Kontrola - procesor i paměť velmi vytíženy

[petr_xxx]

Dobrý den,

prosím o kontrolu notebooku. Mladší bratr byl na mém počítači a když jsem k němu sedl já, tak jsem tam měl nainstalované nějaké dva programy s čínskými znaky, plnou paměť a procesor taky na 100%, ventilátor běží téměř nepřetržitě.
Ty dva programy s čínskými znaky se mi podařilo nějak odinstalovat, ale paměť i procesor je skoro pořád na 100%. Stačí, když si otevřu dvě okna prohlížeče a ventilátor se nezastaví.
Projel jsem počítač CCleanerem a odinstaloval Seznam Software.

Zde přikládám log z RSIT:


Logfile of random's system information tool 1.10 (written by random/random)
Run by ivana.novakova at 2015-06-23 13:06:39
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 215 GB (75%) free of 288 GB
Total RAM: 1967 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:06:50, on 23.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Program Files\trend micro\ivana.novakova.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91284697_hao_pg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM2320 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM2320_MFP_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [Firebird] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe -a
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:26c51a6d273160d6ce198e1ca6da2b89] "C:\Users\IVANAN~1.STA\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://player.abradio.cz
O15 - Trusted Zone: http://www.hitradiofaktor.cz
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=1058
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = stakoplast.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = stakoplast.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = stakoplast.local
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: QQPCMgr RTP Service (QQPCRtp) - Unknown owner - C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16350.226\QQPCRtp.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15728 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 28539296
\??\C:\windows\system32\conhost.exe "-858077567-286562755967747117-38116129-1607249873156473950-1468746173800167740
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
crypserv.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\hasplms.exe -run
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\windows\System32\svchost.exe -k HPZ12
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 3132
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" "HP Color LaserJet CM2320 MFP Series Fax"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\cpuminer-gw64.exe"
\??\C:\windows\system32\conhost.exe "1563701405-5666557723507374121640982370-1780601929861455087917752605-1065412013
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{5668BDE3-49BA-41A3-B5A4-1E683C9EE5DD}
{EDA10D6E-5E28-4F9A-952E-2DA03178FDD3}
{078CD52A-B148-4EBD-85C2-2EC2A5A1EE50}
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe" -a
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\windows\system32\notepad.exe"

