VIRY.CZ

Prosím o preventivku. Dlouhá doba načítání systému po spuštění a i firefox dlouho načítá.
Log z RSIT.¨Logfile of random's system information tool 1.10 (written by random/random)
Run by Michaela at 2014-09-29 13:54:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 368 GB (80%) free of 459 GB
Total RAM: 3996 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:54:51, on 29.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IMPI Helper - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [POPUPTV] C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMPI Updater - Unknown owner - C:\Program Files\IMPI\ExtensionUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13100 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files\IMPI\ExtensionUpdaterService.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" service
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2912
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
taskeng.exe {A5D9C4BB-0B0E-4603-B016-E5C08E9A02A4}
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Michaela\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe --auto
C:\windows\tasks\HPCeeScheduleForMichaela.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMichaela (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.netintra.cz/"
prefs.js - "keyword.URL" - "http://trovi.com/ResultsExt.aspx?ctid=C ... 11&UM=1&q="

"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\searchplugins\
bs-player-controlbar-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension64.dll [2013-02-05 211456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-20 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-20 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-09-29 2174760]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-25 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-25 390680]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-25 410136]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-06-07 489472]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-08-19 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-02-13 1509232]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21653096]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2010-01-12 563736]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"NortonOnlineBackup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-05-03 1110360]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"POPUPTV"=C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-14 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-01-25 268800]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-29 13:54:46 ----D---- C:\rsit
2014-09-29 13:13:32 ----A---- C:\windows\SYSWOW64\SynTPCOM.dll
2014-09-29 13:13:32 ----A---- C:\windows\SYSWOW64\SynCtrl.dll
2014-09-29 13:13:32 ----A---- C:\windows\SYSWOW64\SynCOM.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynTPCo4.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynTPAPI.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynCtrl.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynCOM.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\drivers\SynTP.sys
2014-09-25 19:37:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-24 18:19:30 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-09-24 18:19:30 ----A---- C:\windows\system32\tzres.dll
2014-09-17 09:05:27 ----A---- C:\windows\system32\ieui.dll
2014-09-17 09:05:26 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-09-17 09:05:22 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-09-17 09:05:22 ----A---- C:\windows\system32\MshtmlDac.dll
2014-09-17 09:05:22 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 09:05:22 ----A---- C:\windows\system32\iernonce.dll
2014-09-17 09:05:21 ----A---- C:\windows\system32\jscript9diag.dll
2014-09-17 09:05:21 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-09-17 09:05:20 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-09-17 09:05:20 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-09-17 09:05:20 ----A---- C:\windows\system32\ieUnatt.exe
2014-09-17 09:05:20 ----A---- C:\windows\system32\dxtmsft.dll
2014-09-17 09:05:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-09-17 09:05:19 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-09-17 09:05:19 ----A---- C:\windows\system32\vbscript.dll
2014-09-17 09:05:19 ----A---- C:\windows\system32\dxtrans.dll
2014-09-17 09:05:18 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-09-17 09:05:18 ----A---- C:\windows\system32\msrating.dll
2014-09-17 09:05:18 ----A---- C:\windows\system32\mshtmled.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-09-17 09:05:17 ----A---- C:\windows\system32\msfeeds.dll
2014-09-17 09:05:17 ----A---- C:\windows\system32\jsproxy.dll
2014-09-17 09:05:17 ----A---- C:\windows\system32\iesetup.dll
2014-09-17 09:05:16 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-09-17 09:05:16 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-09-17 09:05:16 ----A---- C:\windows\system32\iedkcs32.dll
2014-09-17 09:05:16 ----A---- C:\windows\system32\ie4uinit.exe
2014-09-17 09:05:15 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-09-17 09:05:15 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-17 09:05:13 ----A---- C:\windows\system32\mshtml.dll
2014-09-17 09:05:12 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-09-17 09:05:12 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-09-17 09:05:12 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-09-17 09:05:12 ----A---- C:\windows\system32\ieapfltr.dll
2014-09-17 09:05:11 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-09-17 09:05:11 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-09-17 09:05:11 ----A---- C:\windows\system32\ieetwcollector.exe
2014-09-17 09:05:10 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-17 09:05:06 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-09-17 09:05:05 ----A---- C:\windows\system32\wininet.dll
2014-09-17 09:05:05 ----A---- C:\windows\system32\iertutil.dll
2014-09-17 09:05:04 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-09-17 09:05:04 ----A---- C:\windows\system32\jscript9.dll
2014-09-17 09:05:03 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-09-17 09:05:03 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-09-17 09:05:03 ----A---- C:\windows\system32\urlmon.dll
2014-09-17 09:04:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-09-17 09:04:58 ----A---- C:\windows\system32\ieframe.dll
2014-09-17 09:04:57 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-09-17 08:51:12 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-09-17 08:51:11 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-09-13 14:44:17 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2014-09-13 14:39:07 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2014-09-13 14:39:07 ----A---- C:\windows\system32\TSWorkspace.dll
2014-09-13 14:38:55 ----A---- C:\windows\system32\d3d10warp.dll
2014-09-13 14:38:54 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-09-13 14:38:08 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-09-13 14:38:08 ----A---- C:\windows\system32\kerberos.dll
2014-09-13 14:38:07 ----A---- C:\windows\system32\lsasrv.dll
2014-09-13 14:38:06 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-09-13 14:38:06 ----A---- C:\windows\SYSWOW64\secur32.dll

