---- C:\windows\system32\aeinv.dll
2014-10-15 16:40:52 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-10-15 16:40:51 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-10-15 16:40:51 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-10-15 16:40:51 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 16:40:50 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-10-15 16:40:50 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 16:40:50 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-10-15 16:40:50 ----A---- C:\windows\system32\iernonce.dll
2014-10-15 16:40:50 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-15 16:40:50 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-15 16:40:49 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-10-15 16:40:49 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-10-15 16:40:49 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-10-15 16:40:49 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 16:40:46 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-10-15 16:40:46 ----A---- C:\windows\system32\urlmon.dll
2014-10-15 16:40:46 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-15 16:40:45 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-10-15 16:40:44 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-10-15 16:40:44 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-15 16:40:43 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-10-15 16:40:43 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-10-15 16:40:43 ----A---- C:\windows\system32\msfeeds.dll
2014-10-15 16:40:43 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-15 16:40:43 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-15 16:40:42 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-10-15 16:40:42 ----A---- C:\windows\system32\iesetup.dll
2014-10-15 16:40:41 ----A---- C:\windows\system32\iertutil.dll
2014-10-15 16:40:40 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 16:40:40 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-10-15 16:40:40 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-10-15 16:40:39 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-10-15 16:40:39 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-10-15 16:40:39 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-10-15 16:40:38 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-10-15 16:40:38 ----A---- C:\windows\system32\jsproxy.dll
2014-10-15 16:40:37 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-10-15 16:40:36 ----A---- C:\windows\system32\ieui.dll
2014-10-15 16:40:36 ----A---- C:\windows\system32\dxtrans.dll
2014-10-15 16:40:34 ----A---- C:\windows\system32\mshtmled.dll
2014-10-15 16:40:34 ----A---- C:\windows\system32\ieframe.dll
2014-10-15 16:40:33 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-15 16:40:32 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-15 16:40:32 ----A---- C:\windows\system32\jscript9.dll
2014-10-15 16:40:32 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-15 16:40:31 ----A---- C:\windows\system32\wininet.dll
2014-10-15 16:40:31 ----A---- C:\windows\system32\vbscript.dll
2014-10-15 16:40:31 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-15 16:40:30 ----A---- C:\windows\system32\msrating.dll
2014-10-15 16:40:30 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-15 16:40:28 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 16:40:28 ----A---- C:\windows\system32\mshtml.dll
2014-10-15 16:40:04 ----A---- C:\windows\system32\msi.dll
2014-10-15 16:40:02 ----A---- C:\windows\SYSWOW64\msi.dll
2014-10-15 16:39:00 ----A---- C:\windows\system32\rastls.dll
2014-10-15 16:38:59 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-10-15 16:38:48 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-10-15 16:38:48 ----A---- C:\windows\system32\mstscax.dll
2014-10-15 16:38:46 ----A---- C:\windows\system32\termsrv.dll
2014-10-15 16:38:46 ----A---- C:\windows\system32\mstsc.exe
2014-10-15 16:38:45 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-10-15 16:38:44 ----A---- C:\windows\system32\winsta.dll
2014-10-15 16:38:43 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-10-15 16:38:43 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-10-15 16:38:43 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-10-15 16:38:42 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-10-15 16:38:42 ----A---- C:\windows\system32\winlogon.exe
2014-10-15 16:38:39 ----A---- C:\windows\system32\TSpkg.dll
2014-10-15 16:38:38 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-10-15 16:38:37 ----A---- C:\windows\system32\credssp.dll
2014-10-15 16:38:36 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-10-15 16:38:35 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-10-15 16:36:22 ----A---- C:\windows\system32\packager.dll
2014-10-15 16:36:21 ----A---- C:\windows\SYSWOW64\packager.dll
2014-10-10 08:59:12 ----A---- C:\windows\system32\drivers\epfwwfp.sys
2014-10-10 08:59:12 ----A---- C:\windows\system32\drivers\EpfwLWF.sys
2014-10-10 08:59:12 ----A---- C:\windows\system32\drivers\epfw.sys
2014-10-10 08:59:12 ----A---- C:\windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\windows\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2014-11-07 16:41:28 ----D---- C:\windows\Prefetch
2014-11-07 16:41:25 ----D---- C:\windows\Temp
2014-11-07 16:41:23 ----D---- C:\Program Files
2014-11-07 16:13:25 ----D---- C:\windows\system32\config
2014-11-07 15:19:04 ----D---- C:\ProgramData
2014-11-07 15:19:03 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-11-07 15:18:59 ----D---- C:\ProgramData\Hewlett-Packard
2014-11-07 15:18:58 ----SHD---- C:\windows\Installer
2014-11-07 15:18:58 ----RSD---- C:\windows\assembly
2014-11-07 15:18:07 ----D---- C:\windows\System32
2014-11-07 15:18:07 ----D---- C:\windows\inf
2014-11-07 15:18:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-11-07 15:16:29 ----SHD---- C:\System Volume Information
2014-11-07 15:13:57 ----A---- C:\windows\SYSWOW64\log.txt
2014-11-07 15:13:29 ----D---- C:\windows\SysWOW64
2014-11-06 22:57:13 ----D---- C:\Users\Zuzka\AppData\Roaming\BSplayer
2014-11-06 22:27:32 ----D---- C:\Users\Zuzka\AppData\Roaming\Skype