"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1216150944-3253024930-2114404105-127849_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1216150944-3253024930-2114404105-127849 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\ivana.novakova.STAKOPLAST\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\5af029a1-750e-45ce-b8b5-ef87ead44f29-10_user.job - C:\Program Files (x86)\CinemaPlus-4.5vV21.06\5af029a1-750e-45ce-b8b5-ef87ead44f29-10.exe /rawdata=CG0jNK3r2215XocOfRShKwg+n6oimQzbQYnOlez1wskiO64e2SI/MtKuTgoJG0TswZNYHOKu/WqeqXGRH2ES3ml31v4aouAaEhAxz/m2L/AmNmV3Tv2hqygrNAIL0K0V8tqQnnfZ63xTZHK+nlXzVMLBqX9MyEC/AITcga8GAxUm8JA3uwbQAaP4mWVnOdNTmzLbURQECO2JGKOP1dJ+0q+bQn/RqGcM4xVYi+pSFEis3KH3z6B0IRGpHRxedOvkUYd2l6w+rvKVfzEnmEzInNvaaxspZ26CMIlsPhxCp9dF2sqEv9CJsyJ7t9M09C81GspHzi/+S0fI+WsiQGjKpHN21dkZG62BbM/n5CYvIojyWrSKJME3Rl0cC5/u+DCGam0G0CsDoHI1Ok95SUtcbcxg0FPlNW7QzPv9fok0Q2VJLspfOjeZjzcOzOgqmuMmB8nV8tUluigwvAWzDTageRs2zB/BQJ4xKMvlK7zWQ8JoN4yrLAv06maZTEzPPX4aAgj48fHeqHQqIE+guKqI1zqciwM5X1g/TM7ZTT+QeS4nc1G4xR1/n4h3FMYsdUmMp5x8ULIvrl43nv1UJUxMTgbcXxe1QN9aAogdV+5YLTT/4PwxhBRzkBExMDIRVCi5obpHucKaB/uox9auSCV9Iugp2y1FJEfAgvOzRtNYP86ea/5KMyzJjDSFtxv7KREB1O871ozj7lxevMnEcqjeyneRJ+VzH+Qk1+CUQxVVStocnk3PXzjLCUkqBJoE12qaE/8tJUWcxRj+wXHf5PbXyiocbII49fFuiqhywX5uNZFC7hxHXJyPYcmkGUVcR9Rx0GFkJYSMUNJNTZr6J5i2qQ==
C:\windows\tasks\5af029a1-750e-45ce-b8b5-ef87ead44f29-3.job - C:\Program Files (x86)\CinemaPlus-4.5vV21.06\5af029a1-750e-45ce-b8b5-ef87ead44f29-3.exe /rawdata=Y1MQihjwlheeS9FuOUjw5L0eSuyDVUbej4TVrdOJe+S9s+RL9jX5s5mgH172PM2I5QcopZJblx27zrKMxiMvaKAAb9/+RAfEKi1y8GYIA3pRx8bjt/+/cGW7jvr4NXMowM4EMmFeMUYqY2Thl+4euWErzqyc8RfVwwS05YcOU2BldL1PeQaqXWv51NfpiZk8DdDURH5zGsyEIv9695rLhpXIywxOP2Aa373ItesnC8MdvZrWPeHv1kvro6XBHvQzWHEaEgmT1tc98BZbwBy0BbVl2sCFkEN4n966LQaX/LxsWoWD0y/5EvdmH3wyh2XbEIQ+U2WMr1VUryYjbFqQGznFmqfVm/067KAd12/AmWiDjItZ2T1tUVGwv8m5FZoEVNBjeal0HMVhsg+EblsqIVTVJ9VBs9uV97EVZZbry4M+UsCzrs8b5DehQiZzx3rCEb38GH+pz4WwgUbuD+EJec9uNdBZxWH8VvjPTYcM9rZBaCMvKio/rPph1L4+7wBHbvoU+QWJOYyZS2Pt84+H1VYFt9A8e2ORPE5ZKV10bNmLb6SnWOqw3lB/2W6QrTyRTzH8UA5Mip5jXcozwrxQIgL8HLdIKXTiZhVJwOzsxwns3LJfSHuUzbzS8VsisG3KGGSNuUnEaxfUAQugRQZAzcMZ0IK1rii+yzFNo9DFpWRCvxSfF9uSmf8I4G0QHjVEvaCvZGB/Huqlx3zth21P6nwExuGzkNAQ0sDyua+7oSxCaxG4xmeKN+MmrfkGgRG0PA8y3dbBdAYuHWKbCRD+eM/BDrtB/Ye26btJUfYnqyIR9HK9P3gusOKPR+Kcy0JF7TBgo3y+0zbHL6vdPf4D3gUEW3kaeW43J3qt2pWJny59epf0Z0/LS3t2Z1H78sdqd8OAe7aQMIstXvKvKoq5pnHQhc/ORR3b3CBodnsmmPPddc/l4KpWzh/BuWtf4oFcB/4LGhWsnsUA9pR6KH3JTA/wjrpwJW6+9zT7lrvxV+ZqRXO6lbDGegN5C65J7WjDoPMSKapIjWawJfjtd/UlVNagSICbI4pYkw1TtGd6QFDx4vKN/pwsVEJs57anWoNqNW1YdPiNDjlMhClqAJ3GcAkKju6npsD/W/luXyXHO1nVdmwojiWQhjzS7OP3lfRjxIifAJIPYKahrc1Syr4QY8LHHudS/NURCUvbYl5ZeWcq29dg+KFqU9eFVpuQatmOt1I9+/mSebxb5mCRQnqk+uO0alBsbq/GwLTeolBLlD+lqsjjSgdG4qxxP3SsCLI7M7f1/L0WDwgau4jJB4CQpC8HR0ZKTdJA6bQaukxWfA7qC7KfvIdampVqLzb7V1yiatqyekN+wZxHkB0vOTXR7i5nxGicPW6cbpbnD9w7hP0uH1VYG2C0jVDWNupnfxDNAlxh+tvxWL5W1RWvg7h88xh/B5BPnt+gawUH2yRYggobSVVFbv1GVpTuedANo3/RG5hejodRUPD6LswlEfES2++s3aW5g8lDQ/llUH+C/Q1DMI1vy52cHE5bCMfI3hMJKrDHzyLeR+N+3sNq1jhRpQtvDbKDiNeUidKc1SXywoxH1gVxYfktpKXddbHls+CQh3J+REr7UpxUUHoQDQ4SsQ3KPkSxnNyn17Ljh/mH+GZPYHHYESL+RpGi0Mc+zFjWV8uSXI3q1db3udSV1mcWOAOFGCIYBuB0bqyRI0pvAwJEgMJN5lF9Mip1d+9/M4iW/EUZ9G/ZZKQfyaysA1t0r3duJ0Okm00gfFM0ZOUHPfhNzrEoOwXMJJj93wOSTgNy81kVsTCIVL8fXbAf3nTrX1JSb4N5sapfT8OeiPGr0ruq8Lgtj1O6iTDud+z9ixqLH2IBjj0o88PgLMPszAUvLi15RylHDRdhy4LkwKFz7D2GT2CM9MQOoG20N5uoRaftK0CW3JAlJ1Qjkni/sEBmTZu9gqT9lSk1hntqJLJ44/Cs8hivlMVu55rE6add6Rxwdpg2Rt2QZvEWVg98zMjJCAnWfcSKtK1IzrC5nScbdy4bdSVknUPcm8VENiafMlTA
C:\windows\tasks\5af029a1-750e-45ce-b8b5-ef87ead44f29-6.job - C:\Program Files (x86)\CinemaPlus-4.5vV21.06\5af029a1-750e-45ce-b8b5-ef87ead44f29-6.exe /rawdata=o9xwt1o3z2smBh7dA1Q1zZrjq7AiFw6ZOVHEvnGUivwJFEFmX/++5LWOV90jTRmtlDPdN+wka3sBQCMm/wYLXP1Enezh3WzQUy1cSVhzuZv0196idda/2N8tQFL2kgvSx9kgcw1LaYKHO9NADQsQVmkPaFEQ1uqvxJvjVSZErJGpCmg74QL6wuEJ6Jt2SjDpZAo52WKO31JOX1G/dns488h0Au69TrITkdy1kBypLiQ22mr0/dAHs2xGvVukgc7PhS4s5t8HVcVFiWD81kho0obhAbmXN9Fer2UwDCkvNnbtsZcN0beHDQKayvY/U599h4Xb1M3L86Ee01zZwWamCliX+Fbp5za3g/X6SIfqkwEFxhTKJYd83FDLanntHzJGaZ75uPU94/C4ZWQ3iHHlSNfN+iF+sEB+FtbuXPcBOFao83bRdsSrC+RVx2rNdbslOfzyO4f1yWmCl3F8ayuvi3+ocvVyTlG6R4ZWVz8kGydkN0ylHP7Vz0gm2883gWDJtCc2SpFhKGvCoF3pV622hfKKCoeL8viYmfQ3eIUu7Cy/MHyL7WXF0FJqxbx+CGkLvrxeEj7lgkozQMiRmwASx8ZS+/DvGM6Rh4J4BV2ZjLh9PGkoJ47FUI5dl43gcE8cFoDzqaRvX6bRJJK85CZADG8cr9dYyuDbqHBTzbTZTOO1HccCzkKNWd1R/JfaIX2ZArP80YwKcryEFemym8mtZTMM2n7hU14MNdf7NLOIWy1cG97qL6SiKubtANMtxpjpbuwqvks5+BxTfAAL4Wvwoja3QgmK7Qo6fTjn6tzCe8I0myuVrKfQ8/ZZixaVKBfYYxVdGuctbZa76lfEu5f6fqeqKPQSp8OfRORvuHlRL+WRmfLtQsPleUMZhLvn4gLsXUYI9fjo0ckHifnLpbTUnzx1bh8Cn6mh9NGaoWTR9VufrPic+DcYM2gd1SSLZ4RQxNv5Jqnl2HC+flbPv+da6AhVQB9SNxqhlCAWqTmh5vDVD8Fq1V97gY/75Uuz+g/wNdaaGSzT2DL2M1z5gba8JEDBZa70djFXEsSR/iEX45MgYNlCyqY9B2/ohb2F+j7wNSWbz/EHqmbDVdg/ZiKohCm3gRowO7Pq+5CqVlJ5Nbi/bxmq4hvG7qWGeIFKnbA7wKtJqqs5SQbdj7Wf1g7n4ZcMJhcEo2acWMRc7Et6ny+8jPF4ss/sIUnyEE7bz4cG7Hc2eIzqwkEe9/W1GwoqekZwiq0hU3iiWACkstd5yT9iBisElRC/DoeuKOJsSsnlFrozVMXcIItu0q+JgV7SxE1Q614xHBYuqOrCBz/xWi9xUBYw7gP3miy0fqoGX/eovUrk1VLeGJzEy8bXPFD3E1uybvj8/aKqyR3Vd/U6JNJ3ZPRQPztsdHAQF3/Up8g6AxZo4MgWlMSV2AREolrqpGYKODQ8wdFX0yrE8+QscOETPAbWsZtjEy6Oa6QX6NCBhOsnqho0u+LGDboUwe0WDqyhXsmtnwyf9xTmdtJqdcAXpwPZGkaeRlvzboem3rYLEAh2E1SoGggJcx3DVtJv4mxwthUK0Sx3uojcIA5iaDRJIGPOcDKUsPfNJ37AnOkc08BBrj7inVcrTlw6fQw/BuDPY88BNIJ4FjrBKyuHYAowqg61At24tiClDbWn9hSf0yPY2XwxLlGVciEKNGUIKTSS4TFp+GaAqAbCO8ynoEUx+fSUnHpYtqK2lHT0SELFInMfgl8IHCPnA3JUVqjgCJUMFxMrfTj6Dohxz2eUc6U0iPQcHtRgnylMvzHhSvrV0h1bS2xEhXTi1vktsfYqRkmSiv0TuwrY9nlYS0VOFcP3tBsAPVeb9g3sh2Q93ronc/b869btr2gTAndj75w6CyPhwsC6O4Uss+Jz7qe2kUt2G9Ka8O7VEGmgv87rNn50w0BA0HjrlssuL9bK7ki6OiN2qJLfZpE6pwMa1Os/eCiNDjcBrIXB9QKT1eNWGQejkIiHKcxW0Q6YBKhqo/K74WRISuFWMkaBSh1NMPFEm4EFu1INIATtJoqWfo6cvMQ7n7PBBg7WIx0wBZzAvkTLYgXDVjetaNLPKyFYrA785DhqhVinfFuhGxvtvMiQ22+mzPmbCsJdGvYGnXrC9Z3ItJaFpGT74B/u0a3V0bEwDuWY1U6cFVzVQ5DQCs6cvT5wT2QeJq4dnONzUj8KSOd/Ykju16v0QXN3xy7Inh4rEBG+TATvPfWCkFHuPFQIbiswSOy3f6UsFSugvxXtH9H6BygeXUZM/mwMGB/SpljPQVkkl5xX54J3SFlbHr9+56c6yc4LWMP6EuhDus2ypbGtuUOCmla1/cb0sgy7LwKZlw09OKcUIYrI16UrNmJ/MiRQpE00Ln3Tv+gK05f5Osp0pxFDtt7nm8PlptaeeimC2lGfQYWZ2O2vcn47DKfgPEM3GL9EZHK5JN6Dbh5FRVjrDF5OJrG/cgvkrRG9l2EOv+xuiiHHTWjnfodgr23NPLNh3up4WcDZD5n/N6S/XtnKVFO72H131vOCFTViODX8Gm5QUKhGSpQs7JG/aPf9sxQn
C:\windows\tasks\5af029a1-750e-45ce-b8b5-ef87ead44f29-7.job - C:\Program Files (x86)\CinemaPlus-4.5vV21.06\5af029a1-750e-45ce-b8b5-ef87ead44f29-7.exe /rawdata=lB9yzPkXNQd893M3wn+Ob5geOYhcsZtDI8336QgRlwsypudk/tFDcTRVrmXOPVPpeUbX3QoFADpoKobRroHhQlgp9R4D/YQN2uhXpvW65kdHOLZscDyygV55GGWSyv99lmpXQ1XxzJWV68Poyx3wELddW7vss2Mm6hH10mC0YH9rIs1VkgRNhuto+c1wRIknjeZUDpnkU+UFPGjb3iH3CVDWvF0KRJHgXQ9thRDu/UELIZ9oDUyd1JwHtKuA7whhXip1dmjf+v0RkNmBU4NaFgzctdRIdVj7EuzjhLUAVRR0ijzvl6Ih5xOFUpdOadZJ6l6Q2YkGTlCXmkvRwTmU9SiBf70qNPUpd0iV7YMYOL9oqLmBa3bAsxkuxs73w3zNnLCah0GJvlRn5eGmcKvPER4gAAwU9W6y9M3+FIFWVMpspI1yt7LrVFJ747MVW57MFrRzSBCw8llNg3WyXvphsl7PHTlgn/Xchk4ww0mXrCvwlylWvjJjJ11Tg7SATmtMLNcpdo2nBH3g1v2SOhjwHLG5mqiDuH8+od1VguMiz2C1yUPsYXv6MYvgC8gNpcgUQqB7mfaCRGXWN7MdLA8U7XT4r+WgEYrjIsU5JcLYySrld0Nj1lNYtsjq+J0qZZVztdmmVe3I5dYAO90D3tg1l/rjlMAb+lOsxBtBpIkPI1Q0QeAVP8Kzu6kLcvqTzvp/PyWMHst8wGzPiHqaXWi02HbC5o2s+9EzvTvJqWtBliIo2Ui8AU4o4x4DzIFJl7xNGKyBDxciU7jRvi3yCqODSv4cBUm5Em4vpdvK43zJSAPGac/FfebjhO3qj99BYBSqaY1y2sHOeNLJ7gUxvEbU08IFn6jSSxQWhMvGWaxi195z6dkWRhEa6u2suMwue0bw1TTuGvf23IjpoYV/zD5UxTctFfZQLIQ4aE9Gq2GUH6g4gA39UKVmSMWrOc2yxuWV1mA5tFahgtLc2YJT+n7fcyfH86xJ1Ix+LMd1YjQsTRDk7K5uawJhr8IayFLW8oj4vvfKv28Rx0+uD0NW8d0Pqfgjziu8dfIdsMbDtYsQ3u6Vufj6V1y2T/aYiN9KSb4iDkr1rUXybheKV4C9X/ZSWiRxNM4woJKpzXuQ4XcRz3MQg8xqTEUPqNhDAG5rkYur3xVQm7G2jf5p210L8j4tiDynbFsD8jze+m8kdeZahV8vBDmYTTD+8oJ39AgCb8bJt0z2ODX3fFzGkI4OfsdvoPyi8gdbuyeh9tT+qMsx+5M62Mfagbb5fJxh8tjMJxgHo4ZPhEX/O6sAVlKEnawJHLAjpODyFuuQcnwD4G2lNjhSuN7JzjdrV4XyYTkoLzv1wh676DxZfnxtqxttt7H1Oy+4+vJ5B9hKAwZDqr/8Wp9S2VHVvs2wqcJymUcjCiuBX5LrxQhK5dC+RyGRDva11Fr3DehQOnSOXt0fMz5emqtAdyDeYbWurLTNInil7G6+DQLP2wlTyNsYFjM1EcDObzoaR+frDSFeQwhVu5V3k8dJH6v/+5FVBEITth9/Cwp8KKFh+lhGVVWyb8kAMixHZtQFl1+2/RLsw2/NXT8qA1VXjUKEslmQ49/us68w5TVdDyx6/5pqPUfpAWdgIkzqOF5lVyzR+hiA15iLIbXHeWnNzvDlVpezAR7UjVZYhe6/BEBvJdRGPyxvRaqnJ54wcNqdDlV8ZNZMsdS9DtWGFjEcltUNpLB6YDkl+mMP2joZWBXyDgAS0EI9vxk/rZOu91dib6FoXV9Gvpci0/nWifTyIiLgblDz1vP56hmzp1FV+k/0v+ozrgkpugzWZtfDCCwd4T5jAeh5JVcNCPR8m6i98IZHA5Zs1qPOtlrPaGth1duNuNA4s45B+M6OSDvm1LWGYlMj4cNjr+dLqN3KcDtpKWrr6cNIeUJZD8+STgI99xLGk1OhiUaF7Fvbml3ZjLomoDOnprder2fei9WfWlp1HzmyQv/TI8siVZoz6ov1QfI02JB/aX88H73TMBjLTf7Ks5CII7o5RLX2ngC1ljDzVb/ueuv5L4SXU8l7nfDED5p8WKd29odaF1QCwfXrkLrF+Hc/ArQx62pa+MBSCRbGdwMMMQ6oBzsIXCadP5vGV3481hzaxTkCducXM9f9m1txQE/HE5CB5EIKO/6B4LIXom4s3o0ecd+7fvpa3V4Y8ZDC9xXyIFJBDPfNT+FQt7EyCnssl38X5EOqqZ2HRXqfpbjkb8dbSpcIcKXi8MGr8TUg0wvH4dgPAh0QXWZBnrd2yAbxKrX1mcoLbWM3rugPyUjD8KkvnzkctdCglz/QMCqzNlOnXZ5myOq5A0i3ZnaIn9pwM3S/iL941K4MNPdTAGxB/Zi6OqIfa2DR5OnbbTlOfB1oOW9O/dkCQXx7cA==
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\Crossbrowse.job - C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe /rawdata='jDVjwAKPV5yILPYOgYmivtg96fqAI/ltJsz2JZAIZQhFjwQhPfOidPsaeKqqTkGs69YxSBt9ulg7MvKZTW3fz2//P+UEZCMm2UJ0fR5tYm7/IUtnCZEjHU21ftnXXbRP4xvnh8hXTsDzmXYPvzh0FJ9Ea+ocL+XsCW1uEBbW7TqCmwEk/toleXMZHlbiTnXHF5p7KdNu2uT9TsADnjbrQPLaRRscifs/CJKWsGXpt5a6J2Y9dc+9VpwMhBSuXm6SBgC+5yC2DkTbKGWhguVw+KXf634dYTZbUoypqdX/2K/JuZ8Lg3vQ+p0Jzv9M8cmYe/DvnX6A+nKB5fD8TF20Fw=='