======List of files/folders modified in the last 1 month======

2014-09-29 13:54:49 ----D---- C:\Program Files\trend micro
2014-09-29 13:54:48 ----D---- C:\windows\Temp
2014-09-29 13:53:29 ----D---- C:\windows\System32
2014-09-29 13:53:29 ----D---- C:\windows\inf
2014-09-29 13:53:29 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-09-29 13:49:49 ----D---- C:\windows\Prefetch
2014-09-29 13:47:39 ----D---- C:\Windows
2014-09-29 13:47:12 ----D---- C:\windows\system32\config
2014-09-29 13:46:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-29 13:38:18 ----D---- C:\windows\Panther
2014-09-29 13:38:18 ----D---- C:\windows\ModemLogs
2014-09-29 13:38:17 ----D---- C:\windows\Minidump
2014-09-29 13:38:17 ----D---- C:\windows\Logs
2014-09-29 13:38:17 ----D---- C:\windows\debug
2014-09-29 13:25:54 ----D---- C:\Program Files\CCleaner
2014-09-29 13:14:51 ----D---- C:\windows\system32\catroot
2014-09-29 13:14:35 ----D---- C:\windows\SysWOW64
2014-09-29 13:14:29 ----D---- C:\windows\system32\drivers
2014-09-29 13:14:14 ----D---- C:\windows\system32\DriverStore
2014-09-29 13:13:30 ----D---- C:\swsetup
2014-09-29 13:12:20 ----SHD---- C:\System Volume Information
2014-09-29 13:05:19 ----D---- C:\windows\winsxs
2014-09-29 13:05:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-09-29 13:05:08 ----D---- C:\windows\system32\cs-CZ
2014-09-29 13:01:31 ----D---- C:\Users\Michaela\AppData\Roaming\Skype
2014-09-25 21:09:51 ----RD---- C:\Program Files (x86)
2014-09-24 19:49:12 ----D---- C:\windows\Microsoft.NET
2014-09-24 18:56:47 ----RSD---- C:\windows\assembly
2014-09-24 18:16:10 ----D---- C:\windows\system32\catroot2
2014-09-23 16:27:06 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-17 19:03:06 ----D---- C:\Users\Michaela\AppData\Roaming\CorelHomeOffice
2014-09-17 10:35:28 ----D---- C:\ProgramData\HP Photo Creations
2014-09-17 10:28:20 ----D---- C:\windows\SYSWOW64\en-US
2014-09-17 10:28:20 ----D---- C:\Program Files\Internet Explorer
2014-09-17 10:28:19 ----D---- C:\windows\system32\en-US
2014-09-17 10:28:19 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-17 09:11:14 ----SHD---- C:\windows\Installer
2014-09-17 09:11:14 ----SHD---- C:\Config.Msi
2014-09-17 09:01:32 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-09-17 08:54:27 ----D---- C:\windows\system32\MRT
2014-09-17 08:54:23 ----A---- C:\windows\system32\MRT.exe
2014-09-16 17:18:42 ----D---- C:\windows\Tasks
2014-09-16 17:18:42 ----D---- C:\windows\system32\Tasks
2014-09-15 09:06:02 ----N---- C:\windows\system32\MpSigStub.exe
2014-09-13 14:44:26 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-08-30 07:45:55 ----D---- C:\ProgramData\Skype
2014-08-30 07:45:43 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-07-20 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-07-20 224896]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-07-20 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-07-20 1041168]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-08-14 427360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-07-20 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-07-20 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-07-20 92008]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-01-25 7842272]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-04 331880]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 96384]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-06-07 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-09-29 1379376]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF9035BDA;ASUS U3100 Mini Plus BDA Devices; C:\windows\System32\Drivers\AF9035BDA.sys [2009-07-16 492008]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2013-04-03 38080]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-07-09 3232768]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2013-04-03 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2013-04-03 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2013-04-03 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2013-04-03 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-06-07 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-20 50344]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 IMPI Updater;IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-02-05 185856]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-05-03 2782552]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-01-12 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-06-07 271360]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-21 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13 267440]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-21 647680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 stllssvr;stllssvr; c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-06-21 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Log z AdwCleaner. Trošku mi to trvalo, ale není to můj noťas a neměl jsem ho k dispozici.

# AdwCleaner v3.311 - Report created 06/10/2014 at 18:00:59
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michaela - HP
# Running from : C:\Users\Michaela\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\Smartbar
Folder Deleted : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\ValueApps
File Deleted : C:\END

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 cs)

[ File : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\prefs.js ]

Line Deleted : user_pref("CT1750559.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT1750559.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM Dance\",\"description\":\"1.FM Dance\",\"url\":\"mms://dance.1.fm/energydance128k?MSWMExt=.asf\"}");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_city", "PLZEN");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_country", "CZ");
Line Deleted : user_pref("CT1750559.1000234.TWC_country", "CZECH REPUBLIC");
Line Deleted : user_pref("CT1750559.1000234.TWC_locId", "EZXX1762");
Line Deleted : user_pref("CT1750559.1000234.TWC_location", "Plzen, PL, Czech Republic");
Line Deleted : user_pref("CT1750559.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT1750559.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT1750559.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT1750559.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.FF19Solved", "true");
Line Deleted : user_pref("CT1750559.FirstTime", "true");
Line Deleted : user_pref("CT1750559.FirstTimeFF3", "true");
Line Deleted : user_pref("CT1750559.RestartDialogFirstTime", "false");
Line Deleted : user_pref("CT1750559.RestartDialogShouldDisplay", "false");
Line Deleted : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN22806771803112811&UM=1&q=");
Line Deleted : user_pref("CT1750559.UserID", "UN22806771803112811");
Line Deleted : user_pref("CT1750559.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.appButtonDisablenull.enc", "MA==");
Line Deleted : user_pref("CT1750559.appOptions", "{\"130022038127130206\":{\"render\":true,\"disabled\":true,\"appGuid\":\"d5c4c431-a6ed-49fe-9670-df872dce43fe\",\"appClientGuid\":\"\",\"isPersonalApp\":false},\"129[...]
Line Deleted : user_pref("CT1750559.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT1750559.countryCode", "CZ");
Line Deleted : user_pref("CT1750559.defaultSearch", "true");
Line Deleted : user_pref("CT1750559.enableAlerts", "true");
Line Deleted : user_pref("CT1750559.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT1750559.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT1750559.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT1750559.fullUserID", "UN22806771803112811.IN.20140207195440");
Line Deleted : user_pref("CT1750559.homepageuserchanged", true);
Line Deleted : user_pref("CT1750559.installDate", "07/02/2014 19:54:47");
Line Deleted : user_pref("CT1750559.installId", "dm");
Line Deleted : user_pref("CT1750559.installSessionId", "8a48448f-319b-4683-bb3d-649530ab7251");
Line Deleted : user_pref("CT1750559.installSp", "FALSE");
Line Deleted : user_pref("CT1750559.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT1750559.installUsage", "2014-02-07T21:55:04.2339103+03:00");
Line Deleted : user_pref("CT1750559.installUsageEarly", "2014-02-07T21:55:01.535093+03:00");
Line Deleted : user_pref("CT1750559.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT1750559.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT1750559.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT1750559.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1750559.keyword", true);
Line Deleted : user_pref("CT1750559.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://www.trovigo.com/?gd=&ctid=CT1750559&oct ... &Lay=1&UM=[...]
Line Deleted : user_pref("CT1750559.lastVersion", "10.33.0.517");
Line Deleted : user_pref("CT1750559.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT1750559.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.facebook.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"(1)%20Facebook\",\"EB_TOOLBAR_SUB_DOMAIN\":[...]
Line Deleted : user_pref("CT1750559.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.openThankYouPage", "false");
Line Deleted : user_pref("CT1750559.openUninstallPage", "true");
Line Deleted : user_pref("CT1750559.originalHomepage", "hxxp://www.netintra.cz/");
Line Deleted : user_pref("CT1750559.originalSearchAddressUrl", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Line Deleted : user_pref("CT1750559.originalSearchEngine", "Google");
Line Deleted : user_pref("CT1750559.originalSearchEngineName", "Google");
Line Deleted : user_pref("CT1750559.performedDomainChangesMigration", "true");
Line Deleted : user_pref("CT1750559.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT1750559.search.searchAppId", "128520273115419467");
Line Deleted : user_pref("CT1750559.search.searchCount", "0");
Line Deleted : user_pref("CT1750559.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.searchRevert", "false");
Line Deleted : user_pref("CT1750559.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT1750559.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT1750559.searchUserMode", "1");
Line Deleted : user_pref("CT1750559.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1750559\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BSPlayerControlBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BS Player ControlBar \"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_services_Configuration_lastUpdate", "1411665548816");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1391799299243");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appsMetadata_lastUpdate", "1391799298950");
Line Deleted : user_pref("CT1750559.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1391799298722");
Line Deleted : user_pref("CT1750559.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1391799297058");
Line Deleted : user_pref("CT1750559.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1391799299764");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.23.0.722_lastUpdate", "1391894870399");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396451860297");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399282744844");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.30.1.502_lastUpdate", "1400778297984");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.31.0.526_lastUpdate", "1401491954828");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.31.2.501_lastUpdate", "1404106858717");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.33.0.505_lastUpdate", "1408562424911");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.33.0.517_lastUpdate", "1409766893732");
Line Deleted : user_pref("CT1750559.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1391799298815");
Line Deleted : user_pref("CT1750559.serviceLayer_services_searchAPI_lastUpdate", "1411665549005");
Line Deleted : user_pref("CT1750559.serviceLayer_services_serviceMap_lastUpdate", "1411665548586");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarContextMenu_lastUpdate", "1391799298883");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarSettings_lastUpdate", "1411672748766");
Line Deleted : user_pref("CT1750559.serviceLayer_services_translation_lastUpdate", "1411665548727");
Line Deleted : user_pref("CT1750559.settingsINI", true);
Line Deleted : user_pref("CT1750559.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT1750559.showToolbarPermission", "false");
Line Deleted : user_pref("CT1750559.smartbar.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT1750559.smartbar.homepage", true);
Line Deleted : user_pref("CT1750559.smartbar.toolbarName", "BS Player ControlBar ");
Line Deleted : user_pref("CT1750559.startPage", "true");
Line Deleted : user_pref("CT1750559.toolbarBornServerTime", "7-2-2014");
Line Deleted : user_pref("CT1750559.toolbarCurrentServerTime", "3-9-2014");
Line Deleted : user_pref("CT1750559.toolbarInstallDate", "07-02-2014 19:54:40");
Line Deleted : user_pref("CT1750559.toolbarLoginClientTime", "Fri Feb 07 2014 19:54:59 GMT+0100");
Line Deleted : user_pref("CT1750559.versionFromInstaller", "10.23.0.722");
Line Deleted : user_pref("CT1750559.xpeMode", "1");
Line Deleted : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1411672201313,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Line Deleted : user_pref("Smartbar.TBHomepagesList", "");
Line Deleted : user_pref("Smartbar.TBSearchEngineList", "");
Line Deleted : user_pref("Smartbar.TBSearchUrlList", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT1750559");
Line Deleted : user_pref("keyword.URL", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN22806771803112811&UM=1&q=");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT1750559");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT1750559&CUI=UN22806771803112811&UM=1&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN22806771803112811&UM=1&q=,hxxp://trovi.com/ResultsExt.aspx?ctid=CT17505[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT1750559");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT1750559");
Line Deleted : user_pref("smartbar.homepageList", "hxxp://search.conduit.com/?ctid=CT1750559&CUI=UN22806771803112811&UM=1&SearchSource=13");
Line Deleted : user_pref("smartbar.machineId", "OSYE3/BHGH84SZHLFPNQB0NZIRZLZFH67TYKVOKLOMYVNXNJRSJQPOCEJZL4PINLJHZV9D6JN98QSHASWRMVHQ");
Line Deleted : user_pref("smartbar.searchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN22806771803112811&UM=1&q=,hxxp://trovi.com/ResultsExt.aspx?ctid=CT1750559&Sear[...]
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_currentVersion", "312E31332E302E3137");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_migrated_from_ls.storedInFile", false);
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_userBornDate", "4E2F41");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_userBornDate.storedInFile", false);

*************************

AdwCleaner[R0].txt - [5251 octets] - [05/09/2013 21:15:26]
AdwCleaner[R1].txt - [1309 octets] - [05/09/2013 21:25:59]
AdwCleaner[R2].txt - [14406 octets] - [06/10/2014 17:57:03]
AdwCleaner[S0].txt - [5306 octets] - [05/09/2013 21:16:32]
AdwCleaner[S1].txt - [1378 octets] - [05/09/2013 21:30:53]
AdwCleaner[S2].txt - [14535 octets] - [06/10/2014 18:00:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [14596 octets] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Log z MBAM.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 6.10.2014
Čas skenování: 21:53:49
Protokol: mbam.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.10.06.08
Databáze rootkitů: v2014.09.19.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Michaela

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 494461
Uplynulý čas: 2 hod, 7 min, 23 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 2
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [3c4431e04d2fd2649288dcba41c103fd],
PUP.Adware.Gotclip.ScamLotto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GotClip, , [661a40d1d6a6bf77f1f91282e71901ff],

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 8
PUP.Optional.Bandoo, C:\Users\Michaela\Desktop\iLividSetup-r420-n-bf.exe, , [bac6af62c7b5e84ed6a5d4484cb540c0],
PUP.Optional.InstallBrain.A, C:\Users\Michaela\Desktop\VideoPerformerSetup.exe, , [cdb30b0658245cdaa41350274fb29769],
PUP.Optional.Somoto, C:\Users\Michaela\Desktop\Downloads\FreeMediaPlayerSetup-21nYXWw.exe, , [2b55b859dba184b207a5a495fd0833cd],
PUP.Optional.Conduit, C:\Users\Michaela\Desktop\Downloads\bsplayer266.1075.exe, , [7a06a66b245822141f02d66ac045748c],
PUP.Optional.Coolmirage, C:\Users\Michaela\Desktop\Downloads\FirstRowSportAppsSetup(18_3f)2_ff.exe, , [6c1438d9bfbd171f87e870b3a25f48b8],
PUP.Optional.FileScout.A, C:\AdwCleaner\Quarantine\C\Users\Michaela\AppData\Roaming\file scout\filescout.exe.vir, , [d6aab35e8bf169cd1b877c9e68990df3],
PUP.Adware.Gotclip.ScamLotto, C:\Program Files (x86)\GotClip\Uninstall.exe, , [661a40d1d6a6bf77f1f91282e71901ff],
PUP.Optional.Conduit.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\searchplugins\bs-player-controlbar-customized-web-search.xml, , [b9c78889314b1e18356b6fb5b053fe02],

Fyzické sektory: 0
(No malicious items detected)


(end)

Vsechny nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle toho zvolim dalsi postup.

Další log z Mbam

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 7.10.2014
Čas skenování: 19:05:50
Protokol: log mbam.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.10.07.11
Databáze rootkitů: v2014.09.19.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Michaela

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 494499
Uplynulý čas: 2 hod, 7 min, 15 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

MBAM odinstalujte.


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Tak zatím z crystal disk info.
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/10/08 19:01:50

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- Hitachi HTS545050B9A300
- hp CDDVDW TS-L633R

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545050B9A300 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS545050B9A300
----------------------------------------------------------------------------
Model : Hitachi HTS545050B9A300
Firmware : PB4OCA1G
Serial Number : 110111PBN475M7E1VXDE
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 7208 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 5245 hod.
Power On Count : 9726 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 138 100 _33 001500000002 Čas na roztočení ploten
04 _94 _94 __0 000000002602 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _89 _89 __0 00000000147D Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _94 _94 __0 0000000025FE Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 0000FFFF0001 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000001 Časový limit příkazu
BE _66 _57 _45 000022150022 Teplota toku vzduchu
BF 100 100 __0 000000000098 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000470047 Počet vypnutí disku
C1 _94 _94 __0 00000001104F Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3131 3031 3131 5042 4E34 4D37 4D37 4531 5658 4445
020: 0003 3850 0004 5042 344F 3147 3147 4869 7461 6368
030: 6920 4854 5335 3435 3035 3941 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0D06 0D06 0000 004C 004C
080: 01FC 0028 706B 7C09 6123 BC09 BC09 6123 203F 004E
090: 004F 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 8848 5000 CCA6
110: 7CDD 086B 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 3448 0000 0000 7281 7281 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 AFA5

morar píše:BB 100 100 __0 0000FFFF0001 Ohlášeno neopravitelných chyb
BF 100 100 __0 000000000098 Počet udalostí zaznamenaných otřesovým senzorem

I tohle muze byt pricina, ale uvidime az po kompletnim vycisteni.

Log z ComboFix. K restartu nedošlo.

ComboFix 14-10-04.01 - Michaela 08.10.2014 19:09:18.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3996.2189 [GMT 2:00]
Spuštěný z: c:\users\Michaela\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IMPI\ExTEnsion64.dll
c:\programdata\C0026917EE.sys
c:\programdata\HP
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1025\1025.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1025\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1025\synonyms-1025.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1026\1026.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1026\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1026\synonyms-1026.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1028\1028.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1028\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1028\synonyms-1028.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\1029.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\2050_troubleshooting.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\AnimationList.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\BCGGFIHA.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\GeneratedFiles\bookmarks.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\GeneratedFiles\HomePage.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\GeneratedFiles\IndexerProgressBar.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\howdoi.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\HVMnemonicMap.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\loadMedia.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\orderInk.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\SearchIndex\_1d.cfs
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\SearchIndex\deletable
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\SearchIndex\segments
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\SeeAlso.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\synonyms-1029.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\TOC.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v10557049.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v106119432.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v167925466.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v218078186.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v219372518.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v219372532.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v219372545.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v219372679.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v219372685.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v219372857.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v220090244.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v220090265.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v220090334.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v220090433.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v241183500.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v241185239.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v241217995.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v242193567.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v242663037.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v246756744.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v250315011.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v252591864.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v270866037.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v270866044.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v272862552.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v278386287.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v280384830.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v313297254.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v313297628.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v313349820.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v318075781.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v318286690.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v320539471.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v324906067.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v328645139.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v328782249.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v331488257.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v331669189.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v332614997.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v333348923.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v70935656.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v70935710.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v97537308.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1029\v98442524.html
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1030\1030.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1030\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1030\synonyms-1030.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1031\1031.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1031\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1031\synonyms-1031.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1032\1032.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1032\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1032\synonyms-1032.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1033\1033.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1033\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1033\synonyms-1033.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1034\1034.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1034\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1034\synonyms-1034.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1035\1035.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1035\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1035\synonyms-1035.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1036\1036.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1036\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1036\synonyms-1036.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1037\1037.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1037\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1037\synonyms-1037.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1038\1038.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1038\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1038\synonyms-1038.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1040\1040.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1040\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1040\synonyms-1040.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1041\1041.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1041\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1041\synonyms-1041.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1042\1042.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1042\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1042\synonyms-1042.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1043\1043.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1043\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1043\synonyms-1043.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1044\1044.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1044\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1044\synonyms-1044.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1045\1045.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1045\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1045\synonyms-1045.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1046\1046.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1046\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1046\synonyms-1046.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1048\1048.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1048\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1048\synonyms-1048.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1049\1049.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1049\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1049\synonyms-1049.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1050\1050.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1050\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1050\synonyms-1050.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1051\1051.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1051\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1051\synonyms-1051.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1053\1053.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1053\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1053\synonyms-1053.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1054\1054.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1054\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1054\synonyms-1054.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1055\1055.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1055\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1055\synonyms-1055.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1057\1057.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1057\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1057\synonyms-1057.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1060\1060.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1060\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1060\synonyms-1060.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1061\1061.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1061\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1061\synonyms-1061.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1062\1062.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1062\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1062\synonyms-1062.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1063\1063.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1063\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\1063\synonyms-1063.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\2052\2052.cab
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\2052\dj2050_Animations.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\2052\synonyms-2052.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\AC_RunActiveContent.js
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\cueFunctions.js
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\hubURL.js
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\bullet.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\cmyk-color-bar.svg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\collapsed.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\expanded.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\hyphen.PNG
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\checkbox.PNG
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\icon_caution_color.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\icon_warning_color.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\projector_icon.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\registration-circle.svg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\RightArrow.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\spacer.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\images\well.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\Accessory\masterStyle.css
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_black_copy.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_color_copy.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_com.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_com_load_media.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_copy.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_copy_text_or_mixed_docs.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_gtk_printer_parts.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_ink_replace_cartridges.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_load_media_envelope.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_load_media_large_paper.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_load_media_small_paper.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_back.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_back_R.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_bottom.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_bottom_R.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_front.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_front_R.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_inside.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_paper_jam_inside_R.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_replace_cartridges.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\dj2050_tunoff.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\flash\globalAnivewerParts_V2.swf
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\booklet_reload.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\booklet_reload.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\c_panel.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\c_panel_2.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\cart_slots.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\cartridge_number.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\clean1.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\cleanout_door.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\cleanout_door_close.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\clear_jam_back.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\clear_jam_bottom.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\clear_jam_front.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\clear_jam_inside.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\close_lid.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\colorlok.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\diagnostics.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\fcvr_ajr.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\fcvr_close.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_1.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_10.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\Flashing_light_2.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\Flashing_light_3.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\Flashing_light_4.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_4a.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_4b.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_4c.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_4d.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\Flashing_light_5.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_6.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_8.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\flashing_light_9.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\globe.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_caution_color.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_document.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_envelope.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_photo_horizontal.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_poster.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_tasktray.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\icon_web.gif
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ink_blk1.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ink_cart_callouts.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ink_cart_date.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ink_cart_date.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\inkcart4.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\inkcart5_no_co.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\input_tray_1.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ironon_media.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_brochure.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_env3.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_papr2.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_papr3.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_papr4 .png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_papr4.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_pcard.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_photo_in_tray.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_photo_in_tray2.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_scan.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_scan_close.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_scan_open.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\ld_transp.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\load_booklet.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\load_label.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\load_poster.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\model_number.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\notouch.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\open_lid.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\opentype_icon.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\output_tray_1.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\phone_list_urls_lar_weuro_ap.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\poster_layout.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\poster_layout.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\printer_parts.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\projector_icon.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\pwr_cord.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ar_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_bg_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_cs_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_da_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_de_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_el_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_en_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_es_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_et_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fi_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_fr_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_he_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hr_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_hu_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_id_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_it_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_jp_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ko_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lt_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_lv_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ms_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_nl_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_no_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pl_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_pt_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ro_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_ru_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sk_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sl_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_sv_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_th_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_tr_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_uk_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_cn.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_copyright_acknowledgements_no_bluetooth_zh_tw.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_doc.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_energystar_logo_ww.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_fcc_statement_class_b_us.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_notice_to_users_ko_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_power_cord_notice_jp_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_rohs_table_generic_zh_cn.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_vcci_class_b_notice_jp_ww.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\reg_weee_eu.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\release_pcart.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\release_pcart_no_co.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\truetype_icon.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\unpack_cart.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\graphics\online\usb_pc.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\images\global_product_bg_blue.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\images\global_product_bg_blue_gtk.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\images\global_product_bg_blue_hd.jpg
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\images\global_product_bg_blue_wide.png
c:\programdata\HP\HP Deskjet 2050 J510 series\Help\topicmap.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\HV_Preferences.ini
c:\programdata\HP\HP Deskjet 2050 J510 series\XmlFileCache\CN12O37JHC05D1\Calibration\CalibrationManifest.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\XmlFileCache\CN12O37JHC05D1\DevMgmt\ConsumableConfigCap.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\XmlFileCache\CN12O37JHC05D1\DevMgmt\DiscoveryTree.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\XmlFileCache\CN12O37JHC05D1\DevMgmt\InternalPrintCap.xml
c:\programdata\HP\HP Deskjet 2050 J510 series\XmlFileCache\CN12O37JHC05D1\Scan\ScanCaps.xml
c:\programdata\HP\hpwebreg\HP Deskjet 2050 J510 series.ini
C:\Thumbs.db
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-08 do 2014-10-08 )))))))))))))))))))))))))))))))
.
.
2014-10-08 17:22 . 2014-10-08 17:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-08 16:59 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{175B6768-B29E-470C-BB4B-C0CE9C45F88C}\mpengine.dll
2014-10-01 15:50 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 15:50 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-29 11:54 . 2014-09-29 11:55 -------- d-----w- C:\rsit
2014-09-29 11:13 . 2014-09-29 11:13 400168 ----a-w- c:\windows\system32\SynCOM.dll
2014-09-29 11:13 . 2014-09-29 11:13 270632 ----a-w- c:\windows\system32\SynCtrl.dll
2014-09-29 11:13 . 2014-09-29 11:13 215336 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-09-29 11:13 . 2014-09-29 11:13 214312 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2014-09-29 11:13 . 2014-09-29 11:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2014-09-29 11:13 . 2014-09-29 11:13 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2014-09-29 11:13 . 2014-09-29 11:13 1379376 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-09-29 11:13 . 2014-09-29 11:13 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2014-09-24 16:19 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 16:19 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-17 07:04 . 2014-08-18 21:16 13588480 ----a-w- c:\windows\system32\ieframe.dll
2014-09-17 06:51 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-17 06:51 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-13 12:44 . 2014-09-13 12:44 17903792 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-09-13 12:39 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-13 12:39 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-13 12:38 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-13 12:38 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-13 12:38 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-13 12:38 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-13 12:38 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-13 12:38 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-13 12:38 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-04 07:53 . 2011-06-16 19:59 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2014-09-17 06:54 . 2012-09-27 17:03 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-15 07:06 . 2012-06-16 19:33 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-13 12:44 . 2012-04-02 13:29 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-13 12:44 . 2011-06-16 14:33 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-07 20:04 . 2014-09-07 20:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-08-23 02:07 . 2014-08-28 11:11 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 11:11 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 11:11 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-14 07:44 . 2012-09-27 18:00 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-20 16:41 . 2014-07-20 16:41 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-20 16:41 . 2014-07-20 16:41 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-20 16:41 . 2013-04-07 17:07 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-20 16:41 . 2013-04-07 17:07 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-20 16:41 . 2012-09-27 18:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-20 16:41 . 2012-09-27 18:00 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-20 16:41 . 2012-09-27 18:00 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-20 16:41 . 2012-09-27 18:00 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-20 16:41 . 2014-07-20 16:41 43152 ----a-w- c:\windows\avastSS.scr
2014-07-14 02:02 . 2014-08-14 16:48 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 16:47 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
2013-02-05 15:50 167424 ----a-w- c:\program files\IMPI\Extension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-02-13 1509232]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-07-24 21653096]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-01-12 563736]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-05-03 1110360]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"POPUPTV"="c:\program files (x86)\ASUS\PopupTV\ExpressTV.exe" [2010-03-19 692224]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-02-13 310128]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-14 4085896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-6-16 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AF9035BDA;ASUS U3100 Mini Plus BDA Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC64.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVRC64.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 19:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-05 12:44]
.
2014-10-08 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2014-09-16 15:18]
.
2014-10-08 c:\windows\Tasks\HPCeeScheduleForMichaela.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-20 16:41 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-25 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-25 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-25 410136]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-07 489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-09-25 21720]
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/?clid=22668
uLocal Page = c:\windows\system32\blank.htm
mStart Page = https://www.seznam.cz/?clid=22668
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
mSearch Bar = https://www.seznam.cz/?clid=22668
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.20
FF - ProfilePath - c:\users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.netintra.cz/
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-10-08 19:26:33
ComboFix-quarantined-files.txt 2014-10-08 17:26
.
Před spuštěním: Volných bajtů: 384 088 481 792
Po spuštění: Volných bajtů: 383 819 685 888
.
- - End Of File - - 9FA1DFEB1649E232B0EF86A1FD0D5B6B

Vypnete trvale Windows Defender



Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Nový log z CF.

ComboFix 14-10-04.01 - Michaela 09.10.2014 12:56:16.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3996.2029 [GMT 2:00]
Spuštěný z: c:\users\Michaela\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michaela\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IMPI
c:\program files\IMPI\DGChrome.exe
c:\program files\IMPI\Extension32.dll
c:\program files\IMPI\ExtensionUpdaterService.exe
c:\program files\IMPI\Firefox\defaults\preferences\defaults.js
c:\program files\IMPI\Firefox\chrome.manifest
c:\program files\IMPI\Firefox\chrome\content\libraries\DataExchangeScript.js
c:\program files\IMPI\Firefox\chrome\content\main.js
c:\program files\IMPI\Firefox\chrome\content\main.xul
c:\program files\IMPI\Firefox\chrome\content\resources\LocalScript.js
c:\program files\IMPI\Firefox\chrome\locale\en-US\overlay.dtd
c:\program files\IMPI\Firefox\chrome\skin\overlay.css
c:\program files\IMPI\Firefox\icon.png
c:\program files\IMPI\Firefox\install.rdf
c:\program files\IMPI\InstallerHelper.dll
c:\program files\IMPI\libraries\DataExchangeScript.js
c:\program files\IMPI\resources\LocalScript.js
c:\program files\IMPI\source.crx
c:\program files\IMPI\unins000.dat
c:\program files\IMPI\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
-------\Service_IMPI Updater
-------\Service_NOBU
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-09 do 2014-10-09 )))))))))))))))))))))))))))))))
.
.
2014-10-09 12:13 . 2014-10-09 12:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-08 16:59 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{175B6768-B29E-470C-BB4B-C0CE9C45F88C}\mpengine.dll
2014-10-06 19:50 . 2014-10-08 16:49 -------- d-----w- c:\programdata\Malwarebytes
2014-10-01 15:50 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 15:50 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-29 11:54 . 2014-09-29 11:55 -------- d-----w- C:\rsit
2014-09-29 11:13 . 2014-09-29 11:13 400168 ----a-w- c:\windows\system32\SynCOM.dll
2014-09-29 11:13 . 2014-09-29 11:13 270632 ----a-w- c:\windows\system32\SynCtrl.dll
2014-09-29 11:13 . 2014-09-29 11:13 215336 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-09-29 11:13 . 2014-09-29 11:13 214312 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2014-09-29 11:13 . 2014-09-29 11:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2014-09-29 11:13 . 2014-09-29 11:13 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2014-09-29 11:13 . 2014-09-29 11:13 1379376 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-09-29 11:13 . 2014-09-29 11:13 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2014-09-24 16:19 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 16:19 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-17 07:04 . 2014-08-18 21:16 13588480 ----a-w- c:\windows\system32\ieframe.dll
2014-09-17 06:51 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-17 06:51 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-13 12:44 . 2014-09-13 12:44 17903792 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-09-13 12:39 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-13 12:39 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-13 12:38 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-13 12:38 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-13 12:38 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-13 12:38 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-13 12:38 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-13 12:38 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-13 12:38 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-04 07:53 . 2011-06-16 19:59 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2014-09-17 06:54 . 2012-09-27 17:03 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-15 07:06 . 2012-06-16 19:33 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-13 12:44 . 2012-04-02 13:29 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-13 12:44 . 2011-06-16 14:33 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-07 20:04 . 2014-09-07 20:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-08-23 02:07 . 2014-08-28 11:11 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 11:11 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 11:11 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-14 07:44 . 2012-09-27 18:00 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-20 16:41 . 2014-07-20 16:41 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-20 16:41 . 2014-07-20 16:41 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-20 16:41 . 2013-04-07 17:07 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-20 16:41 . 2013-04-07 17:07 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-20 16:41 . 2012-09-27 18:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-20 16:41 . 2012-09-27 18:00 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-20 16:41 . 2012-09-27 18:00 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-20 16:41 . 2012-09-27 18:00 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-20 16:41 . 2014-07-20 16:41 43152 ----a-w- c:\windows\avastSS.scr
2014-07-14 02:02 . 2014-08-14 16:48 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 16:47 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"POPUPTV"="c:\program files (x86)\ASUS\PopupTV\ExpressTV.exe" [2010-03-19 692224]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-14 4085896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-6-16 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R3 AF9035BDA;ASUS U3100 Mini Plus BDA Devices;c:\windows\system32\Drivers\AF9035BDA.sys;c:\windows\SYSNATIVE\Drivers\AF9035BDA.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 ASUSVRC64;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC64.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVRC64.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 19:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-05 12:44]
.
2014-10-09 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2014-09-16 15:18]
.
2014-10-08 c:\windows\Tasks\HPCeeScheduleForMichaela.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-20 16:41 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-25 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-25 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-25 410136]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-07 489472]
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/?clid=22668
uLocal Page = c:\windows\system32\blank.htm
mStart Page = https://www.seznam.cz/?clid=22668
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
mSearch Bar = https://www.seznam.cz/?clid=22668
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.20
FF - ProfilePath - c:\users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.netintra.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{17E113E6-CD0E-4045-B154-65F0E57959EF} - c:\program files\IMPI\Extension32.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Celkový čas: 2014-10-09 14:20:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-09 12:20
ComboFix2.txt 2014-10-08 17:26
.
Před spuštěním: Volných bajtů: 384 102 739 968
Po spuštění: Volných bajtů: 383 863 947 264
.
- - End Of File - - 3F7F3DE33DB745ED4DE233DC6E8793C8

Dejte novy log z RSIT

Log z Rsit.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michaela at 2014-10-09 22:15:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 365 GB (80%) free of 459 GB
Total RAM: 3996 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:13, on 9.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Michaela.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IMPI Helper - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [POPUPTV] C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10748 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2600
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\svchost.exe -k SDRSVC
taskeng.exe {3EFE0ADC-C1A2-4FAD-A820-AE8E14D48E81}
taskeng.exe {C0F0523E-3D70-4F9E-950C-5DC9F7CCE153}
taskhost.exe $(Arg0)
"C:\Users\Michaela\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe --auto
C:\windows\tasks\HPCeeScheduleForMichaela.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMichaela (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\vz2n8n2y.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.netintra.cz/"

"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-20 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-20 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-09-29 2174760]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-25 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-25 390680]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-25 410136]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-06-07 489472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"POPUPTV"=C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [2010-03-19 692224]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-14 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-01-25 268800]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-10-09 14:20:50 ----SHD---- C:\$RECYCLE.BIN
2014-10-09 14:20:43 ----A---- C:\ComboFix.txt
2014-10-08 19:06:57 ----A---- C:\windows\zip.exe
2014-10-08 19:06:57 ----A---- C:\windows\SWSC.exe
2014-10-08 19:06:57 ----A---- C:\windows\SWREG.exe
2014-10-08 19:06:57 ----A---- C:\windows\sed.exe
2014-10-08 19:06:57 ----A---- C:\windows\PEV.exe
2014-10-08 19:06:57 ----A---- C:\windows\NIRCMD.exe
2014-10-08 19:06:57 ----A---- C:\windows\MBR.exe
2014-10-08 19:06:57 ----A---- C:\windows\grep.exe
2014-10-08 19:06:38 ----D---- C:\Qoobox
2014-10-08 19:06:13 ----D---- C:\windows\erdnt
2014-10-06 21:50:10 ----D---- C:\ProgramData\Malwarebytes
2014-10-01 17:50:30 ----A---- C:\windows\system32\qdvd.dll
2014-10-01 17:50:29 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-09-29 13:54:46 ----D---- C:\rsit
2014-09-29 13:13:32 ----A---- C:\windows\SYSWOW64\SynTPCOM.dll
2014-09-29 13:13:32 ----A---- C:\windows\SYSWOW64\SynCtrl.dll
2014-09-29 13:13:32 ----A---- C:\windows\SYSWOW64\SynCOM.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynTPCo4.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynTPAPI.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynCtrl.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\SynCOM.dll
2014-09-29 13:13:32 ----A---- C:\windows\system32\drivers\SynTP.sys
2014-09-25 19:37:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-24 18:19:30 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-09-24 18:19:30 ----A---- C:\windows\system32\tzres.dll
2014-09-17 09:05:27 ----A---- C:\windows\system32\ieui.dll
2014-09-17 09:05:26 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-09-17 09:05:22 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-09-17 09:05:22 ----A---- C:\windows\system32\MshtmlDac.dll
2014-09-17 09:05:22 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 09:05:22 ----A---- C:\windows\system32\iernonce.dll
2014-09-17 09:05:21 ----A---- C:\windows\system32\jscript9diag.dll
2014-09-17 09:05:21 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-09-17 09:05:20 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-09-17 09:05:20 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-09-17 09:05:20 ----A---- C:\windows\system32\ieUnatt.exe
2014-09-17 09:05:20 ----A---- C:\windows\system32\dxtmsft.dll
2014-09-17 09:05:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-09-17 09:05:19 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-09-17 09:05:19 ----A---- C:\windows\system32\vbscript.dll
2014-09-17 09:05:19 ----A---- C:\windows\system32\dxtrans.dll
2014-09-17 09:05:18 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-09-17 09:05:18 ----A---- C:\windows\system32\msrating.dll
2014-09-17 09:05:18 ----A---- C:\windows\system32\mshtmled.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-09-17 09:05:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-09-17 09:05:17 ----A---- C:\windows\system32\msfeeds.dll
2014-09-17 09:05:17 ----A---- C:\windows\system32\jsproxy.dll
2014-09-17 09:05:17 ----A---- C:\windows\system32\iesetup.dll
2014-09-17 09:05:16 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-09-17 09:05:16 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-09-17 09:05:16 ----A---- C:\windows\system32\iedkcs32.dll
2014-09-17 09:05:16 ----A---- C:\windows\system32\ie4uinit.exe
2014-09-17 09:05:15 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-09-17 09:05:15 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-17 09:05:13 ----A---- C:\windows\system32\mshtml.dll
2014-09-17 09:05:12 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-09-17 09:05:12 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-09-17 09:05:12 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-09-17 09:05:12 ----A---- C:\windows\system32\ieapfltr.dll
2014-09-17 09:05:11 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-09-17 09:05:11 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-09-17 09:05:11 ----A---- C:\windows\system32\ieetwcollector.exe
2014-09-17 09:05:10 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-17 09:05:06 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-09-17 09:05:05 ----A---- C:\windows\system32\wininet.dll
2014-09-17 09:05:05 ----A---- C:\windows\system32\iertutil.dll
2014-09-17 09:05:04 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-09-17 09:05:04 ----A---- C:\windows\system32\jscript9.dll
2014-09-17 09:05:03 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-09-17 09:05:03 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-09-17 09:05:03 ----A---- C:\windows\system32\urlmon.dll
2014-09-17 09:04:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-09-17 09:04:58 ----A---- C:\windows\system32\ieframe.dll
2014-09-17 09:04:57 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-09-17 08:51:12 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-09-17 08:51:11 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-09-13 14:44:17 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2014-09-13 14:39:07 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2014-09-13 14:39:07 ----A---- C:\windows\system32\TSWorkspace.dll
2014-09-13 14:38:55 ----A---- C:\windows\system32\d3d10warp.dll
2014-09-13 14:38:54 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-09-13 14:38:08 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-09-13 14:38:08 ----A---- C:\windows\system32\kerberos.dll
2014-09-13 14:38:07 ----A---- C:\windows\system32\lsasrv.dll
2014-09-13 14:38:06 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-09-13 14:38:06 ----A---- C:\windows\SYSWOW64\secur32.dll

======List of files/folders modified in the last 1 month======

2014-10-09 22:15:12 ----D---- C:\Program Files\trend micro
2014-10-09 16:51:49 ----D---- C:\windows\Temp
2014-10-09 16:47:46 ----D---- C:\windows\system32\config
2014-10-09 16:46:48 ----D---- C:\windows\Minidump
2014-10-09 16:46:45 ----D---- C:\Windows
2014-10-09 14:20:46 ----D---- C:\windows\system32\drivers
2014-10-09 14:16:19 ----D---- C:\windows\system32\catroot2
2014-10-09 14:15:30 ----A---- C:\windows\system.ini
2014-10-09 14:15:25 ----D---- C:\windows\system32\drivers\etc
2014-10-09 14:12:30 ----D---- C:\Program Files
2014-10-09 13:52:33 ----D---- C:\windows\SYSWOW64\drivers
2014-10-09 13:52:33 ----D---- C:\windows\SysWOW64
2014-10-09 13:52:33 ----D---- C:\windows\AppPatch
2014-10-09 13:52:30 ----D---- C:\Program Files (x86)\Common Files
2014-10-09 12:44:17 ----D---- C:\windows\inf
2014-10-09 09:23:38 ----SHD---- C:\System Volume Information
2014-10-08 21:47:29 ----D---- C:\Users\Michaela\AppData\Roaming\Skype
2014-10-08 19:20:55 ----D---- C:\ProgramData
2014-10-08 18:48:21 ----RD---- C:\Program Files (x86)
2014-10-07 18:57:16 ----D---- C:\windows\DigitalLocker
2014-10-07 18:55:41 ----D---- C:\Program Files (x86)\GotClip
2014-10-07 07:36:12 ----D---- C:\windows\System32
2014-10-07 07:36:10 ----D---- C:\windows\winsxs
2014-10-06 18:01:02 ----D---- C:\AdwCleaner
2014-10-04 09:57:41 ----D---- C:\Users\Michaela\AppData\Roaming\CorelHomeOffice
2014-10-03 23:04:47 ----D---- C:\windows\Tasks
2014-10-03 23:04:47 ----D---- C:\windows\system32\Tasks
2014-10-03 19:27:55 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-01 17:47:50 ----D---- C:\windows\system32\catroot
2014-09-29 13:53:29 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-09-29 13:49:49 ----D---- C:\windows\Prefetch
2014-09-29 13:46:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-29 13:38:18 ----D---- C:\windows\Panther
2014-09-29 13:38:18 ----D---- C:\windows\ModemLogs
2014-09-29 13:38:17 ----D---- C:\windows\Logs
2014-09-29 13:38:17 ----D---- C:\windows\debug
2014-09-29 13:25:54 ----D---- C:\Program Files\CCleaner
2014-09-29 13:14:14 ----D---- C:\windows\system32\DriverStore
2014-09-29 13:13:30 ----D---- C:\swsetup
2014-09-29 13:05:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-09-29 13:05:08 ----D---- C:\windows\system32\cs-CZ
2014-09-24 19:49:12 ----D---- C:\windows\Microsoft.NET
2014-09-24 18:56:47 ----RSD---- C:\windows\assembly
2014-09-17 10:35:28 ----D---- C:\ProgramData\HP Photo Creations
2014-09-17 10:28:20 ----D---- C:\windows\SYSWOW64\en-US
2014-09-17 10:28:20 ----D---- C:\Program Files\Internet Explorer
2014-09-17 10:28:19 ----D---- C:\windows\system32\en-US
2014-09-17 10:28:19 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-17 09:11:14 ----SHD---- C:\windows\Installer
2014-09-17 09:11:14 ----D---- C:\Config.Msi
2014-09-17 09:01:32 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-09-17 08:59:08 ----D---- C:\windows\system32\MRT
2014-09-17 08:54:23 ----A---- C:\windows\system32\MRT.exe
2014-09-15 09:06:02 ----N---- C:\windows\system32\MpSigStub.exe
2014-09-13 14:44:26 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-07-20 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-07-20 224896]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-07-20 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-07-20 1041168]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-08-14 427360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-07-20 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-07-20 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-07-20 92008]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 ASUSVRC64;ASUSTeK Virtual Capture Device; C:\windows\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-01-25 7842272]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-04 331880]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 96384]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-06-07 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-09-29 1379376]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF9035BDA;ASUS U3100 Mini Plus BDA Devices; C:\windows\System32\Drivers\AF9035BDA.sys [2009-07-16 492008]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2013-04-03 38080]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-07-09 3232768]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2013-04-03 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2013-04-03 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2013-04-03 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2013-04-03 158024]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-06-07 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-20 50344]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-01-12 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-06-07 271360]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-21 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13 267440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-21 647680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-25 114288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 stllssvr;stllssvr; c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-06-21 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------