Kontrola

Zpráva

NOSKILL · #1 Příspěvek od **NOSKILL** » 10 dub 2015 10:08

Dobrý den,

prosím o kontrolu..

Logfile of random's system information tool 1.10 (written by random/random)
Run by novot_000 at 2015-04-10 11:03:58
Microsoft Windows 8.1
System drive C: has 49 GB (50%) free of 98 GB
Total RAM: 3976 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:07:38, on 10. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\novot_000.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem30.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11986 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\System32\alg.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-aa31de3d-6034-41b0-95d5-c47a735e2124 -SystemEventPortName:HostProcess-057a1f63-cb45-45f1-89ed-5f25def04b1f -IoCancelEventPortName:HostProcess-e4e260d2-2565-4b00-b81c-fafbf3fd9bb3 -NonStateChangingEventPortName:HostProcess-9b140fc3-a869-4e47-9085-2c67abe88bb7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8fb1b463-6ed2-4afd-ae48-b06338f738c5 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4b932829-bb5e-45fe-a829-f847024acdb5 -SystemEventPortName:HostProcess-68f492e9-4e37-4b37-a8c1-752ec23bb77b -IoCancelEventPortName:HostProcess-140993ba-37a8-4fb4-b2c7-f476d62300c4 -NonStateChangingEventPortName:HostProcess-7250f25d-f9e4-47d7-8869-e94bb6d10256 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0b73bc0d-fcf1-4dee-8626-d8db0620615c -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
dashost.exe {449f1447-cd11-4bb7-a098f6a602d7301a}

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
atieclxx
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\novot_000\AppData\Local\Steam\htmlcache" -steampid 3608 -buildid 1428601549 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --enable-pinch --disable-accelerated-compositing --disable-gpu-compositing --channel="8340.0.2042757609\1386919293" /prefetch:673131151
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3284.0.2123379117\526064815" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="3284.2.721330504\898599665" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="3284.4.652847383\986177049" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="3284.6.378058748\1291296410" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3284 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="3284.8.1204243954\1781658707" /prefetch:673131151
"C:\Users\novot_000\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-08-06 1425408]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-04-09 172016]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-04-09 399856]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-04-09 442352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-04-09 2889408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP HD Webcam Driver_Monitor"=C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [2012-07-26 303480]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-24 5512912]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

C:\Users\novot_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-03-20 442880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-10 11:03:59 ----D---- C:\Program Files\trend micro
2015-04-10 11:03:58 ----D---- C:\rsit
2015-04-09 21:33:20 ----D---- C:\Program Files (x86)\Steam
2015-04-04 12:19:46 ----D---- C:\ProgramData\CCP
2015-03-31 21:10:20 ----A---- C:\WINDOWS\system32\drivers\cnnctfy3.sys
2015-03-30 20:01:20 ----D---- C:\Program Files (x86)\MetaGeek
2015-03-29 20:58:41 ----D---- C:\WINDOWS\pss
2015-03-24 18:58:59 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-03-24 18:58:50 ----A---- C:\WINDOWS\avastSS.scr
2015-03-24 18:58:42 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2015-03-23 17:46:52 ----D---- C:\Users\novot_000\AppData\Roaming\Promotion Software GmbH
2015-03-22 22:40:45 ----D---- C:\Intel
2015-03-14 15:58:34 ----D---- C:\Program Files (x86)\GSC World Publishing
2015-03-12 12:54:35 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-03-12 12:00:25 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-03-12 12:00:25 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\system32\lpk.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\system32\fontsub.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\system32\dciman32.dll
2015-03-12 12:00:24 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-03-12 12:00:23 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-03-12 12:00:22 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2015-03-12 12:00:22 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-03-12 12:00:22 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2015-03-12 12:00:20 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-03-12 00:29:46 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-03-12 00:29:38 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-03-12 00:29:30 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-03-12 00:29:05 ----A---- C:\WINDOWS\system32\win32k.sys
2015-03-12 00:29:02 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-03-12 00:29:02 ----A---- C:\WINDOWS\system32\schannel.dll
2015-03-12 00:28:58 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-03-12 00:28:58 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-03-12 00:28:58 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-03-12 00:28:56 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-03-12 00:28:56 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-03-12 00:28:25 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-03-12 00:28:24 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-03-12 00:28:24 ----AC---- C:\WINDOWS\system32\drivers\bthenum.sys
2015-03-12 00:28:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-03-12 00:28:13 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-03-12 00:28:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-03-12 00:28:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-03-12 00:28:07 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-03-12 00:28:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-03-12 00:28:06 ----A---- C:\WINDOWS\system32\wininet.dll
2015-03-12 00:28:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-03-12 00:28:05 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-03-12 00:28:05 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-03-12 00:28:05 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-03-12 00:28:05 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-03-12 00:28:04 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-03-12 00:28:04 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-03-12 00:28:04 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-03-12 00:28:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-03-12 00:28:02 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-03-12 00:28:02 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-03-12 00:28:01 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\jscript.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-03-12 00:28:00 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-03-12 00:27:59 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-03-12 00:27:59 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-03-12 00:27:49 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-03-12 00:27:49 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-12 00:27:49 ----A---- C:\WINDOWS\system32\shell32.dll
2015-03-12 00:27:48 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-03-12 00:27:44 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-03-12 00:27:44 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-03-12 00:27:44 ----A---- C:\WINDOWS\system32\msctf.dll
2015-03-12 00:27:43 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll

======List of files/folders modified in the last 1 month======

2015-04-10 11:06:02 ----D---- C:\WINDOWS\Prefetch
2015-04-10 11:03:59 ----D---- C:\Program Files
2015-04-10 11:02:00 ----D---- C:\WINDOWS\system32\sru
2015-04-10 11:01:22 ----D---- C:\WINDOWS\Microsoft.NET
2015-04-10 11:01:07 ----D---- C:\WINDOWS\Temp
2015-04-10 10:56:13 ----D---- C:\Users\novot_000\AppData\Roaming\uTorrent
2015-04-10 10:56:07 ----RD---- C:\WINDOWS\System32
2015-04-10 10:56:06 ----D---- C:\WINDOWS\debug
2015-04-10 10:56:06 ----D---- C:\Windows
2015-04-10 10:41:40 ----D---- C:\WINDOWS\AppReadiness
2015-04-09 22:53:08 ----D---- C:\Users\novot_000\AppData\Roaming\vlc
2015-04-09 21:33:20 ----RD---- C:\Program Files (x86)
2015-04-08 15:25:57 ----SHD---- C:\WINDOWS\Installer
2015-04-08 09:40:44 ----D---- C:\WINDOWS\system32\config
2015-04-06 15:21:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-06 15:21:17 ----D---- C:\WINDOWS\Inf
2015-04-05 16:42:50 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-04-04 12:19:46 ----HD---- C:\ProgramData
2015-04-02 23:13:14 ----SHD---- C:\System Volume Information
2015-04-02 23:11:48 ----D---- C:\Users\novot_000\AppData\Roaming\Skype
2015-04-02 18:53:25 ----D---- C:\WINDOWS\system32\NDF
2015-04-02 18:43:34 ----D---- C:\WINDOWS\system32\DriverStore
2015-03-31 21:10:35 ----D---- C:\WINDOWS\system32\drivers
2015-03-31 20:56:26 ----D---- C:\WINDOWS\system32\drivers\etc
2015-03-30 13:17:06 ----D---- C:\WINDOWS\WinSxS
2015-03-29 20:56:03 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-29 18:27:13 ----D---- C:\Users\novot_000\AppData\Roaming\TeamViewer
2015-03-29 18:27:13 ----D---- C:\Users\novot_000\AppData\Roaming\DAEMON Tools Lite
2015-03-29 18:18:33 ----D---- C:\Program Files\CCleaner
2015-03-29 17:21:59 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-03-24 20:09:11 ----D---- C:\Program Files (x86)\PokerStars.EU
2015-03-24 19:01:38 ----D---- C:\ProgramData\Skype
2015-03-24 19:01:34 ----RD---- C:\Program Files (x86)\Skype
2015-03-24 18:59:12 ----D---- C:\WINDOWS\system32\Tasks
2015-03-20 00:55:43 ----D---- C:\Program Files (x86)\Common Files
2015-03-17 21:42:55 ----D---- C:\WINDOWS\rescache
2015-03-14 01:03:52 ----D---- C:\Program Files\Windows Defender
2015-03-14 01:03:51 ----D---- C:\WINDOWS\SysWOW64
2015-03-14 01:03:51 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 19:39:00 ----D---- C:\WINDOWS\CbsTemp
2015-03-12 15:06:29 ----D---- C:\Program Files (x86)\VirtualDJ
2015-03-12 12:51:48 ----RD---- C:\WINDOWS\ToastData
2015-03-12 12:51:48 ----D---- C:\Program Files\Internet Explorer
2015-03-12 12:51:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-12 12:51:45 ----D---- C:\WINDOWS\system32\MRT
2015-03-12 12:48:05 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-12 00:24:41 ----D---- C:\WINDOWS\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem18.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 aswNdisFlt;@oem16.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2015-03-24 449896]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-03-24 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-03-24 271200]
R0 hpdskflt;@oem30.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2015-03-24 28144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-03-24 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-03-24 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-03-24 442264]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-03-24 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-03-24 88408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-03-24 136752]
R3 Accelerometer;@oem30.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 dtsoftbus01;@oem1.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-08-20 283064]
R3 HpqKbFiltr;@oem28.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2012-08-27 26504]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-03-20 5363520]
R3 IntcDAud;@oem11.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2014-08-15 176880]
R3 MEIx64;@oem32.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem25.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2014-03-29 2532552]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-08-16 227840]
R3 SPUVCbv;@oem4.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [2012-09-23 1064184]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2012-08-06 540160]
R3 SynTP;@oem23.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BtAudioBusSrv;@oem8.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys []
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys []
S3 intelkmd;intelkmd; C:\WINDOWS\system32\DRIVERS\igdpmd64.sys [2012-08-23 9000256]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 rtbth;@oem21.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys []
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-11-21 244736]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-24 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-24 107448]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem30.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-22 33600]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-08-06 321536]
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2014-04-04 143288]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-01-23 1006424]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-09 836288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14 268464]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-04-09 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14 116648]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 10 dub 2015 23:23