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-1-6.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-1-6.exe /rawdata=mH+gs9mLrJhhXWnTEWygaAU8zE9bpO2ofwB3HHXa20kAKT4jZxBnN7kwGdJ/ddlptUCzgBTxaGzX6nngcF0ykSCwnNaMVz4bAlD5sLqaDDbhsCC2OHuNwO8Nna+TPf3CnbZ6S1CcxDqOA+d/k1hsMv9fwjbF3FFl+d2XwMmB9lxFRPxIK+8DW5x2adVqaG5oj6KGGg4/ExeC5RnxtS7yxzfOewtbxKiE2DyP9H6vIUnSdz79PTJnkGHwQ5M09FzuS3OEaJBAxPNyQM1TBrojXkU0SKe5N2QM9HG+Ck6SaGGFefsc4uZtU5VNr+gycHftOHPVQMg11e2O0t0mz8LQc0oTqjTJOdSTufxQThP1jMKP94gEkptlcYA3MH6oVJtWJ6MgXNrGiGDQfJBYP9Z6Rq7SZl9KX2ymHWZ+5d6dyZoadTEeEHRoJosPam+BG3PVdrZjmr0UaJi0j3OeBgB9xT8zJsnOf0jVk4BpN3ZjW1wjyvDyIn2SqQZBGmOom3ZTWwLZWSYisaWTZfUYRSZTaMFSkE/6ypnXdYLtKhxZrwWHcQgC/Nc//EhyFoTEJvoXJh5SvNV68EY6zoLpk21aa5Li4E7oBq3gdM84ovIabLNxhu9yMHWv9oV7bWNv7n49J6cARuD4MS/agrBaJevet9cnLthtIvZcO/6hB0HwkfyPJMlZljsBqML46uRyZYVNChP/e1M+yUS7vIvIubLD0/XaU8zcdGzS6OTFai9gHKRh3sMkwdfEP44rbLPS0vYaKcx1YO91HnWBnaXj3A3dIvpPuYG+fSh5zIeFROiqtsrZSvZqRsm6KBnlHVzyt1sbJLa0xDkVd7ade5iIptEh9TMbHh1wwdXbSn+lvT0AC9UBWLx50E4S5g1ttWhn3dxBW5Hc8peA24Wxs5z5sKfX60L9vPEpCdba8uuMgvL3lIfBq3CBOdQhLOo/2i5Hlw/hiB90iR/1zXc2g0maPKQBrjx9yvif+wxfAeqcBWK+4KJXpdOYiZ62SJQMlvWJnhS6D5p8WKd29odaF1QCwfXrkLrF+Hc/ArQx62pa+MBSCRbGdwMMMQ6oBzsIXCadP5vGV3481hzaxTkCducXM9f9m1txQE/HE5CB5EIKO/6B4LIXom4s3o0ecd+7fvpa3V4Y8ZDC9xXyIFJBDPfNT+FQt7EyCnssl38X5EOqqZ2HRXo74TVedi0EDyw3p4qIR9A6vfqzGOj3ZdGm3JbusU56ljxdD7LovEqGWNxRAo5/I1xxtCRK+FYAI5BC1UjzQ2hIB2pH3uB+32knpDeTMBq7v2NzWHlN9+LVt8XfwruuRSDmVnGuMDmVjUZvBenlZ3aiIYmw2cou9eT8le1lUfBJoQ==
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-1-7.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-1-7.exe /rawdata=THDamy9s97z3KwjWhTB7xVQ3bkE5eheYcx0Z3KkT/ogb0q1ysA2V/Bk28ToRWIo+0PXX41IHD/icY5M2GbL/BWJubHkVYsytM2Q/lcpj/h84OpNJ48xXM5ZGUqxJ0h6IXIwdRqptwt6Qp0pEmTUXqNzZz17tWOQMB29K1HrWpRIiO7CLy807y+OHXznaLmR4DBC5Q9bVAjgwxfJiRgBixz7yeuiZlLc0Hwqc5Vdc+h9nhaj/9H5sS83+7JDEAh15IgNuNqlmUAJ0QVuBjP/o6ZVXBkEywrm6/xABY8q9ogwqJmljhH3xC8sKHwV8XG0YTz5c32ROmwWjCaHhgku0GYGG5aHmXO1XpRDxLFAes58zYn3uO3Ny7hfosEHBKmR1J1DGzrjO3QfXAobooLi87c4FuHhNC8+JWfuMgys5YUsGjLpL4glufpaPQxrlEeIiVg0CAbRzNZaMX30GsVRzrXhEZCdPLGVd0z1IZPRZQ/PC6qmRlqbuEcPZ3/Hte7qlGH/w60CcdvKlnmj7HtALJ2z/gaZtMrOPSeXBbLraHGbfNn/Q2FjMFwnBjpw9JtEH1B9eJC4V9Pnfr9otU7XVS1t7Z7w77iQp6iUdqBqyn33ytXBJgpx8vMGhAQO7il13XIf4mznSolescfTyYvyE0poo2i2/7+TudGaiOq2vw0Agq+9XxsgPoFYW0iYhYhHEZLLqCGcHM5uraxOnHhUCELVxE+pKNTQmKf/dGCg8xAJR2lAC6nnhBILgA9sEapEyINTdKocKPrGvUqzt1ORvO+kljE4i8l+PlPvwsbsIUuGFr9Ztx7E2Pq4/7GL6nCad3lATh74rkZywxAVrGxA8eFnjpzvYCc+rBBZyvWCyXK7nGEnIeOxPGy37Ne0IfzUUOuqvDqPFjOpYvurimkgVrT8ttu1Z4scuNGJE1GDPgApFBBwHEoToLKWSvKkpDy8ObtF8dFKe0OZ7RX2KA+cIYnFqh/dKdTan3spWteekT8tUOoiP0OqteHDAPOr0FrTQDpILZmnqG6Uxub2RkVZOVvbnJn/sIt/voCFN6Gu1kr3ZqHbL3LTjnB2OqFOfq++X6LZhlXmr4xCKv3Ykq6qjAwRWKVdSf4NzbnVtcM8SeIj2cYPONzTyiPl6m3bD3Ru5yQiwS1h/+/Nl7FoLjgFP2LGw8NnKolVnFej16edarhhNUIOaj/ymfz2CVGNaLTkzI43oIAtqqwIH0vrHg0RElCuEyhGgk+VQEIMBWagIDsmOuhbOosXyVIIUSqvl7wOmAeI7VenjmlHhViNe8nPe9yoA/Yn+PB7ixH2vSxF1+9GXuR1BofKererWtby2h1EC+SK93OfUmaEn1MP+CYnwq8Efica2xEYAeGI824qzdLmdUm4XMnPe3bDzgyGZOCisiZCN6RTyV0sS8mmm0WIorySRXw4zlBCF67jK6PH/nFu7/ZtKag/ZRPAYiPTpbakf/gIQ/B55zGlH81ngoLBxc8QgsqULevszz4jROjRqSmSyW/9XUBLNrOJgPKxjootG
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-10_user.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-10.exe /rawdata=FVceOwLrQJdBH130H85ZmoE5s9aZnkJbxs5weMWp9z1CKFbgX7AtRcwrel4YbkT2t3yiRG1xo+/T0aolB4/SrzLPAyf5RAnXUm3cFHB++gDTGVdv6HQuizB324BTw7/4JZbxfrhzoU/4GRBJ7Qrz2g4201mAPRjKxcr64Blfx0om8JA3uwbQAaP4mWVnOdNTmzLbURQECO2JGKOP1dJ+0q+bQn/RqGcM4xVYi+pSFEis3KH3z6B0IRGpHRxedOvkUYd2l6w+rvKVfzEnmEzInNvaaxspZ26CMIlsPhxCp9dF2sqEv9CJsyJ7t9M09C81GspHzi/+S0fI+WsiQGjKpAO2Nb/adtXxiIu6OTdH1Mbv6UsmDcGv7PUJ6hyCDryw/Gj3iutaktbO6zCQlNpO1DubrgY881/WG0i04VQWSRE/rJXnCzkH6y6Y8MepR88eh6Dn1hEQGsvigVk/kdkrQiKoZNa3CTzAvQrosl5sCo+MA//x1Zvw/4TF+9+JhYnOvnojy9er5KEq6B3YzXSAF8gnNhXAwB9kmkt29owTWmusB9EQfmdkFon3yUf06KKomtijyc3lOYXibUe5o0Mr6VBQRjtrJiB6sIhII11QzeJxRhOZPoBj2dPBn9/Xm6rGpYzrunm412RQbckQE+6Cyn2a5U2W5LyI4Bod92QIahesYAjL8jEBQ3/JriReTJ65rCH+j1NmL7wlf8gBWmg2I4woCjzT//MsS8crN+XwdXtKCrnZ/IYy6VvYbtusg1MiFdU8YLDhvRNQQtDKtcTHTZEwCs/hsW1kxveBRqRmFS9juoIxlLcxAOd5HW84JavqYBHmHM7oanyJNLfFMRUw8A==
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-5.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-5.exe /rawdata=kv3jw7ftSkOPCntg6E5NP+FLu7fs+pF5wJPjupDi1Dyq3+vAVFhrb2kyrKbXAWiEpEJwJVF70sXgvqnnUeWTXTSrH4zEzVlJyWTkXymYAEUp6UFUV+MokrwgAzCjf9nrp8WOVUqrAEu+vnH8h4UVQ5KRInmzjq8HHtGP7WGSh/Z1DoRoti1PivlovhYFRdOsLRcCi5CQnC0Q+z8kEM+jAN8XcuxnNseuAKle20PFwTgH6VsvnVL4zIA8kfvKqTBhyTvn6zOFGLmwS7bjzr3w0FpRaphzRnw23ENEY23dRv9pQlb6SUyod+4KxR4I88YB48xGd6+JLcXffJGqlxfkrAa812Vqd4cIq2/UrzWGz787v5csYaLZmO4GGC3xBaU97im1Oezsj6E/tEcw1QOpHcbNtnFFNpqY81IEBnp7YY70GxjJh6aNmoqc0K9zuQwIQXKrgu3d+hBeTCWYZhJKk/3MCRd8OVWWNfttCly+eUAIr19Gd300zSaKl/WXWXbkqK8a/csZ/UVIc699riyBOnxaF8vQNzg/RLivEiuDjE5FNHknMcVhQWcGlmtbQHjS9xJTWCtxw29IKrvPIKSchWh87fHMwPFo1ZlyB4M49dvykNbDgTnPnZ+TKIbTltc+Aaw9KVjioRksR9YLis7wzAxySYGzDLb+TXCUsrO9C9VokcstvUBMX4gpfh9fhFZEaP0PFRpaTzwobfVILKyaxv1+oIiNFWrazcvinrhCOdOYXAy1fQlfRsWDpddHIxL7woEsaXpOe4u+hQRkVWNvS4fqtI99CdZraOI7P59DhGnvssu6pyMZmzmhjRMuC6tYC+6jWoINES6oHHhtjqkKNi1puuqFn/5A+NrCmX/RtI+Hc490TlFHHOPO52k3BWOioqjSK0hYV+bXAvZ+c/cIqgcSTCKowHDvMORAQLjjr3grkZSu22aynEtQfMZpr+71bF87M+P8iOaxfLX0mNKGLDnOn3HqHvRuHQ+1N+OOvmgP/3BEOskBWQ0Z5HwdmkhQ
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-5_user.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-5.exe /rawdata=kv3jw7ftSkOPCntg6E5NP+FLu7fs+pF5wJPjupDi1Dyq3+vAVFhrb2kyrKbXAWiEpEJwJVF70sXgvqnnUeWTXTSrH4zEzVlJyWTkXymYAEUp6UFUV+MokrwgAzCjf9nrp8WOVUqrAEu+vnH8h4UVQ5KRInmzjq8HHtGP7WGSh/Z1DoRoti1PivlovhYFRdOsLRcCi5CQnC0Q+z8kEM+jAN8XcuxnNseuAKle20PFwTgH6VsvnVL4zIA8kfvKqTBhyTvn6zOFGLmwS7bjzr3w0FpRaphzRnw23ENEY23dRv9pQlb6SUyod+4KxR4I88YB48xGd6+JLcXffJGqlxfkrAa812Vqd4cIq2/UrzWGz787v5csYaLZmO4GGC3xBaU97im1Oezsj6E/tEcw1QOpHcbNtnFFNpqY81IEBnp7YY70GxjJh6aNmoqc0K9zuQwIQXKrgu3d+hBeTCWYZhJKk/3MCRd8OVWWNfttCly+eUAIr19Gd300zSaKl/WXWXbkqK8a/csZ/UVIc699riyBOnxaF8vQNzg/RLivEiuDjE5FNHknMcVhQWcGlmtbQHjS9xJTWCtxw29IKrvPIKSchWh87fHMwPFo1ZlyB4M49dvykNbDgTnPnZ+TKIbTltc+Aaw9KVjioRksR9YLis7wzAxySYGzDLb+TXCUsrO9C9VokcstvUBMX4gpfh9fhFZEaP0PFRpaTzwobfVILKyaxv1+oIiNFWrazcvinrhCOdOYXAy1fQlfRsWDpddHIxL7woEsaXpOe4u+hQRkVWNvS4fqtI99CdZraOI7P59DhGnvssu6pyMZmzmhjRMuC6tYC+6jWoINES6oHHhtjqkKNlcdZecVOFq9x+CpSqb5xfEr+gvg9frKjDS7UfWkjA6vc6g6e3DKTPO1ZHQrv019v/x4iNKSd5FpEqI7ijOiMFg1XeJNHNMY2bq6ezHWJ37AETnO5Ki7MDJiGRLurvUNF+YZ+3p9wuZ4cEes8QpXhiRpT9vRLiTU9V0KGQAULkk9
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-6.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-6.exe /rawdata=ZRu9jlFacpHKR/fZgH4REP6LVqLo3tpjvMH/DTaoO2vIEutP1xYm54UYG6/Mf9TyBqfCgFR2BTa2MvB2liwbvaJEksiWrFnxw8pN1Q6hGMq3knt4W/uIvwpWkdtZnBXVFA7Qb3NEwFruqBLiwjSo7vkAiQ2KTuno7xpyq2/yGTIObxnimvpuH5MOtOCGvz5U9d+XcHpm/8ncO0JvOGCk85+vHN/FnEjuqfJIJVvp1t62DlhcPhQx0jRrJf4thkPLBg9vf4itNwNZiRHMe/neSlJzZjrpu41dy6YTbp8t9jv7JReggfrk8AOA9vrKpTe4hwe/uhKIDLcHPOjGheT4kiSMels5KftNbQtDumsOeL6tVV361R9pm9e/9cgEeuuQY0TjfFgDM7n7HvkYDeJsqB1qi397t4JTWKbkdsCXjZX6rfaM8MOO9ybuZSZ2R7UJgT+Lqzw36kaoNNey1f1JM9wPGy/YCxsXenkSMJaVzuKrklHvaEmZmf1DcCbeg7zQgARoR8oBb6H5tk/T38eCZ3ePvgr2vFyyau0ZO9l3N7g3VOANlzDgBU8g2jHxrbriGeTyxeqtF/zIOSOCGR8Ro9pxhX3ipk9uuvRbFbZu4wZ63dcBNh20L6gfDjT5AQ1CWqwyCPiC+XbwnjLasWi1kaOhf73PHSG11P8eVZ4Fwd14MRpL9I+bM3KekkWBKRpghXnqPFko5S67PZWsioM7noanMJcPGU/1NX6nzc9cwAjWSSmq8vWIfgsqXttbammU4juLbG3La3Ac9eyAz/YCmNac1NM4bO8dG6C++nhaohki/ZHKghbv9hHfs2IxOUdCL7BYJh7zOsEPjcEhuiQpCAkY7f9b04SVDPN3K4SjviXLDxSWKVj/Qku6pjvzHH3DAIwhZSqwmj1Hykm8fcv6nKI9tQ2CXLljTXac//7VjFoX0OT72L+uxpp8RvGDQNV0vBa6H0HnfnbjcKxygSSktSe+KjSxRkLV9WLOrNDb34ba/ly4BA6r2F5pryOsS69qwBrsndrOU1z6OAdErkxOv7HL4F86iSiC4CPt4IRB7L2Zxv9Snf5HU2jpPAt65SEvepZekBalZErtnFIffdtLXio3d6nM0s4tPAl8dVYb5LBKI2Y99+thB96I7BOmtlt0iavHmceYUboSx5e3d7d2s3viy/ybc0p67roD3xo3DQFhWLpkTZJVu1r1KdY4U6eki62yxAVApZ+NeDac3/RLkP69CGHNzf9ZFHdIGoVzoW8aMfPKHeE7rCIMVZKgsCK+GWVfUFggt6FYxFysMQdD+Io1Z7bx/SBiHOnHUS1BfLZ+HxeWaOcPO/stbkNFMBdDgEgJm3Wa2v9m80b+rwfVaBri8IEJqS7MEV9jRwNsvQAUluub9LJRL7dl1oMbUcdJ1ckHtr1rZcPjQiyTydkP4VImOGrArPCk83KHqNVXXG4gbDC8VOHxMf6KrAA0pLjNDSNg6dtLYuh6zwpaJLRsGxo5IG6PnRYxT2q6FVfj56l2kMeKRN+8hFanBpWeW7OlM9BqlDDAxG73RwvCi7hGKKfKsEepHLFGkDgpmYYvGNlWv/jAGSPblgsBgGmhOGS36L2cwg+Hus6hfRH1DoHwOfsRNuDjpVPusVkgQMSsu5hTyG9bIRCSUe1j34yBTFCgYsvucnFqaKpaomMd14ftzaxOKbWACLlvPlAvLptSU+1ECPVF3qG6TjysUCrzNbjIGAYF2UHqBMhA25OG+pdPyMlGWlYOCea1ez/9Ml82ISaYy5pKZoBdPW5+xLB6WdBdyiQNlUkU3m0ZBBQ1lYdQEXFT4QoUQ+e13ze9WAdMnuJhuMifjFiqf4BivJx/BMwnKv6ZfaXRvs4V9Wp/3vyLZiun7V3x/0AHHzL/YDFRCJA7X7uT0iAhtRIILB6c1XOLBbH3TBQUc3TNTuBt+IJEpVSBQzzsemUEEyePgve2UrCX4Qk2QG+Od6S6nR1MSB1SjLqlMb8Lr+lkChFi8LW3cJZ1lhCW9uKUtBRWk6rSR/M7arELK8W/vTzdo2DQMttptE/M+DxfZQOFRnvzb3KZWyP7BzQdidj/5Twm7fiXtxVnUfAn7XJkHeTwUACCPq1Y8MGk8Z/jOoJeyjRRQ2VHpMkuHKbg7VhAEt8LwRE9BBuoeDwEsgL1croInVrvTdbe2MymQOKKZ1BOf7RuHSoRN9caCMSdoWNt1PcXGiNSRIeneB95HTvCt8DpzQM8RlDCfiVpJw7M12wp6uKabRaQJvXxKMGgRR/ZQjtf958eJ/miv5EMJ/gTgk6D/N9KM5De4dN9c3ntcA+3exZ5QDBZAOFXi6elPo5tBkiZ2s1kHTNV4YLCf1nqmttElvGBChf1VM6Pwn9UH8n9jI8sE5Lt9lEzBnWpFE2oaKQPXW6A9DzikNQ2uHcnt8Joo29WbXYOaE7DylRp3Eu0GhSnT4+vanW+Z5TOYMwYSJNh3nYsKdAcKVC/XJIn3jJdPuJldMJ7iwlf6pWNGJHokfRfX5Ec0KyS9Q8SLYCGZJXyYpSDpy9FBhdNSPfQpXYawBDUTGGF