2014-11-06 19:15:56 ----D---- C:\windows\system32\Tasks
2014-11-06 19:15:56 ----D---- C:\Program Files (x86)\Opera
2014-11-06 18:38:11 ----D---- C:\Windows
2014-11-06 18:38:11 ----A---- C:\windows\system.ini
2014-11-06 18:37:13 ----D---- C:\windows\system32\drivers\etc
2014-11-06 18:20:05 ----D---- C:\Program Files (x86)
2014-11-06 18:12:16 ----D---- C:\windows\SYSWOW64\drivers
2014-11-06 18:12:16 ----D---- C:\windows\AppPatch
2014-11-06 18:12:15 ----D---- C:\Program Files (x86)\Common Files
2014-11-06 18:05:38 ----D---- C:\windows\system32\drivers
2014-11-05 13:20:58 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-05 13:09:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-02 10:15:10 ----D---- C:\windows\Tasks
2014-10-30 14:19:09 ----D---- C:\windows\Panther
2014-10-30 14:19:06 ----D---- C:\windows\Minidump
2014-10-30 14:19:06 ----D---- C:\windows\Logs
2014-10-30 14:19:06 ----D---- C:\windows\debug
2014-10-28 06:34:58 ----N---- C:\windows\system32\MpSigStub.exe
2014-10-27 21:04:38 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-10-27 20:30:06 ----D---- C:\Users\Zuzka\AppData\Roaming\Opera Software
2014-10-27 14:42:40 ----D---- C:\windows\system32\DriverStore
2014-10-27 14:36:25 ----D---- C:\ProgramData\AVAST Software
2014-10-27 14:31:52 ----HD---- C:\ProgramData\ArcSoft
2014-10-27 14:31:51 ----D---- C:\Users\Zuzka\AppData\Roaming\ArcSoft
2014-10-27 14:27:51 ----D---- C:\ProgramData\WinZip
2014-10-27 14:05:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-27 14:04:32 ----D---- C:\swsetup
2014-10-27 14:04:27 ----A---- C:\windows\system32\RTNUninst64.dll
2014-10-27 13:54:54 ----D---- C:\Program Files (x86)\Atheros
2014-10-27 13:52:51 ----D---- C:\windows\system32\zh-TW
2014-10-27 13:52:51 ----D---- C:\windows\system32\zh-CN
2014-10-27 13:52:50 ----D---- C:\windows\system32\tr-TR
2014-10-27 13:52:50 ----D---- C:\windows\system32\sv-SE
2014-10-27 13:52:50 ----D---- C:\windows\system32\ru-RU
2014-10-27 13:52:50 ----D---- C:\windows\system32\pt-PT
2014-10-27 13:52:50 ----D---- C:\windows\system32\pl-PL
2014-10-27 13:52:50 ----D---- C:\windows\system32\nn-NO
2014-10-27 13:52:50 ----D---- C:\windows\system32\nl-NL
2014-10-27 13:52:50 ----D---- C:\windows\system32\ko-KR
2014-10-27 13:52:49 ----D---- C:\windows\system32\ja-JP
2014-10-27 13:52:49 ----D---- C:\windows\system32\it-IT
2014-10-27 13:52:49 ----D---- C:\windows\system32\hu-HU
2014-10-27 13:52:49 ----D---- C:\windows\system32\fr-FR
2014-10-27 13:52:49 ----D---- C:\windows\system32\fi-FI
2014-10-27 13:52:49 ----D---- C:\windows\system32\es-ES
2014-10-27 13:52:49 ----D---- C:\windows\system32\en-US
2014-10-27 13:52:49 ----D---- C:\windows\system32\el-GR
2014-10-27 13:52:49 ----D---- C:\windows\system32\de-DE
2014-10-27 13:52:49 ----D---- C:\windows\system32\da-DK
2014-10-27 13:52:49 ----D---- C:\windows\system32\cs-CZ
2014-10-27 13:43:43 ----D---- C:\Users\Zuzka\AppData\Roaming\Seznam.cz
2014-10-27 13:41:20 ----SD---- C:\ProgramData\Microsoft
2014-10-27 13:41:20 ----D---- C:\Program Files (x86)\Microsoft
2014-10-21 16:03:57 ----D---- C:\ProgramData\Skype
2014-10-21 16:03:54 ----RD---- C:\Program Files (x86)\Skype
2014-10-20 08:34:24 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 13:21:36 ----D---- C:\windows\rescache
2014-10-16 12:34:12 ----D---- C:\windows\Microsoft.NET
2014-10-16 08:33:57 ----D---- C:\windows\system32\catroot2
2014-10-16 08:32:18 ----D---- C:\windows\winsxs
2014-10-16 08:28:19 ----D---- C:\windows\SYSWOW64\Dism
2014-10-16 08:28:19 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-10-16 08:28:19 ----D---- C:\Program Files\Windows Media Player
2014-10-16 08:28:19 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 08:28:17 ----D---- C:\windows\system32\Dism
2014-10-16 08:28:15 ----D---- C:\windows\system32\CodeIntegrity
2014-10-16 08:28:15 ----D---- C:\windows\system32\Boot
2014-10-16 08:28:14 ----SD---- C:\windows\system32\CompatTel
2014-10-16 08:28:13 ----D---- C:\windows\SYSWOW64\en-US
2014-10-16 08:28:13 ----D---- C:\Program Files\Internet Explorer
2014-10-16 08:28:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 22:03:20 ----A---- C:\windows\win.ini
2014-10-15 22:01:52 ----D---- C:\windows\system32\MRT
2014-10-15 21:56:48 ----A---- C:\windows\system32\MRT.exe
2014-10-15 16:36:14 ----D---- C:\windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-02-28 29976]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-02-28 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-28 9319424]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-28 303616]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-01-06 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-01-06 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-01-06 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-01-06 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-01-06 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-01-06 154272]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-01-06 279200]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2014-06-18 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 pppop;PPPoP WAN Adapter; C:\windows\system32\DRIVERS\pppop64.sys [2009-07-21 42528]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2014-10-27 708200]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-12-21 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2014-06-26 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-06-18 524016]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2014-06-26 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-28 203264]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-06 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-06 53920]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-02-28 31000]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-06-26 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-21 3154224]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-27 267440]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-03 464480]
S3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-01 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-02-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[zuzijas]