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

NOSKILL · #3 Příspěvek od **NOSKILL** » 12 dub 2015 12:35

# AdwCleaner v4.201 - Log vytvořen 12/04/2015 v 13:28:09
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : novot_000 - USER_NTB
# Spuštěno z : C:\Users\novot_000\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKU\.DEFAULT\Software\TornTv Downloader
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200

***** [ Prohlížeče ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Mozilla Firefox v

-\\ Google Chrome v41.0.2272.118

*************************

AdwCleaner[R1].txt - [910 bytů] - [12/04/2015 13:26:22]
AdwCleaner[S1].txt - [834 bytů] - [12/04/2015 13:28:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [891 bytů] ##########

#4 Příspěvek od **Márty84** » 12 dub 2015 12:42

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

NOSKILL · #5 Příspěvek od **NOSKILL** » 12 dub 2015 16:08

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12. 4. 2015
Čas skenování: 15:12:20
Protokol: log.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.12.01
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: novot_000

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 677199
Uplynulý čas: 1 hod, 52 min, 49 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\bitstreams, , [fdb4cd9e8604b680ae99088218eb5ea2],

Soubory: 19
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [01b0303b8dfd1a1c157b745756acdb25],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, , [4c659ccf672365d1c3cd4c7f010120e0],
Trojan.BitMiner, C:\Windows\Inf\mncblnydy\mncblnydy.exe, , [347ddc8f4446ad89c2564c2927dbbd43],
Trojan.Bitcoin.SE, F:\Download\Programy\Adobe Illustrator CS6 + Crack\ADOBE ILLUSTRATOR CS6 (32-64 bit) - CRACK.exe, , [8031d6958a003cfa159d4e00db2627d9],
PUP.RiskwareTool.CK, F:\Download\Programy\Adobe Illustrator CS6 + Crack\Adobe Illustrator CS6 Crack .DLL Files RELOADED\32-bit (x86)\amtlib.dll, , [2d84cba05139d06690ff9c2fd2305ba5],
PUP.RiskwareTool.CK, F:\Download\Programy\Adobe Illustrator CS6 + Crack\Adobe Illustrator CS6 Crack .DLL Files RELOADED\64-bit (x64)\amtlib.dll, , [5d54214acbbf60d62967606bd2308b75],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\diablo130302.cl, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\diakgcn121016.cl, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\libcurl-4.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\libeay32.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\libidn-11.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\librtmp.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\libssh2.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\phatk121016.cl, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\poclbm130302.cl, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\scrypt130511.cl, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\ssleay32.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\zlib1.dll, , [fdb4cd9e8604b680ae99088218eb5ea2],
Trojan.Agent.BCM, C:\Windows\Inf\mncblnydy\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [fdb4cd9e8604b680ae99088218eb5ea2],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 13 dub 2015 08:34