C:\windows\tasks\e500ae65-d47e-482c-98e0-88c2fa39218e-7.job - C:\Program Files (x86)\Internet Speed Checker\e500ae65-d47e-482c-98e0-88c2fa39218e-7.exe /rawdata=bfegVPTgzrIKSM4HOHr+N8Rb1e9iRPaY9eI1t2+9COKN9LlgXvvvNJHB4nk5ZZASw1lzvhXMPqFRLYzZjLQfbyFsxlzZYTFT/J5GuhBqa4UqeSpOxUoQodQwDvmaKl+3Fqz5m44Y9TpIKV9+bpNq19YKFkTIFZ+el2jDNqfDn08lbXNoinuIOKd4PUIQ2mX7JVt77Lcdo9cMnHM5Y/eCcUNOE0X2npXugk5Be7gkghVEh0Uz4Y9TN4Fm+7E03Q3+UdLzJqrs0ULL5pPS60eWTvrVGbEjdHmm6jKh/icl7u2WfiVtIckz0+KwSnOfFK/aqHN/klPfM1VOC8K9ra9VqpaX+kAp9Fv8EHfyddGYmN+YTtUu4ZVt1gKPsJFU6nMkdlFJxf9voKYv5yPtJ4kxzqwUKuUfsKxz3RUTVBcrKPNG4EnFhBi4VM6I0WHikIxdaATbrjUy7AjK6XN8Qk0nRZVp88F9uraFTopSWQGsO1j05+5xN6u+mWqtKVT76KpIgp+m07inMLMX+YYp8CxGn+9NAaAT7Scdr+/is21AviLpz/Vk9uZ7Pj5LQarUNSktwFL8o4/isA3BmLfJGtBA8W0Q2KlcncMgd3XTKqxIJF2n8Tic1JiAhfRhVdhiL14kJ9CtXI3Nm3HHHixWFv+iLA17Q+aHH3P3ZWcNo69Psru6oadQU/vBB0cqGAvs4eL1oOIOQ6h4EiDBVxEtsbUbY0dYBJ+0y5ADpUIRQRZWysGY+7D0lieCAiFxd3qNJPsMxOdDUlb+CgtCsclhPssWPNo4R2639OIcC23cnCnlDZkII/lXS3/AwudkeOAN5xjXa6NJ9yACrmfFM3epJvFcyySpVUQKBOAz+oYF8dXp2PkeiC39QGs1ct6eJFt4yYcTxQub9q/4hR00qC3DkeeGmSWFTrNDTZbZYf1YMzHZduVwNvb2DHFeHKxPSkIOxxbJIpL/IUDB1bwOJaa+6OkFBz67gC3iyTCuP7iMSZRS40DzGnlu031LuCvqs7GXQqYFZy4DS83brGJhH0rMpzcntCZIg+xUex46v62WJ8fZOxeqMhPiujb6yh36s4YTZVLuM3G2FA4n4fPpCz3wTK/ObKmF7umlhWVhJD+xEuUwj2BbyJsWaUFmPmj/R11ktf0ViMrJGHBF8Hm0/PX8zWfjEqD5kqTE6XfUzEwWvKFBos0DwM7urByeckSnmgpeV7HVxzbtxWfpvnMW+fjXsepSb7ZjeiIu5LSDEyWkrxH1pVFf6FcLIgh+6onXcJE23q2w19LExiEayuLgTH3y+rb3v6n9ux0fBEDBOgkVUoJNdHiQrR+iz2my61Wxt367WTXgQ6+9mlDCpwMWRrvKV0fVZD6f4R79OzkZsHVVVFNDIzPpZPIdabsWN/eD10O8fnYZdc6sxmr5b8+RNM549qb2mlu70Q3mHQ9ExZ2gZrIIoBPJ5yadzn9wrW8rq3Q233XLu8Z/DghhBmRT4iMybwEgw1SSnf4hayAdc5DuJA2+pFjmlftJ+ASROaygG6CB7nQYuH8AnMF9hujaEvJhAekOoUhQCPVJpPGWVLKti2NxWl/9TH12X1vjZjGemzObCzBUcR5KRpTJqBpNEvUi0+VimjgJuvn58BC9aZvlvCeeYHdL1eW+Ihdfp0v0Ywy8RrgF5qvTnsOxPn219DGtTC8L4FTuKWr4x75DhOm1lQTiXharBC1J89tsRw181umcZNntJs0FVvqZHXiovmfsYimcrUtR/l154RdJlK+DgxY+txzwKbKVDLJP20QE4k+EQ96nLC7H4qXQT9VC+yrwKzolNVmZvCIKFlb7Akoug42yISlverpnFzcIWNVTgCqF/s1qzFuUYcImzEFCOzseY+ZKAbpyJODgcTMyOOPpT92fcy/hc59P3YFFi93TOZRjdFz723FGKXd7Xh+DGR8THELqJ+AaOJm9V7BM42QsgZKZgoXfh5UkGO3OtOyFfn7TBnM1QsJwnIH27Fj7D1aNocnVmRp7zPPU9KoIl8bnJrg92QzO5wj7jWRABZnJrWwIbSE+DLvQmY+rNzcxHwA+87Q7+HBdWEYIzFuqEp98M7F1jT+TyplLMYVAJTsRjdtqwpq4YKZYxF3ACZ0vcUQ0gqDQRwd1ehAh4fXzexmzDR9kMWZ7NCkrrqwpyGrW+hrvrB09NhbV7MgnZPF5zf1T9AB3F2rewpjYf7gcnfFRZ5bD3RAHp7exc0fMIYsGiyzf8nQDR8Y7443Qh5ORYxw7A7MllnrIlqJgWfT8C5OKHw+UWUYIsgV1l6m7q4ZEF1cQHodC+ZqfSThBckxDpJiOdozkzv31tqm3lCuKJSPFg4US3QDId0Tu2G/LLTH4/AnWHLOVQ7VJkCAVr/2CymhZrqfSiZn3dsrd1RkH7L4t+XIThIxYZYOGKv9C2VAHueAvr8WxCR0MmfgqXv6x/8I5uvVaKbRBsOs77ZwEI2BMErvL/VFdyM5ZNjUY0rNiMKG4WrNk13+UcLHs3NOV7ybk+M6FxPvccBnVXcagarEfbrcUC0dK/iOeY5NKQIgIqxkljJhY
C:\windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForivana.novakova.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForivana.novakova (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"HP Color LaserJet CM2320 MFP Series Fax"=C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [2009-09-22 3700736]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-07-21 489472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"gpuminer"=C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [2015-05-02 96]
"cpuminer"=C:\windows\system32\cpuminer-gw64.exe [2015-06-16 1413400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2015-01-28 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SeznamInstall-uninstall:26c51a6d273160d6ce198e1ca6da2b89"=C:\Users\IVANAN~1.STA\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2015-06-23 534528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-23 563736]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2009-11-19 518656]
"HPPQVideo"=C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM2320 MFP Series\bin\hppschlnch.exe [2007-05-07 106496]
"ToolBoxFX"=C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [2009-10-22 53248]
"Firebird"=C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2008-06-13 2723840]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=1
"dontdisplaylockeduserid"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-23 13:06:39 ----D---- C:\rsit
2015-06-22 14:05:17 ----A---- C:\windows\SYSWOW64\drivers\TS888x64.sys
2015-06-22 14:01:29 ----D---- C:\ProgramData\TXQMPC
2015-06-22 13:56:21 ----D---- C:\Program Files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80
2015-06-22 13:56:12 ----D---- C:\Program Files (x86)\Internet Speed Checker
2015-06-22 13:53:35 ----D---- C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz
2015-06-22 13:48:38 ----D---- C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer
2015-06-22 13:47:45 ----D---- C:\Program Files (x86)\61bf2d4a-dbb5-4488-975c-2997da80caf7
2015-06-22 13:47:38 ----D---- C:\Program Files\Common Files\Tencent
2015-06-22 13:47:25 ----D---- C:\Program Files (x86)\globalUpdate
2015-06-22 13:47:18 ----A---- C:\windows\system32\drivers\TSSKX64.sys
2015-06-22 13:47:05 ----A---- C:\windows\system32\drivers\TFsFltX64.sys
2015-06-22 13:47:02 ----D---- C:\Program Files (x86)\CinemaPlus-4.5vV21.06
2015-06-22 13:43:50 ----D---- C:\Program Files (x86)\Tencent
2015-06-22 13:43:05 ----D---- C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent
2015-06-22 13:43:04 ----D---- C:\ProgramData\Tencent
2015-06-22 13:39:49 ----D---- C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Baidu
2015-06-22 13:39:49 ----D---- C:\ProgramData\Baidu
2015-06-22 13:38:51 ----D---- C:\ProgramData\Rising
2015-06-16 23:39:02 ----A---- C:\windows\system32\cpuminer-gw64.exe
2015-06-11 09:15:31 ----A---- C:\windows\system32\wmp.dll
2015-06-11 09:15:28 ----A---- C:\windows\SYSWOW64\wmp.dll
2015-06-11 09:15:26 ----A---- C:\windows\system32\spwmp.dll
2015-06-11 09:15:25 ----A---- C:\windows\SYSWOW64\spwmp.dll
2015-06-11 09:15:25 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2015-06-11 09:15:25 ----A---- C:\windows\system32\dxmasf.dll
2015-06-11 09:15:24 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2015-06-11 09:15:24 ----A---- C:\windows\system32\wmploc.DLL
2015-06-11 09:15:20 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-06-11 09:15:20 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-06-11 09:15:20 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-06-11 09:15:20 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-06-11 09:15:20 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-06-11 09:15:20 ----A---- C:\windows\system32\ieetwcollector.exe
2015-06-11 09:15:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-06-11 09:15:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-06-11 09:15:19 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-06-11 09:15:19 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-11 09:15:19 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-06-11 09:15:19 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-06-11 09:15:19 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 09:15:19 ----A---- C:\windows\system32\iernonce.dll
2015-06-11 09:15:19 ----A---- C:\windows\system32\ie4uinit.exe
2015-06-11 09:15:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-06-11 09:15:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-06-11 09:15:17 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-06-11 09:15:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-06-11 09:15:17 ----A---- C:\windows\system32\urlmon.dll
2015-06-11 09:15:17 ----A---- C:\windows\system32\iedkcs32.dll
2015-06-11 09:15:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-06-11 09:15:16 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-06-11 09:15:16 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-06-11 09:15:16 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-06-11 09:15:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-06-11 09:15:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-06-11 09:15:16 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-06-11 09:15:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-06-11 09:15:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-06-11 09:15:15 ----A---- C:\windows\system32\msfeeds.dll
2015-06-11 09:15:15 ----A---- C:\windows\system32\dxtrans.dll
2015-06-11 09:15:14 ----A---- C:\windows\system32\iesetup.dll
2015-06-11 09:15:14 ----A---- C:\windows\system32\ieapfltr.dll
2015-06-11 09:15:13 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-06-11 09:15:13 ----A---- C:\windows\system32\iertutil.dll
2015-06-11 09:15:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-06-11 09:15:12 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-06-11 09:15:12 ----A---- C:\windows\system32\vbscript.dll
2015-06-11 09:15:12 ----A---- C:\windows\system32\jsproxy.dll
2015-06-11 09:15:12 ----A---- C:\windows\system32\ieUnatt.exe
2015-06-11 09:15:11 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-06-11 09:15:10 ----A---- C:\windows\system32\ieui.dll
2015-06-11 09:15:10 ----A---- C:\windows\system32\ieframe.dll
2015-06-11 09:15:10 ----A---- C:\windows\system32\dxtmsft.dll
2015-06-11 09:15:09 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-06-11 09:15:09 ----A---- C:\windows\system32\mshtmled.dll
2015-06-11 09:15:08 ----A---- C:\windows\system32\jscript9diag.dll
2015-06-11 09:15:08 ----A---- C:\windows\system32\jscript9.dll
2015-06-11 09:15:08 ----A---- C:\windows\system32\jscript.dll
2015-06-11 09:15:07 ----A---- C:\windows\system32\wininet.dll
2015-06-11 09:15:06 ----A---- C:\windows\system32\MshtmlDac.dll
2015-06-11 09:15:05 ----A---- C:\windows\system32\msrating.dll
2015-06-11 09:15:01 ----A---- C:\windows\system32\mshtml.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\invagent.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\generaltel.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\devinv.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\appraiser.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\aepic.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\aeinv.dll
2015-06-10 09:26:22 ----A---- C:\windows\system32\acmigration.dll
2015-06-10 09:26:21 ----A---- C:\windows\system32\aepdu.dll
2015-06-10 09:26:12 ----A---- C:\windows\system32\diagtrack.dll
2015-06-10 09:26:11 ----A---- C:\windows\system32\kerberos.dll
2015-06-10 09:26:10 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-06-10 09:26:10 ----A---- C:\windows\system32\KernelBase.dll
2015-06-10 09:26:09 ----A---- C:\windows\system32\lsasrv.dll
2015-06-10 09:26:09 ----A---- C:\windows\system32\kernel32.dll
2015-06-10 09:26:09 ----A---- C:\windows\system32\advapi32.dll
2015-06-10 09:26:08 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 09:26:08 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-06-10 09:26:08 ----A---- C:\windows\system32\ntoskrnl.exe
2015-06-10 09:26:08 ----A---- C:\windows\system32\ntdll.dll
2015-06-10 09:26:07 ----A---- C:\windows\SYSWOW64\tracerpt.exe
2015-06-10 09:26:07 ----A---- C:\windows\system32\wow64.dll