A ještě mi to vyhodilo tohle:

info.txt logfile of random's system information tool 1.10 2014-11-07 16:41:33

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AA1FED89F000080202100075E38260008000000600900005E392607FEFFFF006809000088BD4700FEFFFF07FEFFFF00F0C64700781E0200FEFFFF0CFEFFFF0068E5490010A00055AA

======Uninstall list======

-->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Habbo Hotel\Uninstall.exe"
-->"C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe"
Adobe Flash Player 15 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -maintain activex
Adobe Flash Player 15 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.09) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
ArcSoft TotalMedia-->MsiExec.exe /I{4114A073-7385-4742-8A5E-A5788FAC838F}
ArcSoft TotalMedia-->MsiExec.exe /X {4114A073-7385-4742-8A5E-A5788FAC838F}
ArcSoft Webcam Sharing Manager-->MsiExec.exe /X{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
ATI Catalyst Install Manager-->msiexec /q/x{63E42DE7-C468-31B0-E373-173C67C87B88} REBOOT=ReallySuppress
Bing Rewards Client Installer-->MsiExec.exe /X{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}
Bluetooth Win7 Suite (64)-->MsiExec.exe /X{230D1595-57DA-4933-8C4E-375797EBB7E1}
Catalyst Control Center - Branding-->MsiExec.exe /I{737DCE46-824C-40BA-8776-81D9D1DB04AB}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
Drive Encryption For HP ProtectTools-->MsiExec.exe /X{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
ESET Smart Security-->MsiExec.exe /I{443D1D0A-17E5-4F61-8074-8801BDB430CC}
Face Recognition for HP ProtectTools-->MsiExec.exe /X{D3A775F2-2674-4452-8D80-1FC1446052EE}
File Sanitizer For HP ProtectTools-->MsiExec.exe /I{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
HP 3D DriveGuard-->MsiExec.exe /X{FB8294A0-6FBB-4B8A-BE22-3279416A463D}
HP Auto-->MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
HP Connection Manager-->MsiExec.exe /X{4B21E4B2-89B8-499D-803A-34ABF929401E}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP DayStarter-->MsiExec.exe /X{94E6981F-ECB3-4458-8EFC-0E96BC540E9D}
HP Documentation-->MsiExec.exe /X{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}
HP ESU for Microsoft Windows 7-->MsiExec.exe /X{840021F2-FFC0-467A-BF85-29B8B7803717}
HP HotKey Support-->MsiExec.exe /X{7D1C63D1-6520-49DA-B738-958133526E80}
HP Power Assistant-->MsiExec.exe /X{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}
HP ProtectTools Security Manager-->c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\setup.exe
HP ProtectTools Security Manager-->MsiExec.exe /X{422BA615-2133-4DC0-8673-09C8CC7557F2}
HP QuickWeb-->MsiExec.exe /X{20976B1F-E910-404D-9261-C16EE7E12DC8}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}\setup.exe" -l0x9 -removeonly
HP SoftPaq Download Manager-->MsiExec.exe /I{FE465061-894A-4023-8580-56FCDD4F23F9}
HP Software Framework-->MsiExec.exe /X{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}
HP Software Setup-->MsiExec.exe /X{531000B3-DBEE-4115-BBF3-DA48B67C053F}
HP System Default Settings-->MsiExec.exe /X{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}
HP Wallpaper-->MsiExec.exe /I{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}
HP Webcam Driver-->C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0005 -removeonly
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
Intel(R) Display Audio Driver-->C:\Program Files (x86)\Intel\Intel(R) Display Audio Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Microsoft .NET Framework 4.5.1-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Access MUI (Czech) 2013-->MsiExec.exe /X{90150000-0015-0405-0000-0000000FF1CE}
Microsoft DCF MUI (Czech) 2013-->MsiExec.exe /X{90150000-0090-0405-0000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2013-->MsiExec.exe /X{90150000-0016-0405-0000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2013-->MsiExec.exe /X{90150000-00BA-0405-0000-0000000FF1CE}
Microsoft InfoPath MUI (Czech) 2013-->MsiExec.exe /X{90150000-0044-0405-0000-0000000FF1CE}
Microsoft Lync MUI (Czech) 2013-->MsiExec.exe /X{90150000-012B-0405-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2013 - Deutsch-->MsiExec.exe /X{90150000-001F-0407-0000-0000000FF1CE}
Microsoft Office Language Pack 2013 - Czech/čeština-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" /uninstall OMUI.CS-CZ /dll OSETUP.DLL
Microsoft Office O MUI (Czech) 2013-->MsiExec.exe /X{90150000-0100-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E1-0405-0000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E2-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2013-->MsiExec.exe /X{90150000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Proofing Tools 2013 - English-->MsiExec.exe /X{90150000-001F-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2013-->MsiExec.exe /X{90150000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2013-->MsiExec.exe /X{90150000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2013-->MsiExec.exe /X{90150000-00A1-0405-0000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2013-->MsiExec.exe /X{90150000-001A-0405-0000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2013-->MsiExec.exe /X{90150000-0018-0405-0000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2013-->MsiExec.exe /X{90150000-0019-0405-0000-0000000FF1CE}
Microsoft SharePoint Designer MUI (Czech) 2013-->MsiExec.exe /X{90150000-0017-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Word MUI (Czech) 2013-->MsiExec.exe /X{90150000-001B-0405-0000-0000000FF1CE}
Microsoft X MUI (Czech) 2013-->MsiExec.exe /X{90150000-0101-0405-0000-0000000FF1CE}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{DF2035BE-5820-4965-BD97-7FAF8D4A7879}
Mozilla Firefox 33.0.2 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština-->MsiExec.exe /X{90150000-001F-0405-0000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina-->MsiExec.exe /X{90150000-001F-041B-0000-0000000FF1CE}
Opera Stable 25.0.1614.68-->"C:\Program Files (x86)\Opera\Launcher.exe" /uninstall
Privacy Manager for HP ProtectTools-->MsiExec.exe /I{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}
Qualcomm Atheros Driver Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe" -runfromtemp -removeonly
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\Setup.exe -runfromtemp -removeonly
SDK-->"C:\Program Files (x86)\InstallShield Installation Information\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}\setup.exe" -runfromtemp -l0x0009
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7DFD2B8-0CD1-4A51-AC71-A0582FE796C2}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2883031) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D7B70F51-6A18-448B-9342-074F15BC42E4}
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C069DBBB-0547-4405-B9C8-38123FCD9CE0}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2883032) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1C83EC92-7D38-4BDA-ADDC-5429030FDB0C}
Security Update for Microsoft SharePoint Designer 2013 (KB2752096) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0017-0405-0000-0000000FF1CE}" "{B8F63C4C-4BF2-47EA-8C00-BB83C4D0FA26}" "1029" "0"
Security Update for Microsoft SharePoint Designer 2013 (KB2863836) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0017-0405-0000-0000000FF1CE}" "{7783C0FE-91D3-44A5-ABB6-2A5CBDACDA0D}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0015-0405-0000-0000000FF1CE}" "{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-0000-0000000FF1CE}" "{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0017-0405-0000-0000000FF1CE}" "{32C729F4-B6A0-41C9-A257-BDFA632FBED0}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-0000-0000000FF1CE}" "{0A504FDF-F8F7-4792-9360-1F45E38F005D}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-0000-0000000FF1CE}" "{55A588B8-2D30-4B60-AB09-5DB57C592B81}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-0000-0000000FF1CE}" "{1F79A96A-2A70-45B3-8A5C-79DA61952879}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0044-0405-0000-0000000FF1CE}" "{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-0000-0000000FF1CE}" "{DBBAB83F-8D50-4AFB-B0FF-8B90CA68B215}" "1029" "0"
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-0000-0000000FF1CE}" "{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}" "1029" "0"
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 6.21-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Theft Recovery for HP ProtectTools-->"C:\Program Files (x86)\InstallShield Installation Information\{ADC70B7A-530B-46E3-8384-48D22681A41E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Theft Recovery for HP ProtectTools-->MsiExec.exe /X{ADC70B7A-530B-46E3-8384-48D22681A41E}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-0000-0000000FF1CE}" "{689703D1-CC80-420B-92BD-4DA9D0CA19DE}" "1029" "0"
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-0000-0000000FF1CE}" "{689703D1-CC80-420B-92BD-4DA9D0CA19DE}" "1029" "0"
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-0000-0000000FF1CE}" "{689703D1-CC80-420B-92BD-4DA9D0CA19DE}" "1029" "0"
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-0000-0000000FF1CE}" "{0C2BC03F-DE92-4866-874F-14149A6E5B60}" "1029" "0"
Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-0000-0000000FF1CE}" "{5739A229-D2C6-4579-A21F-B7AFD1834DFD}" "1029" "0"
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0100-0405-0000-0000000FF1CE}" "{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}" "1029" "0"
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0100-0405-0000-0000000FF1CE}" "{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}" "1029" "0"
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-0000-0000000FF1CE}" "{5D6439FF-D651-4B13-B52E-2508AB9DE19D}" "1029" "0"
Update for Microsoft Office 2013 (KB2881004) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-0000-0000000FF1CE}" "{E30FBD0C-8EDB-4233-9B65-58FEA0C9A5BA}" "1029" "0"
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0016-0405-0000-0000000FF1CE}" "{01B80B63-C638-4004-9148-75B8C8518B1E}" "1029" "0"
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0090-0405-0000-0000000FF1CE}" "{01B80B63-C638-4004-9148-75B8C8518B1E}" "1029" "0"
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0405-0000-0000000FF1CE}" "{61605D38-5965-481D-A110-F134B1769B18}" "1029" "0"
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0407-0000-0000000FF1CE}" "{0F5FFEB6-2F66-4592-8A34-CC85FF318951}" "1029" "0"
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-0409-0000-0000000FF1CE}" "{DA288EB3-648C-433C-88AC-71AEAAFAACF7}" "1029" "0"
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001F-041B-0000-0000000FF1CE}" "{B11F8088-B2D8-4A5A-B538-B7A8C9FDDAE6}" "1029" "0"
Update for Microsoft Office 2013 (KB2889927) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-0000-0000000FF1CE}" "{8C5E45EF-C212-4DE2-AFEA-DA09B4E88FFB}" "1029" "0"
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {23AE87D8-AB2F-4539-935C-442BC976F469}
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-002A-0405-1000-0000000FF1CE}" "{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00BA-0405-0000-0000000FF1CE}" "{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}" "1029" "0"
Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-00A1-0405-0000-0000000FF1CE}" "{BB860F2F-62A2-496D-8780-5A18B48F206A}" "1029" "0"
Update for Microsoft Outlook 2013 (KB2986204) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-0000-0000000FF1CE}" "{8C0211A0-1712-42C2-9F2B-D0356D437D02}" "1029" "0"
Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0018-0405-0000-0000000FF1CE}" "{F080A0ED-070F-4E33-833F-CF893968E6A8}" "1029" "0"
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-0019-0405-0000-0000000FF1CE}" "{7500AD77-83C6-400B-8B2F-F8E401A7B697}" "1029" "0"
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-006E-0405-0000-0000000FF1CE}" "{25C61889-2E44-4BE1-9E96-9364BFDCF501}" "1029" "0"
Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001A-0405-0000-0000000FF1CE}" "{549B6392-4113-45E8-908F-DBC9C13EEFF3}" "1029" "0"
Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-001B-0405-0000-0000000FF1CE}" "{549B6392-4113-45E8-908F-DBC9C13EEFF3}" "1029" "0"
Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Oarpmany.exe" /removereleaseinpatch "{90150000-012B-0405-0000-0000000FF1CE}" "{549B6392-4113-45E8-908F-DBC9C13EEFF3}" "1029" "0"
Validity Fingerprint Sensor Driver-->MsiExec.exe /X{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{02C0A02E-AB30-446C-B4C3-A03310D95F53}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0A455897-C606-4958-AD34-6DF0430D184B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6B318C80-7BE4-4D79-9F53-4290958EA984}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
WinRAR 5.00 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}
Xobni Core-->MsiExec.exe /I{8DC069E7-893C-41E1-9442-DE89FEC33371}
Zoner Photo Studio 16-->"C:\Program Files\Zoner\Photo Studio 16\unins000.exe"

======System event log======

Computer Name: Zuzka-HP
Event Code: 19
Message: Instalace dokončena: Instalování následující aktualizace bylo dokončeno úspěšně. Aktualizace zabezpečení systému Windows 7 pro systémy na platformě x64 (KB2926765)
Record Number: 42567
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20140515101144.571334-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Zuzka-HP
Event Code: 7036
Message: Stav služby Služba Google Update (gupdate) byl změněn na: Spuštěno
Record Number: 42566
Source Name: Service Control Manager
Time Written: 20140515101136.993900-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 42565
Source Name: Service Control Manager
Time Written: 20140515101125.532245-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 7036
Message: Stav služby Telefonní subsystém byl změněn na: Spuštěno
Record Number: 42564
Source Name: Service Control Manager
Time Written: 20140515101111.249778-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 7036
Message: Stav služby HP Connection Manager 4 Service byl změněn na: Spuštěno
Record Number: 42563
Source Name: Service Control Manager
Time Written: 20140515101108.363773-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Zuzka-HP
Event Code: 102
Message: WinMail (4724) WindowsMail0: Databázový stroj (6.01.7600.0000) spustil novou instanci (0).
Record Number: 1846
Source Name: ESENT
Time Written: 20140211150128.000000-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 8194
Message: Bod obnovení byl úspěšně vytvořen (Proces = C:\windows\system32\wbem\wmiprvse.exe; Popis = Initial Restore Point).
Record Number: 1845
Source Name: System Restore
Time Written: 20140211150111.000000-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 8196
Message: Obnovení systému bylo povoleno (Proces = C:\windows\system32\wbem\wmiprvse.exe; Svazek = ).
Record Number: 1844
Source Name: System Restore
Time Written: 20140211150054.000000-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 8195
Message: Obnovení systému bylo zakázáno (Proces = C:\windows\system32\wbem\wmiprvse.exe; Svazek = ).
Record Number: 1843
Source Name: System Restore
Time Written: 20140211150053.000000-000
Event Type: Informace
User:

Computer Name: Zuzka-HP
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.

Record Number: 1842
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20140211150047.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Zuzka-HP
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ZUZKA-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\cs-CZ\ServiceModelEvents.dll.mui
ID popisovače: 0x1c

Informace o procesu:
ID procesu: 0xfb4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 5995
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140217074236.355405-000
Event Type: Úspěšný audit
User:

Computer Name: Zuzka-HP
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ZUZKA-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\cs-CZ\ServiceModelInstallRC.dll.mui
ID popisovače: 0x1c

Informace o procesu:
ID procesu: 0xfb4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 5994
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140217074236.355405-000
Event Type: Úspěšný audit
User:

Computer Name: Zuzka-HP
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ZUZKA-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\cs\ServiceModelReg.resources.dll
ID popisovače: 0x1c

Informace o procesu:
ID procesu: 0xfb4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 5993
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140217074236.339805-000
Event Type: Úspěšný audit
User:

Computer Name: Zuzka-HP
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ZUZKA-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\cs\SMDiagnostics.resources.dll
ID popisovače: 0x1c

Informace o procesu:
ID procesu: 0xfb4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 5992
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140217074236.308605-000
Event Type: Úspěšný audit
User:

Computer Name: Zuzka-HP
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ZUZKA-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\cs\Microsoft.Transactions.Bridge.Resources.dll
ID popisovače: 0x1c

Informace o procesu:
ID procesu: 0xfb4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 5991
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140217074236.293005-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"OnlineServices"=Online Services
"Platform"=BNB
"PCBRAND"=s
"PTSMInstallPath_X86"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

[Roli]

Můžu vidět i log z ComboFix který sis tam včera jen tak spustila ?

[zuzijas]

tady je, ale musela jsem ho udělat znovu, včera mi nenaběhl právě:

ComboFix 14-11-03.01 - Zuzka 07.11.2014 21:08:30.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2160 [GMT 1:00]
Spuštěný z: c:\users\Zuzka\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Zuzka\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
---- Předchozí spuštění -------
.
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Zuzka\AppData\Local\TempDIR\cacert.cer
c:\users\Zuzka\AppData\Local\TempDIR\cacert2.cer
c:\users\Zuzka\AppData\Local\TempDIR\izumeduroam.cer
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-07 do 2014-11-07 )))))))))))))))))))))))))))))))
.
.
2014-11-07 20:26 . 2014-11-07 20:26 -------- d-----w- c:\users\Zuzka\AppData\Local\AviraSpeedup
2014-11-07 20:21 . 2014-11-07 20:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\users\Zuzka\AppData\Roaming\Check Point Software Technologies LTD
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\program files (x86)\CheckPoint
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\programdata\CheckPoint
2014-11-07 16:35 . 2014-11-07 16:35 -------- d-----w- c:\users\Zuzka\AppData\Roaming\Avira
2014-11-07 16:28 . 2014-10-22 15:33 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-11-07 16:28 . 2014-10-22 15:33 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-11-07 16:28 . 2014-10-22 15:33 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-11-07 16:26 . 2014-11-07 20:06 -------- d-----w- c:\program files (x86)\Avira
2014-11-07 16:26 . 2014-11-07 16:28 -------- d-----w- c:\programdata\Avira
2014-11-07 16:26 . 2014-11-07 16:26 -------- d-----w- c:\programdata\Package Cache
2014-11-07 15:41 . 2014-11-07 15:41 -------- d-----w- C:\rsit
2014-11-07 15:41 . 2014-11-07 15:41 -------- d-----w- c:\program files\trend micro
2014-11-04 14:25 . 2014-11-04 14:25 -------- d-----w- c:\users\Zuzka\AppData\Roaming\IDT
2014-11-02 08:26 . 2014-11-02 09:15 -------- d-----w- c:\program files (x86)\Google
2014-10-27 19:50 . 2014-10-27 19:50 -------- d-----w- c:\program files\CCleaner
2014-10-27 13:43 . 2014-10-27 13:43 -------- d-----w- c:\users\Zuzka\AppData\Local\ESET
2014-10-27 13:30 . 2014-10-27 13:30 -------- d-----w- c:\users\Zuzka\AppData\Local\ArcSoft
2014-10-27 13:23 . 2014-10-27 13:23 -------- d-sh--w- c:\users\Zuzka\AppData\Local\EmieUserList
2014-10-27 13:23 . 2014-10-27 13:23 -------- d-sh--w- c:\users\Zuzka\AppData\Local\EmieSiteList
2014-10-27 13:05 . 2014-10-27 13:04 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-10-27 13:05 . 2014-10-27 13:04 708200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-10-27 13:05 . 2014-10-27 13:05 -------- d-----w- c:\program files (x86)\Realtek
2014-10-27 12:53 . 2012-12-20 20:24 3837440 ----a-w- c:\windows\system32\drivers\athrx.sys
2014-10-27 12:52 . 2012-12-27 04:05 439296 ----a-w- c:\windows\system32\athihvs.dll
2014-10-27 12:52 . 2014-10-27 12:54 -------- d-----w- c:\programdata\Qualcomm Atheros
2014-10-22 17:14 . 2014-10-27 12:45 -------- d-----w- c:\users\Zuzka\AppData\Roaming\uTorrent
2014-10-21 15:00 . 2014-10-21 15:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-15 15:50 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-15 15:40 . 2014-10-10 02:05 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-15 15:39 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-15 15:36 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-10-15 15:36 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-10 07:59 . 2014-10-10 07:59 44632 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-28 05:34 . 2014-02-11 15:37 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-27 20:04 . 2014-02-11 15:33 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-27 20:04 . 2014-02-11 15:33 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-27 13:04 . 2011-05-10 20:35 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-10-15 20:56 . 2014-05-22 11:28 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-14 19:59 . 2014-11-07 14:17 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D4D43D0E-0C6C-4FA8-877F-AF9ADF380982}\mpengine.dll
2014-09-25 02:08 . 2014-10-01 08:45 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 08:45 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-24 12:46 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 12:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-05 20:33 . 2010-06-24 18:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 18:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:23 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-23 6501656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-10-22 703736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AviraSpeedup"="c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" [2014-11-07 5085416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 pppop;PPPoP WAN Adapter;c:\windows\system32\DRIVERS\pppop64.sys;c:\windows\SYSNATIVE\DRIVERS\pppop64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11 20:04]
.
2014-10-19 c:\windows\Tasks\HPCeeScheduleForZUZKA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
2014-11-07 c:\windows\Tasks\HPCeeScheduleForZuzka.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-06 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-06 379040]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-02-09 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-06-26 1664000]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=5489ec858b614f05b0830db587f7aeae&tu=10G9y00Gn2D33N0&sku=&tstsId=&ver=&
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.235.230.114 212.235.170.162
FF - ProfilePath - c:\users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\ovqz65j0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-11-07 21:38:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-07 20:38
.
Před spuštěním: Volných bajtů: 436 686 909 440
Po spuštění: Volných bajtů: 436 583 260 160
.
- - End Of File - - CBF93D30E334149E140C5439BAE61A3A