Vsechny nalezy nechte odstranit. Po dalsim restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

NOSKILL · #7 Příspěvek od **NOSKILL** » 13 dub 2015 16:18

Nic. čisté asi bude všechno že?

mockrát děkuji

#8 Příspěvek od **Márty84** » 13 dub 2015 18:40

Je potreba to docistit

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

NOSKILL · #9 Příspěvek od **NOSKILL** » 13 dub 2015 21:31

Už se to nelíbí ani chromu, ale tady log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by novot_000 (administrator) on USER_NTB on 13-04-2015 22:23:57
Running from C:\Users\novot_000\Desktop
Loaded Profiles: novot_000 (Available profiles: novot_000 & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD64.EXE
(forum.viry.cz) C:\Users\novot_000\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] ()
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-24] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\MountPoints2: {07bc2970-ca27-11e4-bece-b4b52f7d9bd9} - "I:\.autorun\autorun.exe"
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\MountPoints2: {98dca83c-2854-11e4-be91-b4b52f7d9bd9} - "H:\setup.exe"
Startup: C:\Users\novot_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 147.229.190.143 147.229.191.143

FireFox:
========
FF ProfilePath: C:\Users\novot_000\AppData\Roaming\Mozilla\Firefox\Profiles\msarbnu6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-1636333039-1815882301-1343469147-1002: @citrixonline.com/appdetectorplugin -> C:\Users\novot_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-15] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\novot_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\novot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\novot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (Evernote Web Clipper) - C:\Users\novot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-02-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-24] (Avast Software s.r.o.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [File not signed]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-24] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-24] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-24] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-20] (Disc Soft Ltd)
S3 intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [9000256 2012-08-23] (Intel Corporation) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-08-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 22:23 - 2015-04-13 22:24 - 00017328 _____ () C:\Users\novot_000\Desktop\FRST.txt
2015-04-13 22:23 - 2015-04-13 22:23 - 00000000 ____D () C:\FRST
2015-04-13 22:22 - 2015-04-13 22:22 - 00112640 _____ (forum.viry.cz) C:\Users\novot_000\Desktop\FRSTLauncher.exe
2015-04-13 22:19 - 2015-04-13 22:19 - 02096640 _____ (Farbar) C:\Users\novot_000\Desktop\FRST64.exe
2015-04-13 13:04 - 2015-04-13 13:04 - 00000000 ____D () C:\ProgramData\Connectify
2015-04-12 15:11 - 2015-04-13 17:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-12 15:10 - 2015-04-12 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-12 15:10 - 2015-04-12 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-12 15:10 - 2015-04-12 15:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-12 15:10 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-12 15:10 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-12 15:10 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-12 14:05 - 2015-04-12 18:08 - 00000000 ____D () C:\Users\novot_000\Desktop\tools
2015-04-12 13:15 - 2015-04-12 18:14 - 00005434 _____ () C:\WINDOWS\PFRO.log
2015-04-12 13:15 - 2015-04-12 13:16 - 05113880 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-10 13:59 - 2015-04-13 22:15 - 00000693 _____ () C:\WINDOWS\setupact.log
2015-04-10 13:59 - 2015-04-10 13:59 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-10 11:19 - 2015-04-10 11:19 - 04532776 _____ (Piriform Ltd) C:\Users\novot_000\Downloads\dfsetup219.exe
2015-04-10 11:03 - 2015-04-10 11:07 - 00000000 ____D () C:\Program Files\trend micro
2015-04-10 10:17 - 2015-04-10 10:17 - 02640574 _____ () C:\Users\novot_000\Downloads\MA2_resene_priklady.zip
2015-04-09 21:38 - 2015-04-09 21:38 - 01223520 _____ () C:\Users\novot_000\Downloads\matika2.rar
