Prosím o kontrolu, zlobí google chrome

[Anna.ja]

Zdravím, prosím o kontrolu logu, zlobí chrome a bůhví co ještě, na co jsem nepřišla. V chromu nejdou přidávat rozšíření, aplikace, nic. Hlásí chybu připojení, což je nesmysl. Jde o notebook mojí dcery. Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kristýna at 2015-07-24 19:04:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 154 GB (56%) free of 276 GB
Total RAM: 3018 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:04:43, on 24.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Users\Kristýna\Desktop\RSIT.exe
C:\Program Files\trend micro\Kristýna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MediaFire Tray] "C:\Users\Kristýna\AppData\Local\MediaFire Desktop\mf_watch.exe" --boot-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [f.lux] "C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: MediaFire NTFS Monitor (MF NTFS Monitor) - Unknown owner - C:\Users\KRISTN~1\AppData\Local\MEDIAF~1\MFUSNM~1.EXE
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4957 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ReadSeed.job - c:\programdata\{cf82d7b7-dc1e-fc31-cf82-2d7b7dc15edf}\alice- madness returns full version.exe --startup=1 --single

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1210640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 145880]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 181208]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 189912]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MediaFire Tray"=C:\Users\Kristýna\AppData\Local\MediaFire Desktop\mf_watch.exe [2014-07-02 3089224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-06-01 6405912]
"f.lux"=C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Origin\Origin.exe [2014-11-09 3618648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 330752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-24 18:45:04 ----D---- C:\Program Files\trend micro
2015-07-24 18:45:03 ----D---- C:\rsit
2015-07-24 18:25:30 ----D---- C:\AdwCleaner
2015-07-21 19:51:32 ----A---- C:\Windows\ntbtlog.txt
2015-07-21 10:28:07 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\atmlib.dll
2015-07-19 09:55:27 ----D---- C:\Program Files\Assassin's Creed II
2015-07-19 09:16:45 ----D---- C:\Program Files\Common Files\Java
2015-07-19 09:08:38 ----D---- C:\Users\Kristýna\AppData\Roaming\VS Revo Group
2015-07-19 08:54:07 ----A---- C:\Windows\system32\drivers\revoflt.sys
2015-07-19 08:54:01 ----D---- C:\Program Files\VS Revo Group
2015-07-18 21:59:58 ----D---- C:\Program Files\LiveReader
2015-07-18 21:53:54 ----D---- C:\Program Files\Alice
2015-07-15 16:42:52 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 16:42:46 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 16:42:43 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 16:42:39 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 16:42:38 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 16:42:31 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 16:42:30 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 16:42:29 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 16:42:29 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 16:42:28 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 16:42:10 ----A---- C:\Windows\system32\msi.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 16:42:09 ----A---- C:\Windows\system32\consent.exe
2015-07-15 16:42:09 ----A---- C:\Windows\system32\authui.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 16:42:08 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 16:41:35 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 16:41:30 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 16:41:30 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 16:41:29 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 16:41:28 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 16:41:24 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 16:41:17 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 16:41:06 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 16:41:06 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 16:41:05 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wups.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:40:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 16:40:55 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 16:40:54 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 16:40:53 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 16:40:52 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 16:40:50 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 16:40:49 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 16:40:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:40:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:40:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:40:20 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 16:40:20 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 16:40:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:40:19 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 16:40:18 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 16:40:18 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 16:40:17 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 16:40:17 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 16:40:17 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 16:40:14 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 16:40:14 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 16:40:13 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 16:40:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:40:10 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 16:40:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 16:40:05 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 16:40:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:39:59 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 16:39:57 ----A---- C:\Windows\system32\vbscript.dll

======List of files/folders modified in the last 1 month======

2015-07-24 19:00:42 ----D---- C:\Windows\Temp
2015-07-24 18:59:26 ----D---- C:\Windows\system32\config
2015-07-24 18:45:04 ----RD---- C:\Program Files
2015-07-24 18:28:27 ----D---- C:\Windows
2015-07-24 18:27:23 ----D---- C:\Windows\Tasks
2015-07-24 18:27:22 ----D---- C:\Windows\system32\Tasks
2015-07-24 18:27:22 ----D---- C:\Windows\system32\drivers
2015-07-24 18:27:19 ----HD---- C:\ProgramData
2015-07-24 13:14:43 ----A---- C:\Windows\win.ini
2015-07-24 13:02:34 ----D---- C:\Windows\System32
2015-07-23 13:07:32 ----D---- C:\Windows\system32\NDF
2015-07-23 12:59:50 ----D---- C:\Kika
2015-07-22 22:27:31 ----D---- C:\Windows\winsxs
2015-07-22 22:21:51 ----SHD---- C:\System Volume Information
2015-07-20 00:12:42 ----D---- C:\Windows\system32\GroupPolicy
2015-07-19 22:11:34 ----D---- C:\Windows\inf
2015-07-19 10:17:19 ----D---- C:\Users\Kristýna\AppData\Roaming\Ubisoft
2015-07-19 10:17:19 ----D---- C:\ProgramData\Ubisoft
2015-07-19 09:20:08 ----D---- C:\Windows\debug
2015-07-19 09:18:55 ----D---- C:\Program Files\CCleaner
2015-07-19 09:17:36 ----D---- C:\ProgramData\Oracle
2015-07-19 09:17:27 ----SHD---- C:\Windows\Installer
2015-07-19 09:17:26 ----D---- C:\Program Files\Java
2015-07-19 09:16:45 ----D---- C:\Program Files\Common Files
2015-07-19 09:15:52 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-07-19 09:13:56 ----D---- C:\Program Files\Ubisoft
2015-07-19 09:07:15 ----D---- C:\Program Files\Steam
2015-07-18 21:34:08 ----D---- C:\Program Files\SUPERAntiSpyware
2015-07-18 21:34:05 ----D---- C:\games
2015-07-18 07:52:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-16 11:38:56 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 11:38:54 ----SD---- C:\Windows\system32\GWX
2015-07-16 11:38:53 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 08:59:41 ----D---- C:\Windows\Prefetch
2015-07-16 08:52:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 08:52:46 ----D---- C:\Windows\system32\wbem
2015-07-16 08:52:46 ----D---- C:\Windows\system32\appraiser
2015-07-16 08:52:46 ----D---- C:\Windows\AppPatch
2015-07-16 08:52:45 ----D---- C:\Windows\system32\en-US
2015-07-16 08:52:45 ----D---- C:\Program Files\Internet Explorer
2015-07-16 07:55:15 ----D---- C:\Windows\system32\MRT
2015-07-16 07:34:13 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 16:39:48 ----D---- C:\Windows\system32\catroot2
2015-07-15 16:11:57 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-05 12:11:18 ----N---- C:\Windows\system32\MpSigStub.exe
2015-07-04 11:21:16 ----D---- C:\Users\Kristýna\AppData\Roaming\Skype
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 23:01:42 ----D---- C:\ProgramData\Skype
2015-07-02 23:01:25 ----RD---- C:\Program Files\Skype
2015-07-01 15:33:53 ----D---- C:\Users\Kristýna\AppData\Roaming\PhotoScape

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-09 243128]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 mfmonitor;mfmonitor; C:\Windows\system32\DRIVERS\mfmonitor_x86.sys [2014-07-02 19160]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2014-01-29 3768320]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2010-10-21 67184]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-09-01 949760]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 cpuz134;cpuz134; \??\C:\Users\KRISTN~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-09-30 218624]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MF NTFS Monitor;MediaFire NTFS Monitor; C:\Users\KRISTN~1\AppData\Local\MEDIAF~1\MFUSNM~1.EXE [2014-07-02 456504]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-06-12 75136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 227600]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2014-11-09 1900400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-11-12 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-13 1343400]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 936208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 477456]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Anna.ja]

Adwcleaner log:

# AdwCleaner v4.208 - Log vytvořen 24/07/2015 v 19:15:43
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Kristýna - KRISTÝNA-PC
# Spuštěno z : C:\Users\Kristýna\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Google Chrome v43.0.2357.134

[C:\Users\Kristýna\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [16402 bytů] - [24/07/2015 18:25:33]
AdwCleaner[R1].txt - [1033 bytů] - [24/07/2015 19:14:35]
AdwCleaner[S0].txt - [13051 bytů] - [24/07/2015 18:26:59]
AdwCleaner[S1].txt - [959 bytů] - [24/07/2015 19:15:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1016 bytů] ##########

[Rudy]

Dejte nový log RSIT.

[Anna.ja]

Nový RSIT log


Logfile of random's system information tool 1.10 (written by random/random)
Run by Kristýna at 2015-07-24 20:47:19
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 154 GB (56%) free of 276 GB
Total RAM: 3018 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:28, on 24.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Users\Kristýna\Desktop\RSIT.exe
C:\Program Files\trend micro\Kristýna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MediaFire Tray] "C:\Users\Kristýna\AppData\Local\MediaFire Desktop\mf_watch.exe" --boot-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [f.lux] "C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: MediaFire NTFS Monitor (MF NTFS Monitor) - Unknown owner - C:\Users\KRISTN~1\AppData\Local\MEDIAF~1\MFUSNM~1.EXE
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4957 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ReadSeed.job - c:\programdata\{cf82d7b7-dc1e-fc31-cf82-2d7b7dc15edf}\alice- madness returns full version.exe --startup=1 --single

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1210640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 145880]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 181208]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 189912]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MediaFire Tray"=C:\Users\Kristýna\AppData\Local\MediaFire Desktop\mf_watch.exe [2014-07-02 3089224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-06-01 6405912]
"f.lux"=C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Origin\Origin.exe [2014-11-09 3618648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 330752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-24 18:45:04 ----D---- C:\Program Files\trend micro
2015-07-24 18:45:03 ----D---- C:\rsit
2015-07-24 18:25:30 ----D---- C:\AdwCleaner
2015-07-21 19:51:32 ----A---- C:\Windows\ntbtlog.txt
2015-07-21 10:28:07 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\atmlib.dll
2015-07-19 09:55:27 ----D---- C:\Program Files\Assassin's Creed II
2015-07-19 09:16:45 ----D---- C:\Program Files\Common Files\Java
2015-07-19 09:08:38 ----D---- C:\Users\Kristýna\AppData\Roaming\VS Revo Group
2015-07-19 08:54:07 ----A---- C:\Windows\system32\drivers\revoflt.sys
2015-07-19 08:54:01 ----D---- C:\Program Files\VS Revo Group
2015-07-18 21:59:58 ----D---- C:\Program Files\LiveReader
2015-07-18 21:53:54 ----D---- C:\Program Files\Alice
2015-07-15 16:42:52 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 16:42:46 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 16:42:43 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 16:42:39 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 16:42:38 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 16:42:31 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 16:42:30 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 16:42:29 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 16:42:29 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 16:42:28 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 16:42:10 ----A---- C:\Windows\system32\msi.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 16:42:09 ----A---- C:\Windows\system32\consent.exe
2015-07-15 16:42:09 ----A---- C:\Windows\system32\authui.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 16:42:08 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 16:41:35 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 16:41:30 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 16:41:30 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 16:41:29 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 16:41:28 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 16:41:24 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 16:41:17 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 16:41:06 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 16:41:06 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 16:41:05 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wups.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:40:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 16:40:55 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 16:40:54 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 16:40:53 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 16:40:52 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 16:40:50 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 16:40:49 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 16:40:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:40:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:40:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:40:20 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 16:40:20 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 16:40:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:40:19 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 16:40:18 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 16:40:18 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 16:40:17 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 16:40:17 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 16:40:17 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 16:40:14 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 16:40:14 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 16:40:13 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 16:40:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:40:10 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 16:40:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 16:40:05 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 16:40:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:39:59 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 16:39:57 ----A---- C:\Windows\system32\vbscript.dll

======List of files/folders modified in the last 1 month======

2015-07-24 20:21:33 ----D---- C:\Windows\Temp
2015-07-24 19:28:27 ----D---- C:\Windows\system32\config
2015-07-24 19:09:36 ----D---- C:\Windows\winsxs
2015-07-24 18:45:04 ----RD---- C:\Program Files
2015-07-24 18:28:27 ----D---- C:\Windows
2015-07-24 18:27:23 ----D---- C:\Windows\Tasks
2015-07-24 18:27:22 ----D---- C:\Windows\system32\Tasks
2015-07-24 18:27:22 ----D---- C:\Windows\system32\drivers
2015-07-24 18:27:19 ----HD---- C:\ProgramData
2015-07-24 13:14:43 ----A---- C:\Windows\win.ini
2015-07-24 13:02:34 ----D---- C:\Windows\System32
2015-07-23 13:07:32 ----D---- C:\Windows\system32\NDF
2015-07-23 12:59:50 ----D---- C:\Kika
2015-07-22 22:21:51 ----SHD---- C:\System Volume Information
2015-07-20 00:12:42 ----D---- C:\Windows\system32\GroupPolicy
2015-07-19 22:11:34 ----D---- C:\Windows\inf
2015-07-19 10:17:19 ----D---- C:\Users\Kristýna\AppData\Roaming\Ubisoft
2015-07-19 10:17:19 ----D---- C:\ProgramData\Ubisoft
2015-07-19 09:20:08 ----D---- C:\Windows\debug
2015-07-19 09:18:55 ----D---- C:\Program Files\CCleaner
2015-07-19 09:17:36 ----D---- C:\ProgramData\Oracle
2015-07-19 09:17:27 ----SHD---- C:\Windows\Installer
2015-07-19 09:17:26 ----D---- C:\Program Files\Java
2015-07-19 09:16:45 ----D---- C:\Program Files\Common Files
2015-07-19 09:15:52 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-07-19 09:13:56 ----D---- C:\Program Files\Ubisoft
2015-07-19 09:07:15 ----D---- C:\Program Files\Steam
2015-07-18 21:34:08 ----D---- C:\Program Files\SUPERAntiSpyware
2015-07-18 21:34:05 ----D---- C:\games
2015-07-18 07:52:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-16 11:38:56 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 11:38:54 ----SD---- C:\Windows\system32\GWX
2015-07-16 11:38:53 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 08:59:41 ----D---- C:\Windows\Prefetch
2015-07-16 08:52:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 08:52:46 ----D---- C:\Windows\system32\wbem
2015-07-16 08:52:46 ----D---- C:\Windows\system32\appraiser
2015-07-16 08:52:46 ----D---- C:\Windows\AppPatch
2015-07-16 08:52:45 ----D---- C:\Windows\system32\en-US
2015-07-16 08:52:45 ----D---- C:\Program Files\Internet Explorer
2015-07-16 07:55:15 ----D---- C:\Windows\system32\MRT
2015-07-16 07:34:13 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 16:39:48 ----D---- C:\Windows\system32\catroot2
2015-07-15 16:11:57 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-05 12:11:18 ----N---- C:\Windows\system32\MpSigStub.exe
2015-07-04 11:21:16 ----D---- C:\Users\Kristýna\AppData\Roaming\Skype
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 23:01:42 ----D---- C:\ProgramData\Skype
2015-07-02 23:01:25 ----RD---- C:\Program Files\Skype
2015-07-01 15:33:53 ----D---- C:\Users\Kristýna\AppData\Roaming\PhotoScape

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-09 243128]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 mfmonitor;mfmonitor; C:\Windows\system32\DRIVERS\mfmonitor_x86.sys [2014-07-02 19160]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2014-01-29 3768320]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2010-10-21 67184]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-09-01 949760]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 cpuz134;cpuz134; \??\C:\Users\KRISTN~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-09-30 218624]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MF NTFS Monitor;MediaFire NTFS Monitor; C:\Users\KRISTN~1\AppData\Local\MEDIAF~1\MFUSNM~1.EXE [2014-07-02 456504]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-06-12 75136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 227600]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2014-11-09 1900400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-11-12 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-13 1343400]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 936208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 477456]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[Anna.ja]

Nový RSIT log... omlouvám se za zdržení, měla jsem dlouhý hovor

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kristýna at 2015-07-24 21:48:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 154 GB (56%) free of 276 GB
Total RAM: 3018 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:49:02, on 24.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Users\Kristýna\Desktop\RSIT.exe
C:\Program Files\trend micro\Kristýna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKCU\..\Run: [MediaFire Tray] "C:\Users\Kristýna\AppData\Local\MediaFire Desktop\mf_watch.exe" --boot-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [f.lux] "C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: MediaFire NTFS Monitor (MF NTFS Monitor) - Unknown owner - C:\Users\KRISTN~1\AppData\Local\MEDIAF~1\MFUSNM~1.EXE
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 4719 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\ReadSeed.job - c:\programdata\{cf82d7b7-dc1e-fc31-cf82-2d7b7dc15edf}\alice- madness returns full version.exe --startup=1 --single

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1210640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 145880]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 181208]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 189912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MediaFire Tray"=C:\Users\Kristýna\AppData\Local\MediaFire Desktop\mf_watch.exe [2014-07-02 3089224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-06-01 6405912]
"f.lux"=C:\Users\Kristýna\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Origin\Origin.exe [2014-11-09 3618648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 330752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-24 21:44:49 ----D---- C:\_OTM
2015-07-24 18:45:04 ----D---- C:\Program Files\trend micro
2015-07-24 18:45:03 ----D---- C:\rsit
2015-07-24 18:25:30 ----D---- C:\AdwCleaner
2015-07-21 19:51:32 ----A---- C:\Windows\ntbtlog.txt
2015-07-21 10:28:07 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 10:28:06 ----A---- C:\Windows\system32\atmlib.dll
2015-07-19 09:55:27 ----D---- C:\Program Files\Assassin's Creed II
2015-07-19 09:16:45 ----D---- C:\Program Files\Common Files\Java
2015-07-19 09:08:38 ----D---- C:\Users\Kristýna\AppData\Roaming\VS Revo Group
2015-07-19 08:54:07 ----A---- C:\Windows\system32\drivers\revoflt.sys
2015-07-19 08:54:01 ----D---- C:\Program Files\VS Revo Group
2015-07-18 21:59:58 ----D---- C:\Program Files\LiveReader
2015-07-18 21:53:54 ----D---- C:\Program Files\Alice
2015-07-15 16:42:52 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 16:42:46 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 16:42:43 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 16:42:39 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 16:42:38 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 16:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 16:42:31 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 16:42:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 16:42:30 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 16:42:30 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 16:42:29 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 16:42:29 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 16:42:29 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 16:42:28 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 16:42:10 ----A---- C:\Windows\system32\msi.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 16:42:09 ----A---- C:\Windows\system32\consent.exe
2015-07-15 16:42:09 ----A---- C:\Windows\system32\authui.dll
2015-07-15 16:42:09 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 16:42:08 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 16:41:35 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 16:41:30 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 16:41:30 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 16:41:29 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 16:41:29 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 16:41:28 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 16:41:24 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 16:41:17 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 16:41:16 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 16:41:06 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 16:41:06 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 16:41:05 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wups.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 16:41:03 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 16:41:02 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:40:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 16:40:55 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 16:40:54 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 16:40:53 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 16:40:52 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 16:40:50 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 16:40:49 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 16:40:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:40:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:40:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:40:20 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 16:40:20 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 16:40:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:40:19 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 16:40:18 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 16:40:18 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 16:40:17 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 16:40:17 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 16:40:17 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 16:40:14 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 16:40:14 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 16:40:13 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 16:40:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:40:10 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 16:40:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 16:40:05 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 16:40:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:39:59 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 16:39:57 ----A---- C:\Windows\system32\vbscript.dll

======List of files/folders modified in the last 1 month======

2015-07-24 21:48:38 ----D---- C:\Windows\Temp
2015-07-24 21:47:18 ----D---- C:\Windows\system32\config
2015-07-24 21:45:03 ----D---- C:\Windows
2015-07-24 19:09:36 ----D---- C:\Windows\winsxs
2015-07-24 18:45:04 ----RD---- C:\Program Files
2015-07-24 18:27:23 ----D---- C:\Windows\Tasks
2015-07-24 18:27:22 ----D---- C:\Windows\system32\Tasks
2015-07-24 18:27:22 ----D---- C:\Windows\system32\drivers
2015-07-24 18:27:19 ----HD---- C:\ProgramData
2015-07-24 13:14:43 ----A---- C:\Windows\win.ini
2015-07-24 13:02:34 ----D---- C:\Windows\System32
2015-07-23 13:07:32 ----D---- C:\Windows\system32\NDF
2015-07-23 12:59:50 ----D---- C:\Kika
2015-07-22 22:21:51 ----SHD---- C:\System Volume Information
2015-07-20 00:12:42 ----D---- C:\Windows\system32\GroupPolicy
2015-07-19 22:11:34 ----D---- C:\Windows\inf
2015-07-19 10:17:19 ----D---- C:\Users\Kristýna\AppData\Roaming\Ubisoft
2015-07-19 10:17:19 ----D---- C:\ProgramData\Ubisoft
2015-07-19 09:20:08 ----D---- C:\Windows\debug
2015-07-19 09:18:55 ----D---- C:\Program Files\CCleaner
2015-07-19 09:17:36 ----D---- C:\ProgramData\Oracle
2015-07-19 09:17:27 ----SHD---- C:\Windows\Installer
2015-07-19 09:17:26 ----D---- C:\Program Files\Java
2015-07-19 09:16:45 ----D---- C:\Program Files\Common Files
2015-07-19 09:15:52 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-07-19 09:13:56 ----D---- C:\Program Files\Ubisoft
2015-07-19 09:07:15 ----D---- C:\Program Files\Steam
2015-07-18 21:34:08 ----D---- C:\Program Files\SUPERAntiSpyware
2015-07-18 21:34:05 ----D---- C:\games
2015-07-18 07:52:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-16 11:38:56 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 11:38:54 ----SD---- C:\Windows\system32\GWX
2015-07-16 11:38:53 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 08:59:41 ----D---- C:\Windows\Prefetch
2015-07-16 08:52:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 08:52:46 ----D---- C:\Windows\system32\wbem
2015-07-16 08:52:46 ----D---- C:\Windows\system32\appraiser
2015-07-16 08:52:46 ----D---- C:\Windows\AppPatch
2015-07-16 08:52:45 ----D---- C:\Windows\system32\en-US
2015-07-16 08:52:45 ----D---- C:\Program Files\Internet Explorer
2015-07-16 07:55:15 ----D---- C:\Windows\system32\MRT
2015-07-16 07:34:13 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 16:39:48 ----D---- C:\Windows\system32\catroot2
2015-07-15 16:11:57 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-05 12:11:18 ----N---- C:\Windows\system32\MpSigStub.exe
2015-07-04 11:21:16 ----D---- C:\Users\Kristýna\AppData\Roaming\Skype
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 23:01:42 ----D---- C:\ProgramData\Skype
2015-07-02 23:01:25 ----RD---- C:\Program Files\Skype
2015-07-01 15:33:53 ----D---- C:\Users\Kristýna\AppData\Roaming\PhotoScape

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-09 243128]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 mfmonitor;mfmonitor; C:\Windows\system32\DRIVERS\mfmonitor_x86.sys [2014-07-02 19160]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2014-01-29 3768320]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2010-10-21 67184]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-09-01 949760]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 cpuz134;cpuz134; \??\C:\Users\KRISTN~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-09-30 218624]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MF NTFS Monitor;MediaFire NTFS Monitor; C:\Users\KRISTN~1\AppData\Local\MEDIAF~1\MFUSNM~1.EXE [2014-07-02 456504]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-06-12 75136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 227600]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2014-11-09 1900400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-11-12 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-13 1343400]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 936208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 477456]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[Anna.ja]

Chrome má stále problém s rozšířeními. Nedají se stáhnout, viz příloha. Reklamy mají stále snahu se načítat, i když chybově.

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Anna.ja]

MBAM scan.. snad je to tak správně. Nic jsem nemazala, jen uložila výsledek do *.txt souboru.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.7.2015
Čas skenování: 22:41
Protokol: MBAM scan.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.24.07
Databáze rootkitů: v2015.07.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Kristýna

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 304062
Uplynulý čas: 12 min, 35 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 3
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3269865839-1380444351-2537382852-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [efa88b5ae3a7e650ef400784a35fab55],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , , [8d0a30b55c2e70c691670c8c0004649c],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [2b6c0adbf59579bd3867d4c445bfec14],

Hodnoty registru: 8
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [0c8b9055bad0241200f7a1f7e81c17e9]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [d9bebd28454555e1d621ccccf1137888]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [405735b03159989e886fb6e2af5512ee]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [9afd15d0f991fe38ca2d72267391ab55]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [0493df064e3c3df9bf383365956f5ba5]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [574027be692193a356a15642bc4831cf]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130632169982902547, , [8d0a30b55c2e70c691670c8c0004649c]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [2b6c0adbf59579bd3867d4c445bfec14]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Anna.ja]

Prosím, může mi někdo poradit jak dál? Notebook je prozatím v hibernaci, vše je spuštěno jak mi bylo poradíno.

[Rudy]

Všechny nalezené položky smažte.

[Anna.ja]

Tak jsem po skenu vše smazala a stejně ta rozšíření nejdou instalovat. Zobrazuje se pořád to samé, chyba sítě.

[Anna.ja]

Táákže.. problém zřejmě vyřešen, i když nevím, čím byl způsoben. Prohlížeč Chrome jsem ze zoufalství odinstalovala, notebook projela Ccleanerem a Chrome znovu nainstalovala. Maká jak makat má. Asi měl v sobě schované něco, co bránilo stažení rozšíření.

Děkuji za pomoc s vyčištěním od breberek, mladá dostane na budku, že (asi) leze kam nemá.

Přeji hezké léto.