2015-06-10 09:26:07 ----A---- C:\windows\system32\tracerpt.exe
2015-06-10 09:26:07 ----A---- C:\windows\system32\srcore.dll
2015-06-10 09:26:07 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-06-10 09:26:07 ----A---- C:\windows\system32\conhost.exe
2015-06-10 09:26:06 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-06-10 09:26:06 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-06-10 09:26:06 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-06-10 09:26:06 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-06-10 09:26:06 ----A---- C:\windows\system32\winsrv.dll
2015-06-10 09:26:06 ----A---- C:\windows\system32\schannel.dll
2015-06-10 09:26:06 ----A---- C:\windows\system32\rstrui.exe
2015-06-10 09:26:06 ----A---- C:\windows\system32\msv1_0.dll
2015-06-10 09:26:06 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-06-10 09:26:05 ----A---- C:\windows\SYSWOW64\tdh.dll
2015-06-10 09:26:05 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-06-10 09:26:05 ----A---- C:\windows\SYSWOW64\logman.exe
2015-06-10 09:26:05 ----A---- C:\windows\system32\wdigest.dll
2015-06-10 09:26:05 ----A---- C:\windows\system32\tdh.dll
2015-06-10 09:26:05 ----A---- C:\windows\system32\sechost.dll
2015-06-10 09:26:05 ----A---- C:\windows\system32\ncrypt.dll
2015-06-10 09:26:05 ----A---- C:\windows\system32\logman.exe
2015-06-10 09:26:04 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-06-10 09:26:04 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-06-10 09:26:04 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-06-10 09:26:04 ----A---- C:\windows\SYSWOW64\sechost.dll
2015-06-10 09:26:04 ----A---- C:\windows\system32\TSpkg.dll
2015-06-10 09:26:04 ----A---- C:\windows\system32\sspicli.dll
2015-06-10 09:26:04 ----A---- C:\windows\system32\smss.exe
2015-06-10 09:26:04 ----A---- C:\windows\system32\lsass.exe
2015-06-10 09:26:03 ----A---- C:\windows\SYSWOW64\typeperf.exe
2015-06-10 09:26:03 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-06-10 09:26:03 ----A---- C:\windows\SYSWOW64\relog.exe
2015-06-10 09:26:03 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-06-10 09:26:03 ----A---- C:\windows\system32\typeperf.exe
2015-06-10 09:26:03 ----A---- C:\windows\system32\srclient.dll
2015-06-10 09:26:03 ----A---- C:\windows\system32\relog.exe
2015-06-10 09:26:03 ----A---- C:\windows\system32\csrsrv.dll
2015-06-10 09:26:03 ----A---- C:\windows\system32\auditpol.exe
2015-06-10 09:26:02 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-06-10 09:26:02 ----A---- C:\windows\SYSWOW64\diskperf.exe
2015-06-10 09:26:02 ----A---- C:\windows\system32\sspisrv.dll
2015-06-10 09:26:02 ----A---- C:\windows\system32\secur32.dll
2015-06-10 09:26:02 ----A---- C:\windows\system32\ntvdm64.dll
2015-06-10 09:26:02 ----A---- C:\windows\system32\diskperf.exe
2015-06-10 09:26:02 ----A---- C:\windows\system32\credssp.dll
2015-06-10 09:26:01 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-06-10 09:26:01 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-06-10 09:26:01 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-06-10 09:26:01 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-06-10 09:26:01 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-06-10 09:26:01 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-06-10 09:26:01 ----A---- C:\windows\system32\wow64win.dll
2015-06-10 09:26:01 ----A---- C:\windows\system32\wow64cpu.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:26:00 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:25:59 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:25:59 ----A---- C:\windows\SYSWOW64\user.exe
2015-06-10 09:25:59 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-06-10 09:25:59 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-06-10 09:25:59 ----A---- C:\windows\system32\apisetschema.dll
2015-06-10 09:25:58 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-06-10 09:25:58 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-06-10 09:25:58 ----A---- C:\windows\system32\UtcResources.dll
2015-06-10 09:25:58 ----A---- C:\windows\system32\msaudite.dll
2015-06-10 09:25:58 ----A---- C:\windows\system32\adtschema.dll
2015-06-10 09:25:57 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-06-10 09:25:57 ----A---- C:\windows\system32\msobjs.dll
2015-06-10 09:25:07 ----A---- C:\windows\SYSWOW64\comctl32.dll
2015-06-10 09:25:07 ----A---- C:\windows\system32\comctl32.dll
2015-06-10 09:25:05 ----A---- C:\windows\system32\win32k.sys
2015-06-10 09:24:33 ----A---- C:\windows\system32\drivers\stream.sys
2015-06-10 08:46:50 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2015-06-23 13:06:50 ----D---- C:\windows\Prefetch
2015-06-23 13:06:49 ----D---- C:\Program Files\trend micro
2015-06-23 13:04:40 ----HD---- C:\windows\Temp
2015-06-23 11:47:09 ----RD---- C:\Program Files (x86)
2015-06-23 08:26:39 ----D---- C:\windows\System32
2015-06-23 08:26:39 ----D---- C:\windows\inf
2015-06-23 08:26:39 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-06-23 08:23:39 ----D---- C:\ProgramData\PDFC
2015-06-23 08:23:36 ----D---- C:\windows\system32\config
2015-06-23 08:22:02 ----A---- C:\windows\SYSWOW64\log.txt
2015-06-22 14:38:45 ----D---- C:\Windows
2015-06-22 14:38:10 ----D---- C:\windows\system32\drivers
2015-06-22 14:29:42 ----D---- C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\TeamViewer
2015-06-22 14:25:03 ----D---- C:\windows\system32\Tasks
2015-06-22 14:05:17 ----D---- C:\windows\SYSWOW64\drivers
2015-06-22 14:01:29 ----HD---- C:\ProgramData
2015-06-22 13:57:10 ----D---- C:\windows\Tasks
2015-06-22 13:56:26 ----SHD---- C:\windows\Installer
2015-06-22 13:47:38 ----D---- C:\Program Files\Common Files
2015-06-22 13:47:22 ----D---- C:\windows\SysWOW64
2015-06-22 13:47:21 ----RSD---- C:\windows\Fonts
2015-06-22 13:47:09 ----D---- C:\Program Files (x86)\Common Files
2015-06-22 10:57:04 ----SHD---- C:\System Volume Information
2015-06-17 08:19:17 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-06-15 11:56:52 ----D---- C:\windows\debug
2015-06-15 11:55:59 ----D---- C:\Program Files (x86)\CCleaner
2015-06-12 14:15:28 ----D---- C:\Program Files (x86)\TeamViewer
2015-06-12 10:46:26 ----D---- C:\windows\rescache
2015-06-12 08:28:57 ----D---- C:\windows\winsxs
2015-06-12 08:26:33 ----D---- C:\Program Files\Windows Media Player
2015-06-12 08:26:33 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-12 08:26:32 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-06-12 08:26:32 ----D---- C:\Program Files\Internet Explorer
2015-06-12 08:26:31 ----D---- C:\windows\SYSWOW64\en-US
2015-06-12 08:26:30 ----D---- C:\windows\system32\en-US
2015-06-12 08:26:30 ----D---- C:\windows\system32\cs-CZ
2015-06-12 08:26:30 ----D---- C:\windows\PolicyDefinitions
2015-06-12 08:26:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 09:08:56 ----D---- C:\windows\system32\catroot2
2015-06-11 08:30:15 ----SD---- C:\windows\system32\CompatTel
2015-06-11 08:30:15 ----D---- C:\windows\system32\appraiser
2015-06-11 08:30:14 ----D---- C:\windows\AppPatch
2015-06-10 17:16:22 ----HD---- C:\Config.Msi
2015-06-10 17:16:22 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 17:12:39 ----D---- C:\windows\system32\MRT
2015-06-10 17:06:00 ----A---- C:\windows\system32\MRT.exe
2015-06-10 17:05:05 ----A---- C:\windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 NetworkX;NetworkX; C:\windows\syswow64\ckldrv.sys []
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2011-11-24 78208]
R2 aksfridge;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2011-11-24 139592]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2011-10-07 321536]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-08-05 264192]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-01-21 3063360]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-13 325152]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2014-07-21 515584]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 fsamkscn;fsamkscn; \??\C:\windows\system32\drivers\fsamkscn.sys []
S1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16350.226\QMUdisk64.sys []
S1 TsDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16350.226\TSDefenseBT64.sys []
S3 akshasp;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2011-02-09 53760]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2011-09-08 57088]
S3 aksusb;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2011-08-09 21120]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-06-10 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
S3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TS888x64;TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16350.226\TS888x64.sys []
S3 TSSKX64;TSSKX64; C:\windows\System32\drivers\tsskx64.sys [2015-06-22 38200]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2014-07-21 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 Crypkey License;Crypkey License; C:\windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 hasplms;HASP License Manager; C:\windows\system32\hasplms.exe [2011-12-02 4913608]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-01 136192]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-07-21 271360]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-04-17 5448976]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2012-08-10 1001376]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-22 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29 107912]
S2 QQPCRtp;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16350.226\QQPCRtp.exe -r []
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-17 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-22 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-02-15 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[petr_xxx]

Udělal jsem oba kroky, ale až teď, když píši odpověď, jsem si všiml, že jsem je měl udělat v nouzovém režimu... Je to problém? Mám tyto kroky provést znovu, tentokrát již v nouzovém režimu?

AdwCleaner nevytvořil žádný log, ani není uložen na c:\AdwCleaner\AdwCleaner[S?].txt. Tuto kontrolu jsem prováděl 2x a ani jednou se log nevytvořil.

ComboFix log:



ComboFix 15-06-23.01 - ivana.novakova 23.06.2015 14:49:17.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1967.662 [GMT 2:00]
Spuštěný z: c:\users\ivana.novakova.STAKOPLAST\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80\477d709e-cd69-4ee5-b3b0-aa0536520108.dll
c:\program files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80\4b436478-4c36-47b0-be11-349d69551108.dll
c:\program files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80\875dcbc3-31af-4d71-84f7-b3c61fa47d80.dll
c:\program files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80\b8168e54-2e80-4d3c-b6d1-e3e8b2bd259a.dll
c:\programdata\38DEFD9F4F.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BD0001
-------\Legacy_BD0002
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-23 do 2015-06-23 )))))))))))))))))))))))))))))))
.
.
2015-06-23 13:30 . 2015-06-23 13:30 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2015-06-23 13:30 . 2015-06-23 13:30 -------- d-----w- c:\users\ivana.novakova\AppData\Local\temp
2015-06-23 13:30 . 2015-06-23 13:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-23 12:39 . 2015-06-23 12:39 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40F60AE6-5367-4EA3-A423-02A514D4D542}\offreg.912.dll
2015-06-23 12:08 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40F60AE6-5367-4EA3-A423-02A514D4D542}\mpengine.dll
2015-06-23 11:06 . 2015-06-23 11:07 -------- d-----w- C:\rsit
2015-06-22 12:05 . 2015-06-22 12:17 28984 ----a-w- c:\windows\SysWow64\drivers\TS888x64.sys
2015-06-22 11:56 . 2015-06-23 13:30 -------- d-----w- c:\program files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80
2015-06-22 11:53 . 2015-06-23 09:45 -------- d-----w- c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz
2015-06-22 11:48 . 2015-06-22 11:50 -------- d-----w- c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer
2015-06-22 11:47 . 2015-06-22 11:47 -------- d-----w- c:\program files (x86)\61bf2d4a-dbb5-4488-975c-2997da80caf7
2015-06-22 11:47 . 2015-06-22 11:47 -------- d-----w- c:\users\ivana.novakova.STAKOPLAST\AppData\Local\globalUpdate
2015-06-22 11:47 . 2015-06-22 11:45 38200 ----a-w- c:\windows\system32\drivers\TSSKX64.sys
2015-06-22 11:47 . 2015-06-22 11:45 87864 ----a-w- c:\windows\system32\drivers\TFsFltX64.sys
2015-06-22 11:46 . 2015-06-22 11:46 -------- d-----w- c:\users\ivana.novakova\AppData\Local\Crossbrowse
2015-06-22 11:43 . 2015-06-22 12:10 -------- d-----w- c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent
2015-06-22 11:40 . 2015-06-22 11:40 -------- d-----w- c:\program files (x86)\Common Files\Baidu
2015-06-22 11:39 . 2015-06-22 12:14 -------- d-----w- c:\programdata\Baidu
2015-06-22 11:39 . 2015-06-22 12:11 -------- d-----w- c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Baidu
2015-06-22 11:38 . 2015-06-22 11:39 -------- d-----w- c:\programdata\Rising
2015-06-22 10:28 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-06-18 10:04 . 2015-03-26 08:18 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{782CB9DA-7957-4A66-825B-5778F9F6D467}\gapaengine.dll
2015-06-16 21:39 . 2015-06-16 21:39 1413400 ------w- c:\windows\system32\cpuminer-gw64.exe
2015-06-11 07:14 . 2015-05-22 19:12 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-06-10 07:25 . 2015-05-25 18:11 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-06-10 07:24 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-06-10 06:46 . 2015-06-10 06:47 18169520 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-17 06:19 . 2013-07-24 12:24 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-17 06:19 . 2012-01-03 07:44 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 15:06 . 2011-02-15 09:30 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-05-25 18:19 . 2015-06-10 07:26 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 07:26 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-10 07:26 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-10 07:26 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 07:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-01 13:17 . 2015-05-14 07:41 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-14 07:41 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-14 07:03 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-14 07:03 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-14 07:03 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-14 07:05 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-14 07:05 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-14 01:38 . 2015-04-14 01:38 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-04-13 03:28 . 2015-05-14 07:04 328704 ----a-w- c:\windows\system32\services.exe
2015-04-08 03:29 . 2015-05-14 07:03 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-14 07:03 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-14 07:03 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-03-26 08:18 . 2014-11-18 08:12 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-01-24 15:46 . 2011-02-17 11:34 84 ----a-w- c:\program files (x86)\start.cmd
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-19 518656]
"ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 53248]
"Firebird"="c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe" [2008-06-13 2723840]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"disablecad"= 1 (0x1)
"dontdisplaylockeduserid"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 fsamkscn;fsamkscn;c:\windows\system32\drivers\fsamkscn.sys;c:\windows\SYSNATIVE\drivers\fsamkscn.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TSSKX64;TSSKX64;c:\windows\system32\drivers\tsskx64.sys;c:\windows\SYSNATIVE\drivers\tsskx64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe;c:\windows\SYSNATIVE\hasplms.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-23 07:00 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-24 06:19]
.
2015-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 07:18]
.
2015-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 07:18]
.
2015-06-23 c:\windows\Tasks\HPCeeScheduleForivana.novakova.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-19 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-07-21 489472]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"gpuminer"="c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\sgminer.cmd" [2015-05-02 96]
"cpuminer"="c:\windows\system32\cpuminer-gw64.exe" [2015-06-16 1413400]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: abradio.cz\player
Trusted Zone: hitradiofaktor.cz\www
TCP: DhcpNameServer = 192.168.1.1 127.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-HPPQVideo - c:\program files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM2320 MFP Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM2320_MFP_Series -f PQOptimizerVideo.xml
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\crypserv.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
.
**************************************************************************
.
Celkový čas: 2015-06-23 15:39:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-06-23 13:39
.
Před spuštěním: Volných bajtů: 225 817 239 552
Po spuštění: Volných bajtů: 225 174 577 152
.
- - End Of File - - 99DE97023055D622C2AE1B0664A9FF0E

[petr_xxx]

AdwCleaner z nouzového režimu:



# AdwCleaner v4.207 - Log vytvořen 23/06/2015 v 17:24:11
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-21.1 [Local]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : ivana.novakova - NOVAKOVA-HP
# Spuštěno z : C:\Users\ivana.novakova.STAKOPLAST\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\windows\System32\roboot64.exe
Soubor Smazáno : C:\windows\System32\cpuminer-conf.json
Soubor Smazáno : C:\windows\System32\cpuminer-gw64.exe

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.130


*************************

AdwCleaner[R4].txt - [958 bytů] - [23/06/2015 17:23:44]
AdwCleaner[S4].txt - [881 bytů] - [23/06/2015 17:24:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [938 bytů] ##########

[petr_xxx]

Nedaří se mi dokončit poslední krok. Zobrazí se toto hlášení:

[petr_xxx]

Ještě jsem si vzpomněl, že od začátku těchto problémů mi vždy po spuštění PC vyskočí tato tabulka:



Kliknu na OK a obě tabulky zmizí.


Zde je log z ComboFixu:


ComboFix 15-06-24.01 - ivana.novakova 24.06.2015 15:49:04.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1967.890 [GMT 2:00]
Spuštěný z: c:\users\ivana.novakova.STAKOPLAST\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ivana.novakova.STAKOPLAST\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\start.cmd"
"c:\windows\system32\drivers\fsamkscn.sys"
"c:\windows\system32\drivers\TFsFltX64.sys"
"c:\windows\system32\drivers\TSSKX64.sys"
"c:\windows\SysWow64\drivers\TS888x64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\61bf2d4a-dbb5-4488-975c-2997da80caf7
c:\program files (x86)\875dcbc3-31af-4d71-84f7-b3c61fa47d80
c:\program files (x86)\Common Files\Baidu
c:\program files (x86)\Common Files\Baidu\BDDownload\108\7z.dll
c:\program files (x86)\Common Files\Baidu\BDDownload\108\bdcomproxy.dll
c:\program files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
c:\program files (x86)\Common Files\Baidu\BDDownload\108\dl.dll
c:\programdata\Baidu
c:\programdata\Baidu\BaiduHips\BaiduHipsCache.rptc
c:\programdata\Baidu\BaiduSd\CachedDB_1\000005.sst
c:\programdata\Baidu\BaiduSd\CachedDB_1\000006.log
c:\programdata\Baidu\BaiduSd\CachedDB_1\CURRENT
c:\programdata\Baidu\BaiduSd\CachedDB_1\LOCK
c:\programdata\Baidu\BaiduSd\CachedDB_1\LOG
c:\programdata\Baidu\BaiduSd\CachedDB_1\LOG.old
c:\programdata\Baidu\BaiduSd\CachedDB_1\MANIFEST-000004
c:\programdata\Baidu\BaiduSd\Config\4402.dat
c:\programdata\Baidu\BaiduSd\Config\804.dat
c:\programdata\Baidu\BaiduSd\Config\806.dat
c:\programdata\Baidu\BaiduSd\Config\809.dat
c:\programdata\Baidu\BaiduSd\Config\811.dat
c:\programdata\Baidu\BaiduSd\Config\812.dat
c:\programdata\Baidu\BaiduSd\Config\8500.dat
c:\programdata\Baidu\BaiduSd\Config\860.dat
c:\programdata\Baidu\BaiduSd\Config\8700.dat
c:\programdata\Baidu\BaiduSd\Config\900.dat
c:\programdata\Baidu\BaiduSd\Config\902.dat
c:\programdata\Baidu\BaiduSd\Config\config.ini
c:\programdata\Baidu\BaiduSd\FileSignDB\000005.log
c:\programdata\Baidu\BaiduSd\FileSignDB\CURRENT
c:\programdata\Baidu\BaiduSd\FileSignDB\LOCK
c:\programdata\Baidu\BaiduSd\FileSignDB\LOG
c:\programdata\Baidu\BaiduSd\FileSignDB\LOG.old
c:\programdata\Baidu\BaiduSd\FileSignDB\MANIFEST-000004
c:\programdata\Baidu\BaiduSd\IsolationDB.db
c:\programdata\Baidu\BaiduSd\privacy.db
c:\programdata\Baidu\BaiduSd\white_list.db
c:\programdata\Baidu\BDDownload\bddl.bca
c:\programdata\Baidu\BDDownload\bddlp.bca
c:\programdata\Baidu\Common\Global.db
c:\users\ivana.novakova.STAKOPLAST\AppData\Local\globalUpdate
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Baidu
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Baidu\BDDownload\4006143519\Setting\host.dat
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Baidu\BDDownload\4006143519\Setting\p2pconfig.dat
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\cpuminer-uninst.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer-uninst.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\aes_helper.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\blake.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\blake256.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\bmw.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\cubehash.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\darkcoin-mod.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\echo.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\fugue.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\groestl.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\groestl256.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\jh.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\keccak.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\keccak1600.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\luffa.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\lyra2.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\lyra2re.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\neoscrypt.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\shabal.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\shavite.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\simd.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\skein.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\kernel\skein256.cl
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\msvcr120.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\sgminer.conf
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\cpuminer\sgminer\sgminer.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz\~~erase-12274252-5996-69288.$$$
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz\~~erase-12274267-5996-51766.$$$
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz\~~erase-12274314-5996-56445.$$$\~~erase-12274267-5996-47813.$$$
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz\~~erase-12274314-5996-56445.$$$\~~erase-12274267-5996-48030.$$$
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz\install.log
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AdbCmdServer.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AdbWinApi.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AdbWinUsbApi.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\am5tools.tools
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\am5tools2.tools
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDaemon.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDevice.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServer.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServerUp.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkFS.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkGraphic.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkImage.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkIOStub.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AsyncTask.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\atl100.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Bin\box.tools
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Bin\box2.tools
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Bin\mtools.tools
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Bin\mtools2.tools
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\bugreport.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Common.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\component
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\componentui
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\ConnectManager.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\ConnectUI.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Daemon.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DaemonProxy.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DebugModeBrand.brand
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DebugModeConfigV2.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DeviceDesc.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DriverTools.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DriverToolsX64.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\GF.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\jwlxtzqn.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\jwlxtzqnui.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libexpatw.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libimagequant.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libjpegturbo.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libpng.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libtcmalloc.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Log4cplus.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\lua.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\main.properties
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\maMainFrame.rdb
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\maMainFrame.tpc
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\mdb.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\msvcp100.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\msvcr100.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\NetHub.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\QQPMIpc.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\RubikEngine.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\SdkClient.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\sqlite.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\TADInstaller.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tinyxml.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\UnReDevice.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\xGraphic32.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\zlib.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\AndroidDevice_QQPCTray.exe.log.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\androidserverupdate.log.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\DeviceDesc.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\sdkclient_QQPCTray.exe.log.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\AndroidServer\slist.ini
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\DeskUpdate\GlobalMgr.db
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QMAdFilter.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QMAutoClean.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QMDeskTopGC.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QQPCFTSysShortTask.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QQPCMgr.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QQPCPhoneDock.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QQPCRealTimeSpeedup.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QQPCSoftCmd.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\QQPCTray.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Logs\TAOFrame.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\QQ\dlcfg10.dat
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\QQ\dllog.dat
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\QQPCMgr\ProcRunTimeInfo.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\QQPCMgr\QMDellog.dat
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\QQPCMgr\qmdr\dr.dll
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\QQPCMgr\TimingTaskParam.xml
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Tencentdl\dlcore.tlg
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Tencent\Tencentdl\TencentDL.tlg
c:\users\ivana.novakova\AppData\Local\Crossbrowse
c:\users\ivana.novakova\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Bookmarks
c:\users\ivana.novakova\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Cookies
c:\users\ivana.novakova\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Favicons
c:\users\ivana.novakova\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\History
c:\users\ivana.novakova\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default\Shortcuts
c:\users\ivana.novakova\AppData\Local\Crossbrowse\Crossbrowse\User Data\Local State
c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TSSKX64
-------\Service_fsamkscn
-------\Service_TSSKX64
-------\Service_TsUsbFlt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-24 do 2015-06-24 )))))))))))))))))))))))))))))))
.
.
2015-06-24 16:28 . 2015-06-24 16:28 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{159EC9FE-1616-49D4-8C03-8859EC20338B}\offreg.856.dll
2015-06-24 16:26 . 2015-06-24 16:26 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2015-06-24 16:26 . 2015-06-24 16:26 -------- d-----w- c:\users\ivana.novakova\AppData\Local\temp
2015-06-24 16:26 . 2015-06-24 16:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-24 16:26 . 2015-06-24 16:26 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-06-24 13:18 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{159EC9FE-1616-49D4-8C03-8859EC20338B}\mpengine.dll
2015-06-24 05:24 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-06-23 15:23 . 2015-06-23 15:24 -------- d-----w- C:\AdwCleaner
2015-06-23 11:06 . 2015-06-23 11:07 -------- d-----w- C:\rsit
2015-06-22 12:05 . 2015-06-22 12:17 28984 ----a-w- c:\windows\SysWow64\drivers\TS888x64.sys
2015-06-22 11:53 . 2015-06-24 16:25 -------- d-----w- c:\users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz
2015-06-22 11:47 . 2015-06-22 11:45 38200 ----a-w- c:\windows\system32\drivers\TSSKX64.sys
2015-06-22 11:47 . 2015-06-22 11:45 87864 ----a-w- c:\windows\system32\drivers\TFsFltX64.sys
2015-06-22 11:38 . 2015-06-22 11:39 -------- d-----w- c:\programdata\Rising
2015-06-18 10:04 . 2015-03-26 08:18 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{782CB9DA-7957-4A66-825B-5778F9F6D467}\gapaengine.dll
2015-06-11 07:14 . 2015-05-22 19:12 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-06-10 07:25 . 2015-05-25 18:11 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-06-10 07:24 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-24 13:45 . 2013-07-24 12:24 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-24 13:45 . 2012-01-03 07:44 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 15:06 . 2011-02-15 09:30 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-05-25 18:19 . 2015-06-10 07:26 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 07:26 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-10 07:26 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-10 07:26 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 07:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-01 13:17 . 2015-05-14 07:41 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-14 07:41 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-14 07:03 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-14 07:03 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-14 07:03 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-14 07:05 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-14 07:05 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-14 01:38 . 2015-04-14 01:38 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-04-13 03:28 . 2015-05-14 07:04 328704 ----a-w- c:\windows\system32\services.exe
2015-04-08 03:29 . 2015-05-14 07:03 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-14 07:03 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-14 07:03 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2011-01-24 15:46 . 2011-02-17 11:34 84 ----a-w- c:\program files (x86)\start.cmd
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-19 518656]
"ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 53248]
"Firebird"="c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe" [2008-06-13 2723840]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"disablecad"= 1 (0x1)
"dontdisplaylockeduserid"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe;c:\windows\SYSNATIVE\hasplms.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-23 07:00 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-24 13:45]
.
2015-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 07:18]
.
2015-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 07:18]
.
2015-06-23 c:\windows\Tasks\HPCeeScheduleForivana.novakova.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-19 1691192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-07-21 489472]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: abradio.cz\player
Trusted Zone: hitradiofaktor.cz\www
TCP: DhcpNameServer = 192.168.1.1 127.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_194_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_194_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_194_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_194_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\crypserv.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
.
**************************************************************************
.
Celkový čas: 2015-06-24 18:35:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-06-24 16:35
ComboFix2.txt 2015-06-23 13:39
.
Před spuštěním: Volných bajtů: 225 231 298 560
Po spuštění: Volných bajtů: 224 364 359 680
.
- - End Of File - - F9CBC46280851AB821898BB4901E3843

[petr_xxx]

Stav PC se viditelně zlepšil. Když na něm nic nedělám, tak vytížení procesoru minimální 1-2%, paměť cca 50-60%.


Zde log z FRST + v příloze Addition:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by ivana.novakova (administrator) on NOVAKOVA-HP on 25-06-2015 12:09:48
Running from C:\Users\ivana.novakova.STAKOPLAST\Desktop
Loaded Profiles: ivana.novakova (Available Profiles: ivana.novakova & uzivatel)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(HP) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\ivana.novakova.STAKOPLAST\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2014-07-21] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-19] (ArcSoft Inc.)
HKLM-x32\...\Run: [ToolBoxFX] => C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [53248 2009-10-22] (HP)
HKLM-x32\...\Run: [Firebird] => C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2723840 2008-06-13] (Firebird Project)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-01-21]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-02-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> {791B9F98-CF13-42D7-AF27-25A7E797D680} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {791B9F98-CF13-42D7-AF27-25A7E797D680} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1216150944-3253024930-2114404105-1278 -> DefaultScope {6F7AE289-0995-46A3-AC04-E09B689F874B} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-1216150944-3253024930-2114404105-1278 -> {35982C24-9240-498E-B820-B90041FE7E2E} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-1216150944-3253024930-2114404105-1278 -> {6F7AE289-0995-46A3-AC04-E09B689F874B} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 127.0.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-09-04]

Chrome:
=======
CHR Profile: C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-28]
CHR Extension: (Google Drive) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-28]
CHR Extension: (CinemaPlus-4.5vV21.06) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfaohpmjmhdgnjblojekjlnadhehiadj [2015-06-22]
CHR Extension: (YouTube) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-28]
CHR Extension: (Google Search) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-28]
CHR Extension: (Google Wallet) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-28]
CHR Extension: (电脑管家上网防护) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-06-22]
CHR Extension: (Gmail) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Crypkey License; C:\windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-06-01] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89216 2009-12-22] (Realtek Semiconductor Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 12:09 - 2015-06-25 12:10 - 00020400 _____ C:\Users\ivana.novakova.STAKOPLAST\Desktop\FRST.txt
2015-06-25 12:09 - 2015-06-25 12:09 - 00000000 ____D C:\FRST
2015-06-25 12:05 - 2015-06-25 12:05 - 00112640 _____ (forum.viry.cz) C:\Users\ivana.novakova.STAKOPLAST\Desktop\FRSTLauncher.exe
2015-06-25 12:04 - 2015-06-25 12:04 - 02112512 _____ (Farbar) C:\Users\ivana.novakova.STAKOPLAST\Desktop\FRST64.exe
2015-06-24 19:15 - 2015-06-24 19:15 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-06-24 18:35 - 2015-06-24 18:35 - 00036166 _____ C:\ComboFix.txt
2015-06-24 15:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-06-23 17:23 - 2015-06-23 17:24 - 00000000 ____D C:\AdwCleaner
2015-06-23 14:46 - 2015-06-24 18:35 - 00000000 ____D C:\Qoobox
2015-06-23 14:46 - 2015-06-24 18:26 - 00000000 ____D C:\windows\erdnt
2015-06-23 14:46 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-06-23 14:46 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-06-23 14:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-06-23 14:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-06-23 14:46 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-06-23 14:46 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-06-23 14:46 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-06-23 14:42 - 2015-06-24 07:07 - 05630176 ____R (Swearware) C:\Users\ivana.novakova.STAKOPLAST\Desktop\ComboFix.exe
2015-06-23 14:11 - 2015-06-23 14:12 - 02244096 _____ C:\Users\ivana.novakova.STAKOPLAST\Desktop\adwcleaner_4.207.exe
2015-06-23 13:06 - 2015-06-23 13:07 - 00000000 ____D C:\rsit
2015-06-23 13:04 - 2015-06-23 13:04 - 01222144 _____ C:\Users\ivana.novakova.STAKOPLAST\Desktop\RSITx64.exe
2015-06-22 14:38 - 2015-06-25 08:22 - 00001488 _____ C:\windows\error.log
2015-06-22 14:38 - 2015-06-25 08:22 - 00000784 _____ C:\windows\setupact.log
2015-06-22 14:38 - 2015-06-25 08:21 - 00000336 _____ C:\windows\errord.log
2015-06-22 14:38 - 2015-06-24 18:28 - 00011884 _____ C:\windows\PFRO.log
2015-06-22 14:38 - 2015-06-22 14:38 - 00000000 _____ C:\windows\setuperr.log
2015-06-22 14:05 - 2015-06-22 14:17 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-06-22 13:53 - 2015-06-24 18:25 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz
2015-06-22 13:47 - 2015-06-22 14:17 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-06-22 13:47 - 2015-06-22 14:04 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-22 13:47 - 2015-06-22 13:45 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2015-06-22 13:47 - 2015-06-22 13:45 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys
2015-06-22 13:38 - 2015-06-22 13:39 - 00000000 ____D C:\ProgramData\Rising
2015-06-15 11:55 - 2015-06-15 11:55 - 06549184 _____ (Piriform Ltd) C:\Users\ivana.novakova.STAKOPLAST\Downloads\ccsetup506.exe
2015-06-12 08:31 - 2015-06-12 08:37 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\Documents\! Nováková PC
2015-06-11 09:15 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-11 09:15 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-11 09:15 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-11 09:15 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-11 09:15 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-06-11 09:15 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-11 09:15 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-06-11 09:15 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-06-11 09:15 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-11 09:15 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-06-11 09:15 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-11 09:15 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-06-11 09:15 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-06-11 09:15 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-06-11 09:15 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-11 09:15 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-06-11 09:15 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-11 09:15 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-06-11 09:15 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 09:15 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-06-11 09:15 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-11 09:15 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-11 09:15 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-11 09:15 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-11 09:15 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-11 09:15 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-06-11 09:15 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-11 09:15 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-11 09:15 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-11 09:15 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-11 09:15 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-06-11 09:15 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-06-11 09:15 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-06-11 09:15 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-11 09:15 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-11 09:15 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-11 09:15 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-06-11 09:15 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-06-11 09:15 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-06-11 09:15 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-11 09:15 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-06-11 09:15 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-11 09:15 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-11 09:15 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-06-11 09:15 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-06-11 09:15 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-06-11 09:15 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-06-11 09:15 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-06-11 09:15 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 09:15 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-06-11 09:15 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-11 09:15 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-11 09:15 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-06-11 09:15 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-11 09:15 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-11 09:15 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-06-11 09:15 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-11 09:15 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-11 09:15 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-11 09:15 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-06-11 09:15 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-11 09:15 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-11 09:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-11 09:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-11 09:15 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-11 09:15 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-11 09:15 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-11 09:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-11 09:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-11 09:15 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-10 09:26 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-10 09:26 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:26 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-10 09:26 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-06-10 09:26 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-06-10 09:26 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-10 09:26 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-10 09:26 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-06-10 09:26 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-06-10 09:26 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-10 09:26 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:26 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:26 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-06-10 09:26 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-06-10 09:26 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-06-10 09:26 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-06-10 09:26 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-06-10 09:26 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-06-10 09:26 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-06-10 09:26 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-06-10 09:26 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-06-10 09:26 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-06-10 09:26 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-06-10 09:26 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-06-10 09:26 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:26 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:26 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-10 09:26 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-10 09:26 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-10 09:26 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-10 09:26 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-10 09:26 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-10 09:26 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-10 09:26 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-10 09:25 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-06-10 09:25 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-06-10 09:25 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-10 09:25 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-10 09:25 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-06-10 09:25 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-06-10 09:25 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:25 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:25 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-10 09:25 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-10 09:24 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-06-09 08:43 - 2015-06-24 19:22 - 00000608 _____ C:\Users\ivana.novakova.STAKOPLAST\Desktop\21) denní záznamník (22.6.-26.6.2015).txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 12:01 - 2011-02-15 11:53 - 00000136 _____ C:\windows\system32\config\netlogon.ftl
2015-06-25 12:01 - 2011-01-21 19:51 - 01687555 _____ C:\windows\WindowsUpdate.log
2015-06-25 11:59 - 2014-10-29 09:20 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-25 11:45 - 2014-09-10 09:45 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-06-25 08:45 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-25 08:45 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-25 08:27 - 2010-12-06 01:42 - 00674178 _____ C:\windows\system32\perfh005.dat
2015-06-25 08:27 - 2010-12-06 01:42 - 00143694 _____ C:\windows\system32\perfc005.dat
2015-06-25 08:27 - 2009-07-14 07:13 - 01593214 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-25 08:24 - 2014-10-29 09:19 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-25 08:22 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-24 18:31 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-06-24 18:28 - 2009-07-14 04:34 - 91947008 _____ C:\windows\system32\config\software.bak
2015-06-24 18:28 - 2009-07-14 04:34 - 56098816 _____ C:\windows\system32\config\components.bak
2015-06-24 18:28 - 2009-07-14 04:34 - 19660800 _____ C:\windows\system32\config\system.bak
2015-06-24 18:28 - 2009-07-14 04:34 - 00335872 _____ C:\windows\system32\config\default.bak
2015-06-24 18:28 - 2009-07-14 04:34 - 00028672 _____ C:\windows\system32\config\security.bak
2015-06-24 18:25 - 2014-07-31 11:56 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\CrashDumps
2015-06-24 15:45 - 2013-07-24 14:24 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 15:45 - 2013-07-24 14:24 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 15:45 - 2012-01-03 09:44 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-23 15:39 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-06-23 15:31 - 2009-07-14 04:34 - 00028672 _____ C:\windows\system32\config\sam.bak
2015-06-23 13:06 - 2014-07-03 08:35 - 00000000 ____D C:\Program Files\trend micro
2015-06-23 09:07 - 2014-12-15 09:54 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForivana.novakova
2015-06-23 09:07 - 2014-11-10 09:52 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForivana.novakova.job
2015-06-23 08:23 - 2010-12-06 01:30 - 00000000 ____D C:\ProgramData\PDFC
2015-06-22 15:00 - 2014-07-28 09:52 - 00101400 _____ C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-22 14:38 - 2009-07-14 06:45 - 00406560 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-22 14:29 - 2014-07-28 15:37 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\TeamViewer
2015-06-22 14:05 - 2014-07-28 09:51 - 00000000 ___RD C:\Users\ivana.novakova.STAKOPLAST\Virtual Machines
2015-06-22 14:04 - 2014-07-28 09:51 - 00001397 _____ C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-22 13:47 - 2015-03-31 08:57 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\VirtualStore
2015-06-22 13:45 - 2011-11-20 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-17 08:19 - 2014-07-28 15:28 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Adobe
2015-06-15 11:56 - 2014-07-25 16:21 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-15 11:55 - 2014-07-15 09:33 - 00000000 ____D C:\Program Files (x86)\CCleaner
2015-06-15 11:16 - 2014-07-28 09:57 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\Desktop\upravit do PP
2015-06-12 14:15 - 2014-02-24 11:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-12 10:46 - 2011-02-11 02:04 - 00000000 ____D C:\windows\rescache
2015-06-12 08:34 - 2014-11-13 09:31 - 00000000 __SHD C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\EmieBrowserModeList
2015-06-12 08:34 - 2014-07-28 10:04 - 00000000 __SHD C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\EmieUserList
2015-06-12 08:34 - 2014-07-28 10:04 - 00000000 __SHD C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\EmieSiteList
2015-06-12 08:29 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-12 08:26 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-11 08:30 - 2014-12-11 15:53 - 00000000 ____D C:\windows\system32\appraiser
2015-06-11 08:30 - 2014-05-14 08:19 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-10 17:16 - 2011-02-10 18:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 17:12 - 2013-12-30 14:28 - 00000000 ____D C:\windows\system32\MRT
2015-06-10 17:06 - 2011-02-15 11:30 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-10 17:05 - 2009-07-14 04:34 - 00000513 _____ C:\windows\win.ini
2015-06-09 08:54 - 2014-07-28 09:57 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\Desktop\navod

==================== Files in the root of some directories =======

2011-02-17 13:34 - 2011-01-14 16:19 - 1131714 _____ () C:\Program Files (x86)\Software602_Form_Filler_Portable.pdf
2011-02-17 13:34 - 2011-01-24 17:46 - 0000084 _____ () C:\Program Files (x86)\start.cmd
2011-02-15 11:21 - 2011-02-17 14:19 - 0001795 _____ () C:\ProgramData\hpzinstall.log
2011-03-11 17:11 - 2011-04-21 12:07 - 0002672 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForivana.novakova.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe&HPCeeScheduleForivana.novakova (null)ivana.nov

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:8927A071

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ivana.novakova.STAKOPLAST\Desktop" je 592 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[petr_xxx]

Hláška už nenaskakuje.

Log:


Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by ivana.novakova at 2015-06-26 21:18:19 Run:1
Running from C:\Users\ivana.novakova.STAKOPLAST\Desktop
Loaded Profiles: ivana.novakova (Available Profiles: ivana.novakova & uzivatel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR Extension: (CinemaPlus-4.5vV21.06) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfaohpmjmhdgnjblojekjlnadhehiadj [2015-06-22]
CHR Extension: (????????) - C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-06-22]
2015-06-22 14:05 - 2015-06-22 14:17 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-06-22 13:53 - 2015-06-24 18:25 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz
2015-06-22 13:47 - 2015-06-22 14:17 - 00000000 ____D C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
2015-06-22 13:47 - 2015-06-22 14:04 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-22 13:47 - 2015-06-22 13:45 - 00087864 _____ (????) C:\windows\system32\Drivers\TFsFltX64.sys
2015-06-22 13:47 - 2015-06-22 13:45 - 00038200 _____ (????) C:\windows\system32\Drivers\TSSKX64.sys
2015-06-22 13:38 - 2015-06-22 13:39 - 00000000 ____D C:\ProgramData\Rising
2011-02-17 13:34 - 2011-01-24 17:46 - 0000084 _____ () C:\Program Files (x86)\start.cmd

AlternateDataStreams: C:\ProgramData\TEMP:8927A071

end
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1216150944-3253024930-2114404105-1278\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfaohpmjmhdgnjblojekjlnadhehiadj => moved successfully.
C:\Users\ivana.novakova.STAKOPLAST\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm => moved successfully.
C:\windows\SysWOW64\Drivers\TS888x64.sys => moved successfully.
C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Seznam.cz => moved successfully.

"C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder move:

Could not move "C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder => Scheduled to move on reboot.

C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\windows\system32\Drivers\TFsFltX64.sys => moved successfully.
C:\windows\system32\Drivers\TSSKX64.sys => moved successfully.
C:\ProgramData\Rising => moved successfully.
C:\Program Files (x86)\start.cmd => moved successfully.
C:\ProgramData\TEMP => ":8927A071" ADS removed successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-26 21:22:15)<=

"C:\Users\ivana.novakova.STAKOPLAST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" => Could not move

==== End of Fixlog 21:22:15 ====

[petr_xxx]

První program mi smazal z plochy předchozí pomocné prográmky.

V popisované cestě se nacházel jeden čínský/korejský/ adresář - prázdný => smazal jsem ho.

Problém vyřešen.

Děkuji za ochotu a čas strávený řešením mého problému.