2015-04-09 21:33 - 2015-04-09 21:33 - 01142128 _____ () C:\Users\novot_000\Downloads\SteamSetup (1).exe
2015-04-09 20:51 - 2015-04-09 20:51 - 03928444 _____ () C:\Users\novot_000\Downloads\SocialniZabezpeceniCV (1).zip
2015-04-09 18:07 - 2015-04-09 18:07 - 03320388 _____ () C:\Users\novot_000\Downloads\ucto cviko.rar
2015-04-08 10:34 - 2015-04-08 10:34 - 00170360 _____ () C:\Users\novot_000\Downloads\Financování-krajů-a-obcí-2 (3).pptx
2015-04-08 10:33 - 2015-04-08 10:33 - 00170360 _____ () C:\Users\novot_000\Downloads\Financování-krajů-a-obcí-2 (2).pptx
2015-04-08 10:32 - 2015-04-08 10:32 - 00170360 _____ () C:\Users\novot_000\Downloads\Financování-krajů-a-obcí-2 (1).pptx
2015-04-08 10:21 - 2015-04-08 10:26 - 00171784 _____ () C:\Users\novot_000\Downloads\Financování-krajů-a-obcí-2.pptx
2015-04-07 20:14 - 2015-04-07 20:14 - 02632192 _____ () C:\Users\novot_000\Downloads\Rozpocet-2015_06112014_4_FINAL.xls
2015-04-06 23:21 - 2015-04-06 23:21 - 01142128 _____ () C:\Users\novot_000\Downloads\SteamSetup.exe
2015-04-04 12:31 - 2015-04-04 12:31 - 00000000 ____D () C:\Users\novot_000\Documents\EVE
2015-04-04 12:31 - 2015-04-04 12:31 - 00000000 ____D () C:\Users\novot_000\AppData\Local\CCP
2015-04-04 12:19 - 2015-04-04 12:19 - 00000000 ____D () C:\ProgramData\CCP
2015-04-04 12:12 - 2015-04-04 12:15 - 101920768 _____ () C:\Users\novot_000\Downloads\EVE_Online_Installer_873121.msi
2015-04-03 19:32 - 2015-04-10 14:20 - 3539315999 _____ () C:\Users\novot_000\Downloads\Transformers.Age.of.Extinction.2014.1080p.3D.BluRay.Half-SBS.DD5.1.x264.mkv
2015-04-03 19:26 - 2015-04-03 19:26 - 00000000 ____D () C:\Users\novot_000\Downloads\The.Hobbit-The.Battle.of.Five.Armies.2014.PL.3D.1080p.BDRip(Leon 345)
2015-04-03 19:19 - 2015-04-03 19:19 - 00064798 _____ () C:\Users\novot_000\Downloads\Financování-krajů-a-obcí (1).pptx
2015-04-03 19:18 - 2015-04-03 19:18 - 00064798 _____ () C:\Users\novot_000\Downloads\Financování-krajů-a-obcí.pptx
2015-04-02 21:15 - 2015-04-02 21:15 - 00678400 _____ () C:\Users\novot_000\Downloads\VF_8_FF.ppt
2015-03-31 21:10 - 2015-03-31 21:10 - 00042152 _____ (Connectify) C:\WINDOWS\system32\Drivers\cnnctfy3.sys
2015-03-31 21:09 - 2015-03-31 21:09 - 10174096 _____ (Connectify) C:\Users\novot_000\Downloads\Connectify2015Installer.exe
2015-03-31 20:56 - 2015-04-13 13:48 - 00000438 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-03-30 23:47 - 2015-03-30 23:47 - 00000000 ____D () C:\Users\novot_000\Tracing
2015-03-30 20:03 - 2015-03-30 20:03 - 00000000 __SHD () C:\Users\novot_000\AppData\Local\icsxml
2015-03-30 20:02 - 2015-03-30 20:04 - 00000395 ___SH () C:\Users\novot_000\AppData\Local\70149b02515b3bb20dd492.47983420
2015-03-30 20:02 - 2015-03-30 20:04 - 00000000 ____D () C:\Users\novot_000\AppData\Local\MetaGeek,_LLC
2015-03-30 19:59 - 2015-03-30 20:00 - 07507968 _____ () C:\Users\novot_000\Downloads\inSSIDerOffice.msi
2015-03-29 23:25 - 2015-03-30 00:00 - 100610688 _____ (XMind Ltd. ) C:\Users\novot_000\Downloads\xmind-windows-3.4.1.201401221918.exe
2015-03-29 23:24 - 2015-03-29 23:27 - 05445800 _____ ( ) C:\Users\novot_000\Downloads\FreeMind-Windows-Installer-1.0.0-max.exe
2015-03-29 23:16 - 2015-03-29 23:16 - 03928444 _____ () C:\Users\novot_000\Downloads\SocialniZabezpeceniCV.zip
2015-03-29 20:58 - 2015-03-29 20:58 - 00000000 ____D () C:\WINDOWS\pss
2015-03-29 20:56 - 2015-04-13 19:09 - 01893430 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-29 18:14 - 2015-04-06 23:32 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-29 17:22 - 2015-03-29 17:22 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-24 18:58 - 2015-03-24 18:58 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-03-24 18:58 - 2015-03-24 18:58 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-24 18:58 - 2015-03-24 18:58 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-23 17:46 - 2015-03-23 17:46 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\Promotion Software GmbH
2015-03-23 12:45 - 2015-03-29 21:09 - 00000000 ____D () C:\Users\novot_000\AppData\Local\GHISLER
2015-03-22 22:40 - 2015-03-22 22:40 - 00000000 ____D () C:\Intel
2015-03-14 15:58 - 2015-03-14 15:58 - 00000000 ____D () C:\Program Files (x86)\GSC World Publishing