[Roli]

Pokud jsi tak ještě neučinila, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[zuzijas]

Děkuji, tady je další log:

ComboFix 14-11-03.01 - Zuzka 09.11.2014 15:01:52.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2351 [GMT 1:00]
Spuštěný z: c:\users\Zuzka\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Zuzka\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-09 do 2014-11-09 )))))))))))))))))))))))))))))))
.
.
2014-11-09 14:12 . 2014-11-09 14:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-07 20:26 . 2014-11-08 09:06 -------- d-----w- c:\users\Zuzka\AppData\Local\AviraSpeedup
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\users\Zuzka\AppData\Roaming\Check Point Software Technologies LTD
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\program files (x86)\CheckPoint
2014-11-07 16:54 . 2014-11-07 16:54 -------- d-----w- c:\programdata\CheckPoint
2014-11-07 16:35 . 2014-11-07 16:35 -------- d-----w- c:\users\Zuzka\AppData\Roaming\Avira
2014-11-07 16:28 . 2014-10-22 15:33 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-11-07 16:28 . 2014-10-22 15:33 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-11-07 16:28 . 2014-10-22 15:33 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-11-07 16:26 . 2014-11-07 20:06 -------- d-----w- c:\program files (x86)\Avira
2014-11-07 16:26 . 2014-11-07 16:28 -------- d-----w- c:\programdata\Avira
2014-11-07 16:26 . 2014-11-07 16:26 -------- d-----w- c:\programdata\Package Cache
2014-11-07 15:41 . 2014-11-07 15:41 -------- d-----w- C:\rsit
2014-11-07 15:41 . 2014-11-07 15:41 -------- d-----w- c:\program files\trend micro
2014-11-07 14:17 . 2014-10-14 19:59 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D4D43D0E-0C6C-4FA8-877F-AF9ADF380982}\mpengine.dll
2014-11-04 14:25 . 2014-11-04 14:25 -------- d-----w- c:\users\Zuzka\AppData\Roaming\IDT
2014-11-02 08:26 . 2014-11-02 09:15 -------- d-----w- c:\program files (x86)\Google
2014-10-27 19:50 . 2014-10-27 19:50 -------- d-----w- c:\program files\CCleaner
2014-10-27 13:43 . 2014-10-27 13:43 -------- d-----w- c:\users\Zuzka\AppData\Local\ESET
2014-10-27 13:30 . 2014-10-27 13:30 -------- d-----w- c:\users\Zuzka\AppData\Local\ArcSoft
2014-10-27 13:23 . 2014-10-27 13:23 -------- d-sh--w- c:\users\Zuzka\AppData\Local\EmieUserList
2014-10-27 13:23 . 2014-10-27 13:23 -------- d-sh--w- c:\users\Zuzka\AppData\Local\EmieSiteList
2014-10-27 13:05 . 2014-10-27 13:04 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-10-27 13:05 . 2014-10-27 13:04 708200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-10-27 13:05 . 2014-10-27 13:05 -------- d-----w- c:\program files (x86)\Realtek
2014-10-27 12:53 . 2012-12-20 20:24 3837440 ----a-w- c:\windows\system32\drivers\athrx.sys
2014-10-27 12:52 . 2012-12-27 04:05 439296 ----a-w- c:\windows\system32\athihvs.dll
2014-10-27 12:52 . 2014-10-27 12:54 -------- d-----w- c:\programdata\Qualcomm Atheros
2014-10-22 17:14 . 2014-10-27 12:45 -------- d-----w- c:\users\Zuzka\AppData\Roaming\uTorrent
2014-10-21 15:00 . 2014-10-21 15:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-15 15:50 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-15 15:40 . 2014-10-10 02:05 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-15 15:39 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-15 15:36 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-10-15 15:36 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-28 05:34 . 2014-02-11 15:37 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-27 20:04 . 2014-02-11 15:33 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-27 20:04 . 2014-02-11 15:33 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-27 13:04 . 2011-05-10 20:35 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-10-15 20:56 . 2014-05-22 11:28 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-10 07:59 . 2014-10-10 07:59 44632 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2014-09-25 02:08 . 2014-10-01 08:45 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 08:45 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-24 12:46 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 12:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-05 20:33 . 2010-06-24 18:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 18:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:23 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-23 6501656]
"AviraSpeedup"="c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" [2014-11-08 5395192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-10-22 703736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AviraSpeedup"="c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" [2014-11-08 5395192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 pppop;PPPoP WAN Adapter;c:\windows\system32\DRIVERS\pppop64.sys;c:\windows\SYSNATIVE\DRIVERS\pppop64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11 20:04]
.
2014-10-19 c:\windows\Tasks\HPCeeScheduleForZUZKA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
2014-11-07 c:\windows\Tasks\HPCeeScheduleForZuzka.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-06 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-06 379040]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-02-09 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-06-26 1664000]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=5489ec858b614f05b0830db587f7aeae&tu=10G9y00Gn2D33N0&sku=&tstsId=&ver=&
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.235.230.114 212.235.170.162
FF - ProfilePath - c:\users\Zuzka\AppData\Roaming\Mozilla\Firefox\Profiles\ovqz65j0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-11-09 15:29:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-09 14:29
ComboFix2.txt 2014-11-07 20:38
.
Před spuštěním: Volných bajtů: 436 101 201 920
Po spuštění: Volných bajtů: 435 822 993 408
.
- - End Of File - - 1DB18A69D22B0D69260E953AC1DDA394

[Roli]

Šikulka

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.


P.S. Eset asi již nepoužíváš že ?

[zuzijas]

Díky. Počítač je opravdu daleko svižnější, ale opera mi pořád nejede . Zkoušela jsem to celé přeinstalovat a poté to chvilku jelo, ale teď už zase ne.

PS: Eset už nepoužívám.

[zuzijas]

Teď jsem si uvědomila, že před spuštěním opery jsem zapomněla zapnout antivir, ale nevím jestli to může mít tak radikální vliv . Hned potom jsem jej zapnula.

[Roli]

Díky. Počítač je opravdu daleko svižnější, ale opera mi pořád nejede . Zkoušela jsem to celé přeinstalovat a poté to chvilku jelo, ale teď už zase ne.

Zkus jí spustit s vypnutým antivirem.

PS: Eset už nepoužívám.

Tak po něm uklidíme.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
c:\users\Zuzka\AppData\Local\ESET

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

[zuzijas]

Bohužel jsem nějak nestihla zkopírovat obsah z toho pravého okna programu, tady je log který mi to vyhodilo po restartu:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
c:\users\Zuzka\AppData\Local\ESET\ESET Smart Security\Quarantine folder moved successfully.
c:\users\Zuzka\AppData\Local\ESET\ESET Smart Security folder moved successfully.
c:\users\Zuzka\AppData\Local\ESET folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Zuzka
->Temp folder emptied: 15762114 bytes
->Temporary Internet Files folder emptied: 87343426 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 369664902 bytes
->Flash cache emptied: 1830 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 2861056 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9366131 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 11633336 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43268683 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 515,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11122014_231136

Files moved on Reboot...
C:\Users\Zuzka\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\WT424.tmp moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\WT51F.tmp moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\WT5475.tmp moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\WT5570.tmp moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\WTB901.tmp moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\WTBDD3.tmp moved successfully.
C:\Users\Zuzka\AppData\Local\Temp\~DFD50FDC3EBF2FA107.TMP moved successfully.
C:\Users\Zuzka\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
File C:\windows\temp\ZLT063f8.TMP not found!
File move failed. C:\windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Roli]

Bohužel jsem nějak nestihla zkopírovat obsah z toho pravého okna

Takhle je to v pořádku

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Co ta Opera, jede s vypnutým antivirem ?

[zuzijas]

Provedeno . Ale Opera pořád nejede. Možná zkusím napsat na fórum Opery..