Pomalé připojení

[Georg.H]

Zdravím pánové.
Už delší dobou se potýkám s pomalým internetem a zároveň s počítačem.
Spadla mi rychlost připojení. Na PC mám bezdrátové připojení,načítaní stránek je hrozně pomalé.
Některé se ani nenačtou. Videa to same.
Kompík sem čistil přes aplikaci od ESET, našel ca 42 problémů. Ale moc se to nezlepšilo.
Providerem chyba nebude bo s noteb. je rychlost dobrá.
Už nevím kudy tudy
Zde je log.

Předem děkují za pomoc.
J.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Georg at 2015-03-31 14:40:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (10%) free of 35 GB
Total RAM: 2047 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:30, on 31.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Glary Utilities 5\Integrator.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\downol\RSIT.exe
C:\Program Files\trend micro\Georg.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Georg\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Georg\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Georg\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Georg\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7865 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GlaryInitialize 5.job - C:\Program Files\Glary Utilities 5\Initialize.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Wise Care 365 PC Checkup Task.job - C:\Program Files\Wise\Wise Care 365\WiseCare365.exe -c
C:\Windows\tasks\Wise Care 365.job - C:\Program Files\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\searchplugins\
buenosearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files\Glary Utilities 5\StartupManager.exe [2015-03-16 37152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3]
C:\Program Files\AirDroid\AirDroid.exe [2014-12-19 11012608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Georg\AppData\Roaming\ICQM\icq.exe [2014-03-26 33664344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-31 14:23:45 ----D---- C:\rsit
2015-03-31 14:23:45 ----D---- C:\Program Files\trend micro
2015-03-30 18:50:48 ----D---- C:\Program Files\ESET
2015-03-29 21:10:03 ----A---- C:\Windows\system32\sdnclean.exe
2015-03-25 19:32:31 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2015-03-25 19:32:27 ----D---- C:\Users\Georg\AppData\Roaming\DiskDefrag
2015-03-25 19:32:26 ----D---- C:\Users\Georg\AppData\Roaming\GlarySoft
2015-03-25 19:31:16 ----D---- C:\Program Files\Glary Utilities 5
2015-03-19 20:07:40 ----D---- C:\Program Files\Trusteer
2015-03-19 20:04:45 ----D---- C:\ProgramData\Trusteer
2015-03-15 22:32:03 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-03-13 19:33:48 ----A---- C:\Windows\WiseHDInfo32.dll
2015-03-13 19:33:47 ----A---- C:\Windows\WiseTDIFw.sys
2015-03-12 19:10:04 ----A---- C:\Windows\system32\schannel.dll
2015-03-12 19:10:04 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-12 19:10:04 ----A---- C:\Windows\system32\kerberos.dll
2015-03-12 19:10:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-12 19:10:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-12 19:10:03 ----A---- C:\Windows\system32\wdigest.dll
2015-03-12 19:10:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-12 19:10:03 ----A---- C:\Windows\system32\sspicli.dll
2015-03-12 19:10:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-12 19:10:03 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-12 19:10:03 ----A---- C:\Windows\system32\lsass.exe
2015-03-12 19:10:03 ----A---- C:\Windows\system32\auditpol.exe
2015-03-12 19:10:02 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-12 19:10:02 ----A---- C:\Windows\system32\secur32.dll
2015-03-12 19:10:02 ----A---- C:\Windows\system32\msobjs.dll
2015-03-12 19:10:02 ----A---- C:\Windows\system32\msaudite.dll
2015-03-12 19:10:02 ----A---- C:\Windows\system32\credssp.dll
2015-03-12 19:10:02 ----A---- C:\Windows\system32\adtschema.dll
2015-03-12 19:09:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-12 19:09:43 ----A---- C:\Windows\system32\msctf.dll
2015-03-12 19:09:41 ----A---- C:\Windows\system32\shell32.dll
2015-03-12 19:09:37 ----A---- C:\Windows\system32\win32k.sys
2015-03-12 19:09:23 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-12 19:09:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-12 19:09:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-12 19:09:21 ----A---- C:\Windows\system32\iernonce.dll
2015-03-12 19:09:21 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-12 19:09:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-12 19:09:19 ----A---- C:\Windows\system32\urlmon.dll
2015-03-12 19:09:19 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-12 19:09:19 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-12 19:09:17 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-12 19:09:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-12 19:09:16 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-12 19:09:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-12 19:09:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-12 19:09:11 ----A---- C:\Windows\system32\msrating.dll
2015-03-12 19:09:10 ----A---- C:\Windows\system32\iesetup.dll
2015-03-12 19:09:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-12 19:09:07 ----A---- C:\Windows\system32\wininet.dll
2015-03-12 19:09:05 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-12 19:09:04 ----A---- C:\Windows\system32\ieui.dll
2015-03-12 19:09:03 ----A---- C:\Windows\system32\ieframe.dll
2015-03-12 19:08:59 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-12 19:08:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-12 19:08:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-12 19:08:57 ----A---- C:\Windows\system32\iertutil.dll
2015-03-12 19:08:51 ----A---- C:\Windows\system32\mshtml.dll
2015-03-12 19:08:47 ----A---- C:\Windows\system32\vbscript.dll
2015-03-12 19:08:42 ----A---- C:\Windows\system32\jscript9.dll
2015-03-12 19:05:54 ----A---- C:\Windows\system32\ubpm.dll
2015-03-12 19:05:52 ----A---- C:\Windows\system32\atmfd.dll
2015-03-12 19:05:51 ----A---- C:\Windows\system32\lpk.dll
2015-03-12 19:05:51 ----A---- C:\Windows\system32\dciman32.dll
2015-03-12 19:05:51 ----A---- C:\Windows\system32\atmlib.dll
2015-03-12 19:05:50 ----A---- C:\Windows\system32\fontsub.dll
2015-03-12 19:05:43 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-12 19:02:51 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-12 19:02:51 ----A---- C:\Windows\system32\blackbox.dll
2015-03-12 19:02:49 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-12 19:02:46 ----A---- C:\Windows\system32\mf.dll
2015-03-12 19:02:45 ----A---- C:\Windows\system32\wmp.dll
2015-03-12 19:02:39 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-12 19:02:39 ----A---- C:\Windows\system32\crypt32.dll
2015-03-12 19:02:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-12 19:02:38 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-12 19:02:38 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-12 19:02:36 ----A---- C:\Windows\system32\evr.dll
2015-03-12 19:02:35 ----A---- C:\Windows\system32\quartz.dll
2015-03-12 19:02:34 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-12 19:02:33 ----A---- C:\Windows\system32\cryptui.dll
2015-03-12 19:02:32 ----A---- C:\Windows\system32\winresume.exe
2015-03-12 19:02:32 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-12 19:02:32 ----A---- C:\Windows\system32\mfplat.dll
2015-03-12 19:02:30 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-12 19:02:30 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-12 19:02:29 ----A---- C:\Windows\system32\srcore.dll
2015-03-12 19:02:29 ----A---- C:\Windows\system32\ci.dll
2015-03-12 19:02:28 ----A---- C:\Windows\system32\winload.exe
2015-03-12 19:02:26 ----A---- C:\Windows\system32\rstrui.exe
2015-03-12 19:02:25 ----A---- C:\Windows\system32\wintrust.dll
2015-03-12 19:02:25 ----A---- C:\Windows\system32\qdvd.dll
2015-03-12 19:02:24 ----A---- C:\Windows\system32\msscp.dll
2015-03-12 19:02:24 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-12 19:02:23 ----A---- C:\Windows\system32\audiodg.exe
2015-03-12 19:02:21 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-12 19:02:19 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-12 19:02:17 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-12 19:02:16 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-12 19:02:15 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-12 19:02:15 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 19:02:14 ----A---- C:\Windows\system32\pcadm.dll
2015-03-12 19:02:13 ----A---- C:\Windows\system32\smss.exe
2015-03-12 19:02:13 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-12 19:02:13 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-12 19:02:13 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-12 19:02:11 ----A---- C:\Windows\system32\mfps.dll
2015-03-12 19:02:11 ----A---- C:\Windows\system32\appidapi.dll
2015-03-12 19:02:10 ----A---- C:\Windows\system32\srclient.dll
2015-03-12 19:02:10 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-12 19:02:10 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-12 19:02:09 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-12 19:02:09 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-12 19:02:09 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-12 19:02:08 ----A---- C:\Windows\system32\pcalua.exe
2015-03-12 19:02:08 ----A---- C:\Windows\system32\EncDump.dll
2015-03-12 19:02:07 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-12 19:02:07 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 19:02:02 ----A---- C:\Windows\system32\spwmp.dll
2015-03-12 19:02:02 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-12 19:01:54 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-12 19:01:53 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-12 19:01:46 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-12 19:01:19 ----A---- C:\Windows\system32\mferror.dll
2015-03-05 16:16:18 ----A---- C:\Windows\system32\drivers\RapportKELL.sys
2015-03-03 21:58:58 ----A---- C:\Windows\system32\wdi.dll
2015-03-03 21:58:58 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 21:58:58 ----A---- C:\Windows\system32\perftrack.dll

======List of files/folders modified in the last 1 month======

2015-03-31 14:40:19 ----D---- C:\Windows\Temp
2015-03-31 14:40:18 ----D---- C:\Windows\system32\config
2015-03-31 14:26:27 ----D---- C:\Users\Georg\AppData\Roaming\Skype
2015-03-31 14:23:45 ----RD---- C:\Program Files
2015-03-31 13:28:13 ----D---- C:\Windows\System32
2015-03-31 13:28:13 ----D---- C:\Windows\inf
2015-03-31 13:28:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-30 21:04:39 ----SHD---- C:\System Volume Information
2015-03-30 19:17:31 ----D---- C:\Program Files\Common Files
2015-03-30 19:17:30 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-03-29 21:18:52 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-03-29 21:10:23 ----SD---- C:\ProgramData\Microsoft
2015-03-29 21:00:17 ----SHD---- C:\Windows\Installer
2015-03-29 21:00:16 ----D---- C:\Config.Msi
2015-03-29 20:52:28 ----D---- C:\Program Files\MiniTool Partition Wizard Free 9.0
2015-03-29 17:15:49 ----D---- C:\ProgramData\Skype
2015-03-29 17:15:40 ----RD---- C:\Program Files\Skype
2015-03-29 10:50:22 ----D---- C:\Windows
2015-03-27 14:12:54 ----D---- C:\Users\Georg\AppData\Roaming\vlc
2015-03-27 09:15:05 ----D---- C:\Program Files\Google
2015-03-27 08:49:17 ----D---- C:\Program Files\WinRAR
2015-03-25 20:54:00 ----D---- C:\ProgramData\HP
2015-03-25 20:53:38 ----D---- C:\Program Files\HP
2015-03-25 19:32:36 ----D---- C:\Windows\system32\Tasks
2015-03-25 19:32:35 ----D---- C:\Windows\Tasks
2015-03-25 19:32:31 ----D---- C:\Windows\system32\drivers
2015-03-22 00:31:42 ----D---- C:\Windows\debug
2015-03-19 20:04:45 ----HD---- C:\ProgramData
2015-03-15 22:40:19 ----D---- C:\Windows\system32\MRT
2015-03-15 22:40:05 ----A---- C:\Windows\system32\MRT.exe
2015-03-13 20:53:03 ----D---- C:\Windows\rescache
2015-03-13 20:49:15 ----D---- C:\Windows\system32\catroot2
2015-03-13 19:38:26 ----D---- C:\ProgramData\ProductData
2015-03-13 19:33:43 ----D---- C:\Users\Georg\AppData\Roaming\WiseUpdate
2015-03-13 19:06:01 ----D---- C:\Windows\winsxs
2015-03-13 19:06:00 ----SHD---- C:\Boot
2015-03-13 18:49:50 ----D---- C:\Windows\system32\en-US
2015-03-13 18:49:49 ----D---- C:\Program Files\Internet Explorer
2015-03-13 18:49:48 ----D---- C:\Windows\system32\cs-CZ
2015-03-13 18:49:45 ----D---- C:\Windows\system32\Dism
2015-03-13 18:49:45 ----D---- C:\Program Files\Windows Media Player
2015-03-13 18:49:41 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-13 18:49:41 ----D---- C:\Windows\system32\Boot
2015-03-12 22:51:19 ----D---- C:\ProgramData\Microsoft Help
2015-03-04 10:16:09 ----D---- C:\Windows\tracing
2015-03-03 15:16:52 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 239224]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2015-03-05 208856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2015-03-25 17344]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2014-12-30 23840]
R1 MpKslb3fdb111;MpKslb3fdb111; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5580B877-5AD6-4CCC-BA59-25931769102A}\MpKslb3fdb111.sys [2015-03-31 39464]
R1 RapportCerberus_80128;RapportCerberus_80128; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80128.sys [2015-03-19 472152]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2015-03-05 251640]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2015-03-05 332696]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R1 WiseTDIFw;WiseTDIFw; \??\C:\Windows\WiseTDIFw.sys [2015-03-13 41512]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 95408]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2015-02-10 2612736]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-12-30 3343832]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2014-12-30 51928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-12-30 719576]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 netr28u;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28u.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WiseHDInfo;WiseHDInfo; \??\C:\Windows\WiseHDInfo32.dll [2015-03-13 11816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 chromoting;@C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_core.dll,-101; C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe [2015-03-08 56648]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 22184]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-05 1919256]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 284472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-02 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-02 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-23 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-03 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[JaRon]

ahoj,
na zaciatok odinstaluj SpyBot a potom vycisti s ADWCleanerom

[Georg.H]

Provedeno
zde log

# AdwCleaner v3.017 - Report created 26/01/2014 at 18:33:27
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Georg Hanke - HAUS-9E9DA6F645
# Running from : I:\downol\RK sever\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\StarApp
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\saaffee- syaove
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SearchNewTab
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\myfree codec
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\myfree codec
Folder Deleted : C:\DOCUME~1\GEORGH~1\LOCALS~1\Temp\apn
Folder Deleted : C:\Documents and Settings\Georg Hanke\Local Settings\Data aplikací\eSupport.com
Folder Deleted : C:\Documents and Settings\Georg Hanke\Data aplikací\Babylon

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HFRS_is1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v32.0.1700.76

[ File : C:\Documents and Settings\Georg Hanke\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4259 octets] - [26/01/2014 18:31:56]
AdwCleaner[S0].txt - [4065 octets] - [26/01/2014 18:33:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4125 octets] ##########
# AdwCleaner v4.200 - Log vytvooen 31/03/2015 v 17:03:13
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Local]
# Operaení system : Windows 7 Professional Service Pack 1 (x86)
# Uživatelské jméno : Georg - GEORG-PC
# Spuštino z : D:\downol\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\Program Files\File Type Assistant
Složka Smazáno : C:\Program Files\SmartTweak
Složka Smazáno : C:\Users\Georg\AppData\Local\FileTypeAssistant
Složka Smazáno : C:\Users\Georg\AppData\Local\Slick Savings
Složka Smazáno : C:\Users\Georg\AppData\LocalLow\HPAppData
[!] Složka Smazáno : C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\Extensions\savingsslider@mybrowserbar.com.xpi
Složka Smazáno : C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc
Soubor Smazáno : C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\invalidprefs.js
Soubor Smazáno : C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\searchplugins\buenosearch.xml
Soubor Smazáno : C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\user.js

***** [ Naplánované úlohy ] *****

Úloha Smazáno : YourFile DownloaderUpdate

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Klíe Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíe Smazáno : HKCU\Software\Bitberry Software
Klíe Smazáno : HKCU\Software\smarttweak
Klíe Smazáno : HKCU\Software\AppDataLow\Software\adawarebp
Klíe Smazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíe Smazáno : HKLM\SOFTWARE\Speedchecker Limited

***** [ Prohlížeee ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v33.1.1 (x86 cs)

[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.admin", false);
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.aflt", "babsst");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.autoRvrt", "false");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.dfltLng", "cs");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.excTlbr", false);
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.id", "4c44bcf400000000000000ff68bdf21f");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.instlDay", "16194");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.instlRef", "sst");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.newTab", false);
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.prdct", "buenosearch");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.rvrt", "false");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.smplGrp", "none");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5237");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.tlbrId", "base");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5237");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.720:34:32");
[glzkamg5.default\prefs.js] - Oádek Smazáno : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");

-\\ Google Chrome v41.0.2272.101

[C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : pfndaklgolladniicklehhancnlgocpp

-\\ Chromium v

[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.icq.com/search/results.php?ch_id=osd&q={searchTerms}&icid=chrome
[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Preferences] - Smazáno [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Preferences] - Smazáno [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Preferences] - Smazáno [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\Georg\AppData\Local\Chromium\User Data\Default\Preferences] - Smazáno [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [10402 bytu] - [26/01/2014 19:31:56]
AdwCleaner[S0].txt - [10356 bytu] - [26/01/2014 19:33:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10415 bytu] ##########

[JaRon]

je to lepsie

[Georg.H]

Ano o něco se to zlepšilo. Ale mám pocit že to šlapalo líp. Rychlosti netu se zvedla. Ale o proti ntb. Furt pomalé.

[JaRon]

prescanuj PC s MBAM a vycisti s CCleanerom

[Georg.H]

Provedeno
MBAM našel 19 problémů

opět se to zlepšilo, ale ta rychlost netu je stále malá
na NTB. naměřím ca 14,9 Mbit/s na kompu ca 4 Mbit/s

[JaRon]

vloz log FRST

[Georg.H]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Georg (administrator) on GEORG-PC on 01-04-2015 09:40:20
Running from C:\Users\Georg\Desktop
Loaded Profiles: Georg (Available profiles: Georg)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(forum.viry.cz) C:\Users\Georg\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-03-16] (Glarysoft Ltd)
HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\...\MountPoints2: {76d6a312-9a45-11e4-9322-002127c6b768} - I:\./MTP/LMPC.exe
HKU\S-1-5-18\...\Run: [Copy] => "C:\Users\Georg\AppData\Roaming\Copy\CopyAgent.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-04] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3092470695-2481693218-1071987176-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 109.224.64.3 109.224.64.5

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-02]
FF HKU\S-1-5-21-3092470695-2481693218-1071987176-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/", "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-02]
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-02]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-02]
CHR Extension: (MEGA) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-05-05]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-02]
CHR Extension: (Adblock Plus) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-11]
CHR Extension: (Google Search) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-02]
CHR Extension: (Words Helper) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopaaagmlfdhgddapheajjadlplffjpk [2014-02-02]
CHR Extension: (PicMonkey) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2014-02-02]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-05-31]
CHR Extension: (Digital Clock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-02-02]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-17]
CHR Extension: (No Name) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-03-31]
CHR Extension: (Centrum.cz Email Notifikátor) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm [2014-02-02]
CHR Extension: (Love Smoke) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgibfhhccaknggplelmbaepoikkcnllb [2014-03-15]
CHR Extension: (Google Mail Checker) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-02]
CHR Extension: (Google Wallet) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-02]
CHR Extension: (Picasa) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-02-02]
CHR Extension: (Gmail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe [56648 2015-03-08] (Google Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2015-03-05] (IBM Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [2612736 2015-02-10] (Atheros Communications, Inc.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17344 2015-03-25] (Glarysoft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-30] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKsl7ea9d7a6; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1217DF16-7EA5-49D3-8BDE-50E065D72F8C}\MpKsl7ea9d7a6.sys [39464 2015-04-01] (Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R1 RapportCerberus_80128; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80128.sys [472152 2015-03-19] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251640 2015-03-05] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [208856 2015-03-05] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332696 2015-03-05] (IBM Corp.)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [11816 2015-03-13] (wisecleaner.com)
R1 WiseTDIFw; C:\Windows\WiseTDIFw.sys [41512 2015-03-13] (WiseCleaner.com)
S3 netr28u; system32\DRIVERS\netr28u.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 09:40 - 2015-04-01 09:41 - 00016800 _____ () C:\Users\Georg\Desktop\FRST.txt
2015-04-01 09:39 - 2015-04-01 09:40 - 00000000 ____D () C:\FRST
2015-04-01 09:38 - 2015-04-01 09:38 - 00112640 _____ (forum.viry.cz) C:\Users\Georg\Desktop\FRSTLauncher.exe
2015-04-01 09:35 - 2015-04-01 09:35 - 00112640 _____ (forum.viry.cz) C:\Users\Georg\Desktop\Nepotvrzeno 615276.crdownload
2015-04-01 09:34 - 2015-04-01 09:34 - 01135104 _____ (Farbar) C:\Users\Georg\Desktop\FRST.exe
2015-04-01 08:27 - 2015-04-01 08:27 - 00000812 _____ () C:\Windows\PFRO.log
2015-04-01 08:27 - 2015-04-01 08:27 - 00000056 _____ () C:\Windows\setupact.log
2015-04-01 08:27 - 2015-04-01 08:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-01 08:17 - 2015-04-01 08:17 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-01 08:17 - 2015-04-01 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-01 08:17 - 2015-04-01 08:17 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-01 08:16 - 2015-04-01 08:16 - 05344528 _____ (Piriform Ltd) C:\Users\Georg\Downloads\ccsetup504.exe
2015-04-01 08:16 - 2015-04-01 08:16 - 00384529 _____ () C:\Users\Georg\Downloads\Lista_centrum.exe
2015-04-01 08:13 - 2015-04-01 08:13 - 00733352 _____ () C:\Users\Georg\Downloads\ccleaner-lista-centrumcz.exe
2015-04-01 07:40 - 2015-04-01 08:28 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-01 07:39 - 2015-04-01 07:39 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-01 07:39 - 2015-04-01 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-01 07:39 - 2015-04-01 07:39 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-01 07:39 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-01 07:39 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-01 07:39 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-31 17:03 - 2015-03-31 17:03 - 00010402 _____ () C:\Users\Georg\Desktop\AdwCleaner[R0].txt
2015-03-31 14:33 - 2015-03-31 14:33 - 00033172 _____ () C:\Users\Georg\Desktop\info.txt
2015-03-31 14:33 - 2015-03-31 14:33 - 00002794 _____ () C:\Users\Georg\Desktop\Vzdálená plocha Chrome.lnk
2015-03-31 14:33 - 2015-03-31 14:33 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2015-03-31 14:23 - 2015-03-31 14:43 - 00000000 ____D () C:\Program Files\trend micro
2015-03-31 14:23 - 2015-03-31 14:24 - 00000000 ____D () C:\rsit
2015-03-30 18:50 - 2015-03-30 18:50 - 00000000 ____D () C:\Program Files\ESET
2015-03-29 20:59 - 2015-03-29 20:59 - 00000000 __SHD () C:\Users\Georg\AppData\Local\icsxml
2015-03-29 20:56 - 2015-03-29 20:57 - 00000000 ____D () C:\Users\Georg\AppData\Local\MetaGeek,_LLC
2015-03-29 20:56 - 2015-03-29 20:56 - 00000038 ___SH () C:\Users\Georg\AppData\Local\69ff07055291669bb2b218.72821112
2015-03-29 17:16 - 2015-03-29 17:16 - 00000000 ____D () C:\Users\Georg\Tracing
2015-03-25 20:58 - 2015-03-25 20:58 - 00001966 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2015-03-25 19:32 - 2015-04-01 08:28 - 00000316 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-03-25 19:32 - 2015-03-25 19:32 - 00017344 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-03-25 19:32 - 2015-03-25 19:32 - 00001054 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-25 19:32 - 2015-03-25 19:32 - 00001042 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-03-25 19:32 - 2015-03-25 19:32 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\GlarySoft
2015-03-25 19:32 - 2015-03-25 19:32 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\DiskDefrag
2015-03-25 19:32 - 2015-03-25 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-03-25 19:31 - 2015-04-01 08:28 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-22 00:33 - 2015-03-22 00:34 - 00002348 _____ () C:\Users\Georg\Documents\cc_20150321_233352.reg
2015-03-19 20:08 - 2015-03-19 20:08 - 00000000 ____D () C:\Users\Georg\AppData\Local\Trusteer
2015-03-19 20:07 - 2015-03-19 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2015-03-19 20:07 - 2015-03-19 20:07 - 00000000 ____D () C:\Program Files\Trusteer
2015-03-19 20:04 - 2015-03-19 20:04 - 00000000 ____D () C:\ProgramData\Trusteer
2015-03-15 22:33 - 2015-04-01 09:39 - 01332927 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 22:33 - 2015-03-15 22:33 - 00090400 _____ () C:\Users\Georg\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-15 22:32 - 2015-03-15 22:33 - 00361664 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 19:33 - 2015-03-13 19:33 - 00041512 _____ (WiseCleaner.com) C:\Windows\WiseTDIFw.sys
2015-03-13 19:33 - 2015-03-13 19:33 - 00011816 _____ (wisecleaner.com) C:\Windows\WiseHDInfo32.dll
2015-03-12 19:10 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 19:10 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-12 19:10 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-12 19:10 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-12 19:10 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-12 19:10 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-12 19:10 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 19:10 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-12 19:10 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 19:09 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 19:09 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-12 19:09 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-12 19:09 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-12 19:09 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-12 19:09 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-12 19:09 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-12 19:09 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-12 19:09 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-12 19:09 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-12 19:09 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-12 19:09 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-12 19:09 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-12 19:09 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-12 19:09 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-12 19:09 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-12 19:09 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-12 19:09 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-12 19:09 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-12 19:09 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-12 19:09 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-12 19:09 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-12 19:09 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-12 19:09 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-12 19:09 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-12 19:09 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 19:09 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 19:08 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-12 19:08 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-12 19:08 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-12 19:08 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-12 19:08 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-12 19:08 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-12 19:08 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-12 19:05 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-12 19:05 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 19:05 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-12 19:05 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-12 19:05 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 19:05 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 19:05 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-12 19:02 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-12 19:02 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-12 19:02 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-12 19:02 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-12 19:02 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-12 19:02 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-12 19:02 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-12 19:02 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-12 19:02 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-12 19:02 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-12 19:02 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 19:02 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-12 19:02 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-12 19:02 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-12 19:01 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-12 19:01 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-12 19:01 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-12 19:01 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-12 19:01 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-05 16:16 - 2015-03-05 16:16 - 00208856 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys
2015-03-03 21:58 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:58 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:58 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-02 18:55 - 2015-03-05 19:24 - 00000107 ____H () C:\Users\Georg\Documents\.picasa.ini
2015-03-02 18:55 - 2015-03-02 18:55 - 00000000 ___HD () C:\Users\Georg\Documents\.picasaoriginals

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 09:36 - 2014-02-22 00:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-01 09:12 - 2014-02-02 21:25 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-01 08:42 - 2009-07-14 06:34 - 00025424 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-01 08:42 - 2009-07-14 06:34 - 00025424 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-01 08:27 - 2014-11-13 20:35 - 00000398 _____ () C:\Windows\Tasks\Wise Care 365.job
2015-04-01 08:27 - 2014-02-02 21:24 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-01 08:27 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-01 08:22 - 2014-02-02 21:48 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Skype
2015-04-01 07:39 - 2014-02-17 18:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-01 07:21 - 2014-02-02 21:21 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-31 19:00 - 2014-11-13 20:35 - 00000378 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2015-03-31 17:04 - 2014-01-26 19:31 - 00000000 ____D () C:\AdwCleaner
2015-03-31 15:19 - 2014-02-17 16:35 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-03-31 15:17 - 2014-02-17 18:25 - 00000079 _____ () C:\Windows\wininit.ini
2015-03-30 21:52 - 2014-12-18 22:52 - 00000388 _____ () C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job
2015-03-30 19:17 - 2014-02-17 16:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-29 20:52 - 2015-02-02 11:36 - 00000000 ____D () C:\Program Files\MiniTool Partition Wizard Free 9.0
2015-03-29 17:16 - 2014-02-02 21:15 - 00000000 ____D () C:\Users\Georg
2015-03-29 17:15 - 2014-12-04 17:52 - 00000000 ___RD () C:\Program Files\Skype
2015-03-29 17:15 - 2014-02-02 21:48 - 00000000 ____D () C:\ProgramData\Skype
2015-03-27 14:12 - 2014-02-16 03:01 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\vlc
2015-03-27 09:15 - 2014-02-02 21:24 - 00000000 ____D () C:\Program Files\Google
2015-03-27 08:55 - 2014-02-16 03:01 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-27 08:49 - 2014-02-03 00:55 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-27 08:49 - 2014-02-03 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-27 08:49 - 2014-02-03 00:55 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-27 08:41 - 2014-07-25 12:38 - 00001026 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-03-25 20:54 - 2014-02-02 22:55 - 00000000 ____D () C:\ProgramData\HP
2015-03-25 20:53 - 2014-02-02 22:57 - 00000000 ____D () C:\Program Files\HP
2015-03-25 19:55 - 2014-12-29 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-03-21 19:20 - 2014-02-02 21:29 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-15 22:40 - 2014-02-03 00:16 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-15 22:40 - 2014-02-03 00:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 20:53 - 2014-06-15 10:04 - 00000000 ____D () C:\Windows\rescache
2015-03-13 19:38 - 2014-02-20 21:07 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-13 19:33 - 2014-12-30 00:36 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\WiseUpdate
2015-03-12 22:51 - 2014-02-03 23:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-07 19:36 - 2014-02-07 13:00 - 00000000 ____D () C:\Users\Georg\Documents\Fax
2015-03-04 10:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2015-03-03 15:16 - 2014-02-02 21:35 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-06-19 11:24 - 2014-06-19 11:24 - 0000024 _____ () C:\Users\Georg\AppData\Roaming\temp.ini
2015-03-29 20:56 - 2015-03-29 20:56 - 0000038 ___SH () C:\Users\Georg\AppData\Local\69ff07055291669bb2b218.72821112
2014-04-13 20:15 - 2015-01-16 20:09 - 0005632 _____ () C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-19 20:22 - 2014-11-21 21:29 - 0001256 _____ () C:\Users\Georg\AppData\Local\MRDownloader.nast
2014-03-07 22:46 - 2014-11-04 21:14 - 0007641 _____ () C:\Users\Georg\AppData\Local\Resmon.ResmonCfg
2014-02-03 20:30 - 2014-02-03 20:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-02 22:56 - 2014-02-02 23:30 - 0001732 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Georg\AppData\Local\Temp\Quarantine.exe
C:\Users\Georg\AppData\Local\Temp\sqlite3.dll
C:\Users\Georg\AppData\Local\Temp\~3A45.exe
C:\Users\Georg\AppData\Local\Temp\~B555.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Georg\Desktop" je 10 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3
C:\Program Files\AirDroid\AirDroid.exe /start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Georg\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[JaRon]

citat:
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript nize

Kód: Vybrat vše

Start
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 netr28u; system32\DRIVERS\netr28u.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
2015-03-31 15:19 - 2014-02-17 16:35 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-03-30 19:17 - 2014-02-17 16:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
C:\Users\Georg\AppData\Local\Temp\~3A45.exe
C:\Users\Georg\AppData\Local\Temp\~B555.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3
C:\Program Files\AirDroid\AirDroid.exe /start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Georg\AppData\Roaming\ICQM\icq.exe -CU [x]







Hosts:
CMD: shutdown /r /f /t 2
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Georg.H]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Georg at 2015-04-01 10:36:08 Run:1
Running from C:\Users\Georg\Desktop
Loaded Profiles: Georg (Available profiles: Georg)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 netr28u; system32\DRIVERS\netr28u.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
2015-03-31 15:19 - 2014-02-17 16:35 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-03-30 19:17 - 2014-02-17 16:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
C:\Users\Georg\AppData\Local\Temp\~3A45.exe
C:\Users\Georg\AppData\Local\Temp\~B555.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3
C:\Program Files\AirDroid\AirDroid.exe /start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Georg\AppData\Roaming\ICQM\icq.exe -CU [x]







Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
netr28u => Service deleted successfully.
taphss6 => Service deleted successfully.
C:\Program Files\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Users\Georg\AppData\Local\Temp\~3A45.exe => Moved successfully.
C:\Users\Georg\AppData\Local\Temp\~B555.exe => Moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3 => Error: No automatic fix found for this entry.
"C:\Program Files\AirDroid\AirDroid.exe /start [x]" => File/Directory not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq => Error: No automatic fix found for this entry.
"C:\Users\Georg\AppData\Roaming\ICQM\icq.exe -CU [x]" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog 10:36:12 ====

[JaRon]

1. doporucujem odinstalovat Microsoft Security Essentials - je to velmi slaby AV
2. citat:
Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run
•
3. nainstaluj AVAST a vycisti nim PC

[Georg.H]

provedeno
zlepšení žádné

[JaRon]

nevidim ziadny dovod na pomalost - preventivne - CF:
stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim


akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

[Georg.H]

ComboFix 15-04-01.01 - Georg 01.04.2015 12:35:14.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.625 [GMT 2:00]
Spuštěný z: c:\users\Georg\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 6A
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
R6025
- pure virtual function call
.
/wow section - STAGE 27
Systém nemůže spustit určený program.
grep: temp2401: No such file or directory
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Georg\AppData\Local\Temp\foxB9EE.tmp
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-01 do 2015-04-01 )))))))))))))))))))))))))))))))
.
.
2015-04-01 11:15 . 2015-04-01 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-01 09:50 . 2015-04-01 09:50 -------- d-----w- c:\program files\Common Files\Java
2015-04-01 09:23 . 2015-04-01 09:23 -------- d-----w- c:\users\Georg\AppData\Roaming\AVAST Software
2015-04-01 09:20 . 2015-04-01 09:20 208024 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-01 09:20 . 2015-04-01 09:20 106912 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-01 09:20 . 2015-04-01 09:19 427736 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-01 09:20 . 2015-04-01 09:19 73440 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-01 09:20 . 2015-04-01 09:19 49904 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-01 09:20 . 2015-04-01 09:19 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-01 09:20 . 2015-04-01 09:19 24144 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-01 09:20 . 2015-04-01 09:19 788272 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-01 09:20 . 2015-04-01 09:19 291312 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-01 09:19 . 2015-04-01 09:19 43112 ----a-w- c:\windows\avastSS.scr
2015-04-01 09:14 . 2015-04-01 11:41 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23C049E6-A5CA-4B78-A393-7A6FAAA490C2}\offreg.dll
2015-04-01 09:13 . 2015-04-01 09:13 -------- d-----w- c:\program files\AVAST Software
2015-04-01 09:11 . 2015-04-01 09:11 -------- d-----w- c:\programdata\AVAST Software
2015-04-01 06:17 . 2015-04-01 06:17 -------- d-----w- c:\program files\CCleaner
2015-04-01 05:40 . 2015-04-01 13:51 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-01 05:39 . 2015-03-17 04:15 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-01 05:39 . 2015-03-17 04:15 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-01 05:39 . 2015-04-01 05:39 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-04-01 05:39 . 2015-03-17 04:15 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-31 12:23 . 2015-03-31 12:43 -------- d-----w- c:\program files\trend micro
2015-03-30 16:50 . 2015-03-30 16:50 -------- d-----w- c:\program files\ESET
2015-03-29 18:59 . 2015-03-29 18:59 -------- d-sh--w- c:\users\Georg\AppData\Local\icsxml
2015-03-29 18:56 . 2015-03-29 18:56 -------- d-sh--w- c:\users\Georg\AppData\Local\ms-drivers
2015-03-29 18:56 . 2015-03-29 18:57 -------- d-----w- c:\users\Georg\AppData\Local\MetaGeek,_LLC
2015-03-29 15:16 . 2015-03-29 15:16 -------- d-----w- c:\users\Georg\Tracing
2015-03-25 17:32 . 2015-03-25 17:32 17344 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2015-03-25 17:32 . 2015-03-25 17:32 -------- d-----w- c:\users\Georg\AppData\Roaming\DiskDefrag
2015-03-25 17:32 . 2015-03-25 17:32 -------- d-----w- c:\users\Georg\AppData\Roaming\GlarySoft
2015-03-25 17:31 . 2015-04-01 13:53 -------- d-----w- c:\program files\Glary Utilities 5
2015-03-19 18:08 . 2015-03-19 18:08 -------- d-----w- c:\users\Georg\AppData\Local\Trusteer
2015-03-19 18:07 . 2015-03-19 18:07 -------- d-----w- c:\program files\Trusteer
2015-03-19 18:04 . 2015-03-19 18:04 -------- d-----w- c:\programdata\Trusteer
2015-03-13 17:33 . 2015-03-13 17:33 11816 ----a-w- c:\windows\WiseHDInfo32.dll
2015-03-13 17:33 . 2015-03-13 17:33 41512 ----a-w- c:\windows\WiseTDIFw.sys
2015-03-12 17:09 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-12 17:08 . 2015-02-20 02:06 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-03-12 17:08 . 2015-02-20 01:23 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-03-12 17:08 . 2015-02-20 01:37 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-03-12 17:08 . 2015-02-20 02:09 503296 ----a-w- c:\windows\system32\vbscript.dll
2015-03-12 17:08 . 2015-02-20 01:30 4300288 ----a-w- c:\windows\system32\jscript9.dll
2015-03-12 17:05 . 2015-02-03 03:12 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-03-12 17:05 . 2015-02-20 03:09 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-03-12 17:05 . 2015-02-20 04:13 26624 ----a-w- c:\windows\system32\lpk.dll
2015-03-12 17:05 . 2015-02-20 04:13 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-03-12 17:05 . 2015-02-20 04:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-03-12 17:05 . 2015-02-20 04:13 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-03-12 17:05 . 2015-02-04 02:54 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-12 17:01 . 2015-02-03 03:12 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-03-12 17:01 . 2015-02-03 03:10 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-03-12 17:01 . 2015-02-03 03:08 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-03-12 17:01 . 2015-02-03 03:11 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2015-03-12 17:01 . 2015-02-03 03:09 2048 ----a-w- c:\windows\system32\mferror.dll
2015-03-05 14:16 . 2015-03-05 14:16 208856 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2015-03-03 19:58 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-03-03 19:58 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-03-03 19:58 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-01 09:47 . 2014-12-05 22:51 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-04-01 09:34 . 2014-02-21 22:50 778928 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-01 09:34 . 2014-02-21 22:50 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-06 05:10 . 2015-03-12 17:10 248832 ----a-w- c:\windows\system32\schannel.dll
2015-03-03 13:16 . 2014-02-02 19:35 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
2015-02-10 04:10 . 2015-02-10 04:10 2612736 ----a-w- c:\windows\system32\drivers\athur.sys
2015-02-04 02:54 . 2015-02-11 17:03 482304 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 02:53 . 2015-02-11 17:03 621056 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 02:53 . 2015-02-11 17:03 325632 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 02:53 . 2015-02-11 17:03 767488 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 02:53 . 2015-02-11 17:03 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 02:53 . 2015-02-11 17:03 159744 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 02:49 . 2015-02-11 17:03 886784 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-11 17:03 1167520 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-14 10:27 . 2015-02-02 09:37 2894848 ----a-w- c:\windows\system32\pwNative.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-01 09:19 644608 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"="c:\program files\Glary Utilities 5\StartupManager.exe" [2015-03-16 37152]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-03-13 5529880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-01 5512912]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-02-10 335232]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-02-04 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2014-2-14 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3]
2014-12-19 03:28 11012608 ----a-w- c:\program files\AirDroid\AirDroid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
2014-03-26 21:04 33664344 ----a-w- c:\users\Georg\AppData\Roaming\ICQM\icq.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-02-10 22:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-01-02 315488]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-09-30 10320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-02-03 1343400]
R3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo32.dll [2015-03-13 11816]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-09-30 15688]
S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2015-03-05 208856]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-04-01 788272]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-04-01 427736]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys [2015-03-25 17344]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2014-12-30 23840]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80128.sys [2015-03-19 472152]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2015-03-05 251640]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2015-03-05 332696]
S1 WiseTDIFw;WiseTDIFw;c:\windows\WiseTDIFw.sys [2015-03-13 41512]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-04-01 24144]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-04-01 73440]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-04-01 106912]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-03-13 244392]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-03-05 1919256]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2015-02-10 2612736]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-03-17 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-04-01 119512]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-03-17 51928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-12-30 719576]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ASWRVRT
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76d6a312-9a45-11e4-9322-002127c6b768}]
\shell\AutoRun\command - I:\./MTP/LMPC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-21 17:16 1061704 ----a-w- c:\program files\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 09:34]
.
2015-04-01 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files\Glary Utilities 5\Initialize.exe [2015-03-16 07:26]
.
2015-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-02 19:24]
.
2015-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-02 19:24]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 109.224.64.3 109.224.64.5
FF - ProfilePath - c:\users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\glzkamg5.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-Run-Copy - c:\users\Georg\AppData\Roaming\Copy\CopyAgent.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,47,a3,de,23,ba,41,4e,b9,15,76,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,37,47,a3,de,23,ba,41,4e,b9,15,76,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe
c:\program files\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe
c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
c:\windows\system32\taskhost.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\windows\system32\conhost.exe
c:\program files\Glary Utilities 5\Integrator.exe
c:\program files\Adobe\Reader 11.0\Reader\Reader_sl.exe
.
**************************************************************************
.
Celkový čas: 2015-04-01 16:04:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-01 14:04
.
Před spuštěním: 3 076 136 960
Po spuštění: 3 504 885 760
.
- - End Of File - - 1D77859193E91EDE1EED3CFA0473AD1C
A36C5E4F47E84449FF07ED3517B43A31