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 22:22 - 2014-10-14 20:09 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-13 22:22 - 2014-08-14 19:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1636333039-1815882301-1343469147-1002
2015-04-13 22:17 - 2015-02-09 00:11 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2015-04-13 22:16 - 2014-12-17 19:56 - 00000000 ____D () C:\Users\novot_000\AppData\Local\PokerStars.EU
2015-04-13 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-13 21:58 - 2014-08-14 19:34 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 20:08 - 2014-03-18 17:33 - 01876072 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-13 20:08 - 2014-03-18 16:54 - 00781270 _____ () C:\WINDOWS\system32\perfh005.dat
2015-04-13 20:08 - 2014-03-18 16:54 - 00175510 _____ () C:\WINDOWS\system32\perfc005.dat
2015-04-13 17:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-13 13:54 - 2015-02-16 16:21 - 00000000 ____D () C:\Users\novot_000\Desktop\2. semestr
2015-04-13 13:48 - 2015-03-13 17:12 - 00000000 ___RD () C:\Users\novot_000\OneDrive
2015-04-13 13:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-12 21:13 - 2014-08-14 22:25 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\vlc
2015-04-12 17:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-04-12 13:28 - 2013-08-22 15:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-10 14:20 - 2014-08-15 20:08 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\uTorrent
2015-04-10 11:20 - 2015-02-01 22:29 - 00000000 ____D () C:\Program Files\Defraggler
2015-04-02 23:11 - 2014-08-16 18:34 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\Skype
2015-04-02 18:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-30 23:47 - 2014-08-16 09:53 - 00000000 ____D () C:\Users\novot_000
2015-03-30 13:17 - 2015-02-28 23:43 - 00000000 ____D () C:\Users\novot_000\Documents\My Games
2015-03-29 18:27 - 2014-08-24 22:34 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\TeamViewer
2015-03-29 18:27 - 2014-08-20 12:44 - 00000000 ____D () C:\Users\novot_000\AppData\Roaming\DAEMON Tools Lite
2015-03-29 18:18 - 2015-02-28 23:08 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-24 19:01 - 2014-09-29 21:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-24 19:01 - 2014-08-16 18:34 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 18:59 - 2014-08-15 22:23 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-24 18:58 - 2014-09-16 21:24 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00271200 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-24 18:58 - 2014-08-15 22:22 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-17 21:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-14 01:03 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 01:03 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-14 01:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-14 01:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-14 00:35 - 2014-10-14 20:09 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2015-03-30 20:02 - 2015-03-30 20:04 - 0000395 ___SH () C:\Users\novot_000\AppData\Local\70149b02515b3bb20dd492.47983420
2014-09-11 19:11 - 2014-09-11 19:11 - 0001480 _____ () C:\Users\novot_000\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-02-02 17:05 - 2015-02-02 17:05 - 0000017 _____ () C:\Users\novot_000\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\novot_000\AppData\Local\Temp\Quarantine.exe
C:\Users\novot_000\AppData\Local\Temp\sqlite3.dll
C:\Users\novot_000\AppData\Local\Temp\_unps.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\novot_000\OneDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\novot_000\Desktop" je 245 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#10 Příspěvek od **Márty84** » 14 dub 2015 09:01

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)

HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDFJS

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14 116648]

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Windows\Inf\mncblnydy\diablo130302.cl
C:\Windows\Inf\mncblnydy\diakgcn121016.cl
C:\Windows\Inf\mncblnydy\libcurl-4.dll
C:\Windows\Inf\mncblnydy\libeay32.dll
C:\Windows\Inf\mncblnydy\libidn-11.dll
C:\Windows\Inf\mncblnydy\librtmp.dll
C:\Windows\Inf\mncblnydy\libssh2.dll
C:\Windows\Inf\mncblnydy\phatk121016.cl
C:\Windows\Inf\mncblnydy\poclbm130302.cl
C:\Windows\Inf\mncblnydy\scrypt130511.cl
C:\Windows\Inf\mncblnydy\ssleay32.dll
C:\Windows\Inf\mncblnydy\zlib1.dll
C:\Windows\Inf\mncblnydy\bitstreams\fpgaminer_top_fixed7_197MHz.ncd

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

NOSKILL · #11 Příspěvek od **NOSKILL** » 14 dub 2015 10:01

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2015
Ran by novot_000 at 2015-04-14 10:53:54 Run:1
Running from C:\Users\novot_000\Desktop
Loaded Profiles: novot_000 (Available profiles: novot_000 & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)

HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDFJS

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-14 116648]

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Windows\Inf\mncblnydy\diablo130302.cl
C:\Windows\Inf\mncblnydy\diakgcn121016.cl
C:\Windows\Inf\mncblnydy\libcurl-4.dll
C:\Windows\Inf\mncblnydy\libeay32.dll
C:\Windows\Inf\mncblnydy\libidn-11.dll
C:\Windows\Inf\mncblnydy\librtmp.dll
C:\Windows\Inf\mncblnydy\libssh2.dll
C:\Windows\Inf\mncblnydy\phatk121016.cl
C:\Windows\Inf\mncblnydy\poclbm130302.cl
C:\Windows\Inf\mncblnydy\scrypt130511.cl
C:\Windows\Inf\mncblnydy\ssleay32.dll
C:\Windows\Inf\mncblnydy\zlib1.dll
C:\Windows\Inf\mncblnydy\bitstreams\fpgaminer_top_fixed7_197MHz.ncd

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-1636333039-1815882301-1343469147-1002\Software\Microsoft\Internet Explorer\Main\\First Home Page => value deleted successfully.
SwitchBoard => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Windows\Inf\mncblnydy\diablo130302.cl" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\diakgcn121016.cl" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\libcurl-4.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\libeay32.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\libidn-11.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\librtmp.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\libssh2.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\phatk121016.cl" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\poclbm130302.cl" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\scrypt130511.cl" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\ssleay32.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\zlib1.dll" => File/Directory not found.
"C:\Windows\Inf\mncblnydy\bitstreams\fpgaminer_top_fixed7_197MHz.ncd" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 445.2 MB temporary data.

The system needed a reboot.

==== End of Fixlog 10:55:34 ====

#12 Příspěvek od **Márty84** » 14 dub 2015 10:17

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

NOSKILL · #13 Příspěvek od **NOSKILL** » 14 dub 2015 14:57

Naběhnutí do windows i s načtením všech programů běžících na pozadí po minutě. Myslím si, že na moji sestavu takové normální. Jen mi zůstává na systémovém oddílu 10 % fragmentů a nelze je defragmentovat. Co jsem si všiml, tak třeba u torrentu nelze defragmentovat soubory, pokud nejsou celé stažené, případně k těm souborům není přístup.

Děkuji mnohokrát za Váš čas

#14 Příspěvek od **Márty84** » 14 dub 2015 18:02

System s nekterymi daty nedovoli hybat. Obvykle to jsou treba body obnovy.

A ty soubory, co nejsou jeste dostahovane, s tema by se hybat urcite nemelo, aby se to stahlo spravne

Nemate zac!

Je tedy vse v norme a muzem tema uzavrit?

NOSKILL · #15 Příspěvek od **NOSKILL** » 15 dub 2015 09:40

Určitě lock, ještě jednou díky moc

VIRY.CZ

Kontrola

Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola