kontrola

Zpráva

majom246 · #1 Příspěvek od **majom246** » 02 led 2015 21:21

Zdravim, chcel by som Vas poprosit o preventivku.

Plus mam este jeden problem: dole na liste kazdu minutu zablikne nieco, ako keby sa skusal otvorit nejaky program a hned by sa zavrel. Robi to odvtedy co na notebooku spustili "magic desktop" a potom pc hrubo vypli. Magic desktop som uz odinstaloval, ale problem stale pretrvava.

Rad by som odinstaloval aj vsetky ostatne programy ktore su zbytocne najma tie HP, ak mi viete poradit aby som nahodou neodinstaloval nieco dolezite.

Dakujem za pomoc

Logfile of random's system information tool 1.10 (written by random/random)
Run by Robo at 2015-01-02 20:47:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 395 GB (87%) free of 454 GB
Total RAM: 3996 MB (65% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 2401456
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
\??\C:\Windows\system32\conhost.exe "-658879719532401716609514352949664187-6317640281268694321-917141468568047124
taskeng.exe {577460CF-43E1-4E50-8703-C70DA6773E59}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2524
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\HP SimplePass\BioMonitor.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
taskeng.exe {36C7D98C-EE4D-44B2-BB4A-A1AE083AE7D7}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-08e63ea7-e1b5-4e5d-b4e9-c46e0b1bfac8 -SystemEventPortName:HostProcess-ce719727-1636-4669-ac5b-a75638ad4f68 -IoCancelEventPortName:HostProcess-fa08b101-edec-4a94-8cda-dc936b3bc217 -NonStateChangingEventPortName:HostProcess-70d8b4ec-809f-4206-8660-c3b0363bad5f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9472453f-9235-47c7-bec7-98bba728858a -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
taskhost.exe $(Arg0)
C:\Windows\system32\igfxsrvc.exe -Embedding
taskeng.exe {B9D79DB1-F20C-4958-B411-53E82C9C1BE0}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Robo\Desktop\RSITx64.exe"
UI0Detect.exe 224
LiveUpd.exe auto
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForRobo.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForRobo (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
HP SimplePass Browser Helper Object - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll [2011-12-11 2221896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
HP SimplePass Browser Helper Object - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL [2011-12-11 1985352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C98EE38D-21E4-4A50-907D-2B56FEC7013E} - HP SimplePass Toolbar - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll [2011-12-11 2221896]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{C98EE38D-21E4-4A50-907D-2B56FEC7013E} - HP SimplePass Toolbar - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL [2011-12-11 1985352]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-02-13 6463592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-02-24 2885904]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-21 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-21 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-21 440600]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-01-19 1016992]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-01-19 800416]
"SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-12-19 44880]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-12-16 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Mobile Partner"=C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe [2014-06-04 514048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1420227871 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-02 20:47:58 ----D---- C:\rsit
2015-01-02 20:47:58 ----D---- C:\Program Files\trend micro
2014-12-31 19:07:47 ----D---- C:\Program Files\CCleaner
2014-12-18 16:22:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 16:22:07 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 18:33:38 ----D---- C:\Windows\system32\appraiser
2014-12-10 18:26:26 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 18:26:26 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 18:26:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 18:26:26 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 18:26:26 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 18:26:26 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 18:26:26 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 18:26:26 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 18:26:26 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 18:26:25 ----A---- C:\Windows\system32\mf.dll
2014-12-10 18:23:18 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 18:23:18 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 18:23:18 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 18:23:18 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 18:23:18 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 18:23:18 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 18:23:17 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 18:23:17 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 18:18:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 18:18:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 18:18:00 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 18:17:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 18:17:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 18:17:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 18:17:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 18:17:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 18:17:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 18:17:54 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 18:17:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 18:17:54 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 18:17:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 18:17:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 18:17:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 18:17:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 18:17:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 18:17:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 18:17:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 18:17:51 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 18:17:51 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 18:17:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 18:17:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 18:17:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 18:17:50 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 18:17:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 18:17:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 18:17:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 18:17:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 18:17:49 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 18:17:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 18:17:48 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 18:17:48 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 18:17:47 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 18:17:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 18:17:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 18:17:46 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 18:17:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 18:17:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 18:17:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 18:17:46 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 18:17:45 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 18:17:45 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 18:17:44 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 18:17:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 18:17:43 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 18:17:42 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 18:17:42 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 18:17:42 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 18:17:42 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 18:17:41 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 18:17:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 18:17:40 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 18:16:17 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 18:16:17 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 18:16:16 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 18:16:16 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 18:16:15 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 18:16:15 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 18:16:15 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 18:16:15 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 18:16:15 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 18:16:15 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 18:16:15 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 18:16:15 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 18:16:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 18:16:11 ----A---- C:\Windows\system32\tzres.dll
2014-12-06 10:53:03 ----D---- C:\ProgramData\OnlineUpdate
2014-12-06 10:53:03 ----D---- C:\ProgramData\log

======List of files/folders modified in the last 1 month======

2015-01-02 20:47:59 ----D---- C:\Windows\Temp
2015-01-02 20:47:58 ----RD---- C:\Program Files
2015-01-02 20:46:15 ----A---- C:\Windows\SYSWOW64\log.txt
2015-01-02 20:44:16 ----D---- C:\Windows\system32\config
2015-01-02 20:44:09 ----D---- C:\Windows\inf
2015-01-02 20:43:47 ----D---- C:\Windows
2014-12-31 19:10:56 ----D---- C:\Windows\Panther
2014-12-31 19:10:56 ----D---- C:\Windows\Minidump
2014-12-31 19:10:56 ----D---- C:\Windows\Logs
2014-12-31 19:10:56 ----D---- C:\Windows\debug
2014-12-31 19:10:56 ----D---- C:\Users\Robo\AppData\Roaming\Skype
2014-12-31 19:09:36 ----D---- C:\Windows\System32
2014-12-31 19:09:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-31 19:07:49 ----D---- C:\Windows\system32\Tasks
2014-12-30 15:30:19 ----SHD---- C:\System Volume Information
2014-12-30 15:24:50 ----D---- C:\Windows\Prefetch
2014-12-28 19:28:56 ----D---- C:\Windows\Tasks
2014-12-28 19:28:16 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-26 12:15:19 ----D---- C:\Windows\system32\catroot2
2014-12-23 10:51:25 ----D---- C:\Windows\rescache
2014-12-20 10:36:13 ----D---- C:\Windows\SysWOW64
2014-12-20 10:35:20 ----D---- C:\Program Files (x86)
2014-12-20 09:49:50 ----D---- C:\Users\Robo\AppData\Roaming\_MDLogs
2014-12-18 16:29:29 ----D---- C:\Windows\winsxs
2014-12-18 16:19:05 ----D---- C:\Windows\system32\catroot
2014-12-12 08:05:06 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-12-12 08:05:06 ----D---- C:\Windows\system32\sk-SK
2014-12-10 18:33:38 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 18:33:38 ----SD---- C:\ProgramData\Microsoft
2014-12-10 18:33:38 ----D---- C:\Windows\AppCompat
2014-12-10 18:33:37 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 18:33:37 ----D---- C:\Windows\system32\drivers
2014-12-10 18:33:37 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 18:33:37 ----D---- C:\Program Files\Internet Explorer
2014-12-10 18:33:36 ----D---- C:\Windows\system32\en-US
2014-12-10 18:33:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 18:32:09 ----D---- C:\Windows\system32\MRT
2014-12-10 18:27:54 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 18:12:12 ----SHD---- C:\Windows\Installer
2014-12-06 10:58:41 ----D---- C:\Program Files (x86)\WildTangent Games
2014-12-06 10:57:48 ----D---- C:\Users\Robo\AppData\Roaming\WildTangent
2014-12-06 10:53:03 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-29 568600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-10 2801664]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2012-01-19 30368]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2014-06-04 87040]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-02-22 4756200]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\HECIx64.sys [2011-11-10 60184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-01-17 675432]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [2012-02-24 21264]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2012-02-24 425232]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-01-19 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2012-01-19 51872]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-01-19 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-01-19 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2012-01-19 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-01-19 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2012-01-19 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-01-19 550560]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-03-16 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2014-06-04 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2014-06-04 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2014-06-04 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2014-06-04 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2014-06-04 223744]
S3 lehidmini;Bluetooth Low Energy Hid Device; C:\Windows\system32\drivers\leath_hid.sys [2012-01-19 36128]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-01-19 106144]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2011-12-11 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-08 277784]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 116648]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2014-06-04 655712]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-15 253600]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-21 276248]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-12-06 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-06 259664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TrueService;TrueAPI Service component; C:\Program Files\Common Files\AuthenTec\TrueService.exe [2011-12-09 269640]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-21 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 03 led 2015 08:49

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

majom246 · #3 Příspěvek od **majom246** » 04 led 2015 10:39

# AdwCleaner v4.106 - Report created 04/01/2015 at 10:31:00
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Robo - ROBO-HP
# Running from : C:\Users\Robo\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.95

*************************

AdwCleaner[R0].txt - [3035 octets] - [04/01/2015 10:28:15]
AdwCleaner[S0].txt - [2735 octets] - [04/01/2015 10:31:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2795 octets] ##########

#4 Příspěvek od **Márty84** » 04 led 2015 15:29

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

majom246 · #5 Příspěvek od **majom246** » 05 led 2015 19:31

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5. 1. 2015
Scan Time: 17:53:00
Logfile: log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.05.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Robo

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 478695
Time Elapsed: 1 hr, 29 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#6 Příspěvek od **Márty84** » 06 led 2015 13:09

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

majom246 · #7 Příspěvek od **majom246** » 10 led 2015 11:34

Ospravedlnujem sa ze tak neskoro odpisujem, tu su logy

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Robo (administrator) on ROBO-HP on 10-01-2015 11:18:12
Running from C:\Users\Robo\Desktop
Loaded Profile: Robo (Available profiles: Robo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(forum.viry.cz) C:\Users\Robo\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe [514048 2014-06-04] ()
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\RunOnce: [Adobe Speed Launcher] => 1420884001
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {53981894-63e7-11e2-b2c0-74e543e19bab} - F:\RunSetup.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {73aef28f-ec0a-11e3-bc15-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {73aef29b-ec0a-11e3-bc15-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {9d198a10-ec0f-11e3-b2ce-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {aa3f2b8a-63c2-11e2-8d17-74e543e19bab} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {aa3f2b9d-63c2-11e2-8d17-74e543e19bab} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {c725039d-ec08-11e3-936c-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {d0a8a95e-ec06-11e3-bc10-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {d672a0ad-63f2-11e2-b20e-74e543e19bab} - F:\RunSetup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://sk.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKU\S-1-5-21-599836816-174285618-1041475717-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1328841C-4856-4545-A362-087F48629B0F}: [NameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{6B5F3A95-411A-40EC-A290-0C7CABF2CE82}: [NameServer] 213.151.222.34 85.237.225.250

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-10-11]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Simple Pass) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh\1.5_0\npwebsitelogon.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29]
CHR Extension: (YouTube) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29]
CHR Extension: (Hľadať v Google) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29]
CHR Extension: (Peňaženka Google) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29]
CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-12-06] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2014-06-04] ()
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [223744 2014-06-04] (Huawei Technologies Co., Ltd.)
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-01-19] (Atheros)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 11:18 - 2015-01-10 11:18 - 00018184 _____ () C:\Users\Robo\Desktop\FRST.txt
2015-01-10 11:16 - 2015-01-10 11:18 - 00000000 ____D () C:\FRST
2015-01-10 11:13 - 2015-01-10 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Robo\Desktop\FRSTLauncher.exe
2015-01-10 11:05 - 2015-01-10 11:05 - 02124288 _____ (Farbar) C:\Users\Robo\Desktop\FRST64.exe
2015-01-05 15:50 - 2015-01-05 17:52 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 15:49 - 2015-01-05 15:49 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-05 15:49 - 2015-01-05 15:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-05 15:49 - 2015-01-05 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-05 15:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-05 15:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-05 15:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-05 15:45 - 2015-01-05 15:47 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Robo\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-04 10:32 - 2015-01-06 13:06 - 00000674 _____ () C:\Windows\PFRO.log
2015-01-04 10:28 - 2015-01-04 10:31 - 00000000 ____D () C:\AdwCleaner
2015-01-04 10:26 - 2015-01-04 10:26 - 02173952 _____ () C:\Users\Robo\Desktop\adwcleaner_4.106.exe
2015-01-02 20:47 - 2015-01-02 20:48 - 00000000 ____D () C:\rsit
2015-01-02 20:47 - 2015-01-02 20:47 - 00000000 ____D () C:\Program Files\trend micro
2015-01-02 20:47 - 2015-01-02 20:43 - 01222144 _____ () C:\Users\Robo\Desktop\RSITx64.exe
2015-01-02 20:43 - 2015-01-10 10:58 - 00000672 _____ () C:\Windows\setupact.log
2015-01-02 20:43 - 2015-01-02 20:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-31 19:12 - 2014-12-31 19:12 - 00007686 _____ () C:\Users\Robo\Documents\cc_20141231_191209.reg
2014-12-31 19:11 - 2014-12-31 19:11 - 00058128 _____ () C:\Users\Robo\Documents\cc_20141231_191134.reg
2014-12-31 19:07 - 2014-12-31 19:07 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-31 19:07 - 2014-12-31 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-31 19:07 - 2014-12-31 19:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-28 15:53 - 2014-12-28 15:53 - 09971515 _____ () C:\Users\Robo\Downloads\monikaajejprvysniezik.zip
2014-12-25 10:26 - 2014-12-25 10:26 - 04914145 _____ () C:\Users\Robo\Downloads\mikulaspolovnickefoto.zip
2014-12-25 10:25 - 2014-12-25 10:26 - 15486321 _____ () C:\Users\Robo\Downloads\monikaajejdruhevianoce.zip
2014-12-21 13:20 - 2015-01-10 11:01 - 00000000 ____D () C:\Users\Robo\Documents\Bluetooth Folder
2014-12-18 16:22 - 2014-12-18 16:22 - 00042468 _____ () C:\Users\Robo\Downloads\edokumenty_18122014_091424_5867194.zip
2014-12-18 16:22 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 16:22 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 11:07 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 11:07 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 11:04 - 2009-07-14 06:13 - 00783440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-10 11:03 - 2012-12-29 12:24 - 01587140 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 10:58 - 2014-05-10 06:28 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job
2015-01-10 10:58 - 2012-03-15 20:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 10:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-09 20:51 - 2012-03-15 20:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-09 20:43 - 2014-05-10 06:28 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job
2015-01-09 19:28 - 2014-11-10 17:12 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRobo
2015-01-09 19:28 - 2014-11-10 17:12 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForRobo.job
2015-01-09 16:25 - 2013-01-12 12:50 - 00000000 ____D () C:\Users\Robo\AppData\Local\CrashDumps
2015-01-09 16:14 - 2012-12-29 12:28 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C205BF8-2B35-4593-98A2-644ABCD6AFCA}
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 15:53 - 2014-10-14 18:59 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-05 15:52 - 2014-11-02 19:31 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-04 10:31 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-04 10:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-31 19:10 - 2013-01-25 20:55 - 00000000 ____D () C:\Windows\Minidump
2014-12-31 19:10 - 2013-01-19 13:01 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\Skype
2014-12-31 19:10 - 2007-01-02 02:25 - 00000000 ____D () C:\Windows\Panther
2014-12-23 10:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-21 12:28 - 2014-11-25 10:01 - 24664356 _____ () C:\Users\Robo\Desktop\nasbyt.zip
2014-12-21 12:04 - 2013-07-28 11:33 - 00000000 ____D () C:\Users\Robo\Desktop\Pakoštane 2013
2014-12-21 12:02 - 2013-03-26 18:41 - 00000000 ____D () C:\Users\Robo\Desktop\Nový priečinok
2014-12-21 08:42 - 2013-01-31 17:48 - 00000000 ____D () C:\Users\Robo\Desktop\malamimi
2014-12-19 18:18 - 2014-12-06 10:53 - 00000000 ____D () C:\ProgramData\OnlineUpdate
2014-12-19 18:18 - 2014-12-06 10:53 - 00000000 ____D () C:\ProgramData\log
2014-12-12 08:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-12-12 08:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK

Some content of TEMP:
====================
C:\Users\Robo\AppData\Local\Temp\Quarantine.exe
C:\Users\Robo\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRobo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 7.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Robo\Desktop" je 2473 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001

==================== End Of Log ==============================

majom246 · #8 Příspěvek od **majom246** » 10 led 2015 11:34

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Robo at 2015-01-10 11:19:14
Running from C:\Users\Robo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESET Smart Security (HKLM\...\{BA1C72D0-CF47-437C-8A58-C0C992DA05E3}) (Version: 7.0.302.26 - ESET, spol s r. o.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{DB183033-C2DD-4A37-B43C-943DD4B28C77}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{D3AA8FD3-5FFA-4CFC-BA8E-99BFC6A41943}) (Version: 3.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP SimplePass PE (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D82ABA2F-492B-440F-A9BC-12331B17EEA9}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusti 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1017 - Microsoft Corporation)
Microsoft Office Starter 2010 - Slovenčina (HKLM-x32\...\{90140011-0066-041B-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.22.00.85 - Huawei Technologies Co.,Ltd)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.51.116.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype™ 5.6 (HKLM-x32\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.6.110 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

25-11-2014 16:32:03 Windows Update
28-11-2014 16:35:21 Windows Update
02-12-2014 17:55:22 Windows Update
10-12-2014 18:15:57 Windows Update
10-12-2014 18:25:34 Windows Update
12-12-2014 08:03:51 Windows Update
16-12-2014 16:36:58 Windows Update
18-12-2014 16:28:44 Windows Update
23-12-2014 14:26:33 Windows Update
27-12-2014 14:05:17 Windows Update
30-12-2014 15:29:43 Windows Update
04-01-2015 10:26:08 Windows Update
09-01-2015 16:12:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05422CD1-EAF7-42FC-90C8-2D8611781099} - System32\Tasks\HPCeeScheduleForRobo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0B93AE06-CB9A-4BCB-8D92-A194F9555E2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {274B1F9B-005E-462C-A714-8E704C89671A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {562A3C66-368C-4CE5-B47F-27223AEC01E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {68C99CE0-3A32-4C23-B3BD-296FE718CCFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9A2A9037-171E-4956-91D5-5229EC55A742} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B850ACA2-2108-4C25-A45A-71B2C6F3D2F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C298504D-71B9-4206-8F6F-15CABDD30254} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {CDAEECF3-D85A-40BF-9C2B-80FAE1126257} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-15] (Adobe Systems Incorporated)
Task: {F525A764-700E-498A-9973-363B67CA17B9} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRobo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-01-21 13:13 - 2014-06-04 18:31 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2012-02-14 18:53 - 2012-02-14 18:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-01 08:53 - 2014-11-01 08:53 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-08-31 15:38 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-08-31 15:43 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-599836816-174285618-1041475717-500 - Administrator - Disabled)
Guest (S-1-5-21-599836816-174285618-1041475717-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-599836816-174285618-1041475717-1002 - Limited - Enabled)
Robo (S-1-5-21-599836816-174285618-1041475717-1000 - Administrator - Enabled) => C:\Users\Robo

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2015 11:04:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/10/2015 11:04:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/10/2015 10:59:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2015 04:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Názov chybového modulu: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Kód výnimky: 0xc0000005
Odstup chyby: 0x000154d6
Identifikácia chybného procesu: 0x1524
Čas spustenia chybnej aplikácie: 0xTouchControl.exe0
Cesta chybnej aplikácie: TouchControl.exe1
Cesta chybného modulu: TouchControl.exe2
Identifikácia hlásenia: TouchControl.exe3

Error: (01/09/2015 04:13:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/09/2015 04:13:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/09/2015 04:06:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Názov chybového modulu: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Kód výnimky: 0xc0000005
Odstup chyby: 0x000154d6
Identifikácia chybného procesu: 0x734
Čas spustenia chybnej aplikácie: 0xTouchControl.exe0
Cesta chybnej aplikácie: TouchControl.exe1
Cesta chybného modulu: TouchControl.exe2
Identifikácia hlásenia: TouchControl.exe3

Error: (01/09/2015 04:06:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2015 04:28:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/09/2015 04:28:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (01/10/2015 10:58:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/10/2015 10:58:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/09/2015 04:06:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/09/2015 04:06:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/09/2015 04:21:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/09/2015 04:21:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/08/2015 04:12:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/08/2015 04:12:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/08/2015 05:53:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/08/2015 05:53:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Microsoft Office Sessions:
=========================
Error: (01/10/2015 11:04:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (01/10/2015 11:04:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (01/10/2015 10:59:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/09/2015 04:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TouchControl.exe5.4.0.4024ee46c90TouchControl.exe5.4.0.4024ee46c90c0000005000154d6152401d02c208ba1c7caC:\Program Files (x86)\HP SimplePass\TouchControl.exeC:\Program Files (x86)\HP SimplePass\TouchControl.execad54ecb-9813-11e4-a1ec-b4b52f375299

Error: (01/09/2015 04:13:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (01/09/2015 04:13:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (01/09/2015 04:06:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TouchControl.exe5.4.0.4024ee46c90TouchControl.exe5.4.0.4024ee46c90c0000005000154d673401d02c1dcf00580cC:\Program Files (x86)\HP SimplePass\TouchControl.exeC:\Program Files (x86)\HP SimplePass\TouchControl.exe18fa1f77-9811-11e4-a1ec-74e543e19bab

Error: (01/09/2015 04:06:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

#9 Příspěvek od **Márty84** » 10 led 2015 11:51

majom246 píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Robo\Desktop" je 2473 MB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe [514048 2014-06-04] ()
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\RunOnce: [Adobe Speed Launcher] => 1420884001

HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
Toolbar: HKU\S-1-5-21-599836816-174285618-1041475717-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

CHR Plugin: (Norton Confidential) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRobo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-15 253600]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 116648]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

majom246 · #10 Příspěvek od **majom246** » 10 led 2015 18:16

Takze windows defender mam nechat vypnuty stale alebo ho mozem zapnut?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Robo at 2015-01-10 17:59:11 Run:1
Running from C:\Users\Robo\Desktop
Loaded Profile: Robo (Available profiles: Robo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe [514048 2014-06-04] ()
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\RunOnce: [Adobe Speed Launcher] => 1420884001

HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
Toolbar: HKU\S-1-5-21-599836816-174285618-1041475717-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

CHR Plugin: (Norton Confidential) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRobo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-15 253600]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 116648]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Mobile Partner => value deleted successfully.
HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => Value not found.
HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForRobo.job => Moved successfully.
AdobeARMservice => Service deleted successfully.
BBSvc => Service deleted successfully.
gupdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
BBUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 440.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog 18:00:09 ====

#11 Příspěvek od **Márty84** » 10 led 2015 22:03

Defender nechte vypnuty. Mate Eset a ten ma svuj stit. Mohlo by dochazet ke kolizim stitu, navic kvalita Defenderu neni nejak valna.

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

majom246 · #12 Příspěvek od **majom246** » 16 led 2015 18:22

Na dolnej liste mi stale kazdu minutu vyskakuje ikona a hned zmizne, spravil som aj screen.

Obrázek

#13 Příspěvek od **Márty84** » 16 led 2015 20:01

A? Co s ni mam delat? Podle toho jak vypada, se to tyka bud fotaku, nebo skeneru/tiskarny.

Spustte spravce uloh a sledujte, co se tam objevi za proces (pripadne aplikace), kdyz ta ikona vyskoci.

Dejte novy log z FRST.

majom246 · #14 Příspěvek od **majom246** » 17 led 2015 19:32

A? Co s ni mam delat?

Viete sa toho zbavit? Ked to kazdu minutu naskoci tak vtedy nemozem na sekundu nic robit na pc.

Podle toho jak vypada, se to tyka bud fotaku, nebo skeneru/tiskarny.

Skener, fotak ani tlaciaren pokial si pamatam nebola vobec zapojovana.

sledujte, co se tam objevi za proces (pripadne aplikace), kdyz ta ikona vyskoci.

medzi aplikaciami sa neobjavilo nic, a medzi procesmi sa objavili tieto: "LiveUpd.exe" a UI0Detect.exe"

Prikladam logy z FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
Ran by Robo (administrator) on ROBO-HP on 17-01-2015 19:10:07
Running from C:\Users\Robo\Desktop
Loaded Profiles: Robo (Available profiles: Robo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Robo\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {53981894-63e7-11e2-b2c0-74e543e19bab} - F:\RunSetup.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {73aef28f-ec0a-11e3-bc15-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {73aef29b-ec0a-11e3-bc15-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {9d198a10-ec0f-11e3-b2ce-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {aa3f2b8a-63c2-11e2-8d17-74e543e19bab} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {aa3f2b9d-63c2-11e2-8d17-74e543e19bab} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {c725039d-ec08-11e3-936c-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {d0a8a95e-ec06-11e3-bc10-74e543e1e165} - F:\AutoRun.exe
HKU\S-1-5-21-599836816-174285618-1041475717-1000\...\MountPoints2: {d672a0ad-63f2-11e2-b20e-74e543e19bab} - F:\RunSetup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-599836816-174285618-1041475717-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://sk.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1328841C-4856-4545-A362-087F48629B0F}: [NameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{6B5F3A95-411A-40EC-A290-0C7CABF2CE82}: [NameServer] 213.151.222.34 85.237.225.250

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-10-11]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Simple Pass) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh\1.5_0\npwebsitelogon.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29]
CHR Extension: (YouTube) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29]
CHR Extension: (Hľadať v Google) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29]
CHR Extension: (Peňaženka Google) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29]
CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-12-06] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2014-06-04] ()
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [223744 2014-06-04] (Huawei Technologies Co., Ltd.)
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-01-19] (Atheros)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 19:10 - 2015-01-17 19:10 - 00017808 _____ () C:\Users\Robo\Desktop\FRST.txt
2015-01-17 19:10 - 2015-01-17 19:10 - 00000000 ____D () C:\FRST
2015-01-17 19:05 - 2015-01-17 19:05 - 00112640 _____ (forum.viry.cz) C:\Users\Robo\Desktop\FRSTLauncher.exe
2015-01-17 19:03 - 2015-01-17 19:04 - 02125824 _____ (Farbar) C:\Users\Robo\Desktop\FRST64.exe
2015-01-16 17:43 - 2015-01-17 18:28 - 00000112 _____ () C:\Windows\setupact.log
2015-01-16 17:43 - 2015-01-16 17:43 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-16 17:42 - 2015-01-16 17:42 - 00000818 _____ () C:\Windows\PFRO.log
2015-01-15 17:04 - 2015-01-15 17:04 - 00001724 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-01-15 17:04 - 2015-01-15 17:04 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-15 17:02 - 2015-01-15 17:03 - 04362512 _____ (Piriform Ltd) C:\Users\Robo\Downloads\dfsetup218.exe
2015-01-15 17:02 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 17:01 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 17:01 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 17:01 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 17:01 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-15 17:01 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-15 17:01 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-15 17:01 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 17:01 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 17:01 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 17:01 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 17:01 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-15 17:01 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-15 17:00 - 2015-01-16 17:43 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForRobo.job
2015-01-15 16:59 - 2015-01-15 16:59 - 00000980 _____ () C:\Users\Robo\Documents\cc_20150115_165919.reg
2015-01-15 16:56 - 2015-01-15 16:56 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-15 16:53 - 2015-01-15 16:55 - 05317104 _____ (Piriform Ltd) C:\Users\Robo\Downloads\ccsetup501.exe
2015-01-15 16:52 - 2015-01-15 16:52 - 00000725 _____ () C:\DelFix.txt
2015-01-10 17:33 - 2015-01-10 17:33 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-05 15:50 - 2015-01-05 17:52 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 15:49 - 2015-01-05 15:49 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-05 15:49 - 2015-01-05 15:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-05 15:49 - 2015-01-05 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-05 15:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-05 15:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-05 15:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-05 15:45 - 2015-01-05 15:47 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Robo\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-02 20:47 - 2015-01-02 20:47 - 00000000 ____D () C:\Program Files\trend micro
2014-12-31 19:07 - 2015-01-15 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-31 19:07 - 2015-01-15 16:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-31 19:07 - 2014-12-31 19:07 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-28 15:53 - 2014-12-28 15:53 - 09971515 _____ () C:\Users\Robo\Downloads\monikaajejprvysniezik.zip
2014-12-25 10:26 - 2014-12-25 10:26 - 04914145 _____ () C:\Users\Robo\Downloads\mikulaspolovnickefoto.zip
2014-12-25 10:25 - 2014-12-25 10:26 - 15486321 _____ () C:\Users\Robo\Downloads\monikaajejdruhevianoce.zip
2014-12-21 13:20 - 2015-01-10 11:01 - 00000000 ____D () C:\Users\Robo\Documents\Bluetooth Folder
2014-12-18 16:22 - 2014-12-18 16:22 - 00042468 _____ () C:\Users\Robo\Downloads\edokumenty_18122014_091424_5867194.zip
2014-12-18 16:22 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 16:22 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 18:51 - 2013-01-12 12:50 - 00000000 ____D () C:\Users\Robo\AppData\Local\CrashDumps
2015-01-17 18:36 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-17 18:36 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 18:32 - 2012-12-29 12:24 - 01091573 _____ () C:\Windows\WindowsUpdate.log
2015-01-17 18:32 - 2009-07-14 06:13 - 00783440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 18:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-16 17:50 - 2012-12-29 12:28 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8C205BF8-2B35-4593-98A2-644ABCD6AFCA}
2015-01-15 21:06 - 2013-07-23 19:48 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 21:03 - 2013-01-27 18:26 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 17:00 - 2014-11-10 17:12 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRobo
2015-01-15 16:58 - 2014-11-02 19:31 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-15 16:58 - 2014-10-14 18:59 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-10 17:51 - 2012-03-15 20:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 10:31 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-04 10:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-31 19:10 - 2013-01-25 20:55 - 00000000 ____D () C:\Windows\Minidump
2014-12-31 19:10 - 2013-01-19 13:01 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\Skype
2014-12-31 19:10 - 2007-01-02 02:25 - 00000000 ____D () C:\Windows\Panther
2014-12-23 10:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-21 12:28 - 2014-11-25 10:01 - 24664356 _____ () C:\Users\Robo\Documents\nasbyt.zip
2014-12-21 12:04 - 2013-07-28 11:33 - 00000000 ____D () C:\Users\Robo\Documents\Pakoštane 2013
2014-12-21 12:02 - 2013-03-26 18:41 - 00000000 ____D () C:\Users\Robo\Documents\Nový priečinok
2014-12-21 08:42 - 2013-01-31 17:48 - 00000000 ____D () C:\Users\Robo\Documents\malamimi
2014-12-19 18:18 - 2014-12-06 10:53 - 00000000 ____D () C:\ProgramData\OnlineUpdate
2014-12-19 18:18 - 2014-12-06 10:53 - 00000000 ____D () C:\ProgramData\log

==================== Files in the root of some directories =======

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-06 18:45

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:443.53 GB) (Free:395.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:21.93 GB) (Free:2.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 2189.17 MB
Total physical RAM: 3996.36 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 03CB32FF)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\HPCeeScheduleForRobo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Robo\Desktop" je 22 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001

==================== End Of Log ==============================

majom246 · #15 Příspěvek od **majom246** » 17 led 2015 19:33

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2015 01
Ran by Robo at 2015-01-17 19:10:58
Running from C:\Users\Robo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESET Smart Security (HKLM\...\{BA1C72D0-CF47-437C-8A58-C0C992DA05E3}) (Version: 7.0.302.26 - ESET, spol s r. o.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{DB183033-C2DD-4A37-B43C-943DD4B28C77}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{D3AA8FD3-5FFA-4CFC-BA8E-99BFC6A41943}) (Version: 3.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP SimplePass PE (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D82ABA2F-492B-440F-A9BC-12331B17EEA9}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusti 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1017 - Microsoft Corporation)
Microsoft Office Starter 2010 - Slovenčina (HKLM-x32\...\{90140011-0066-041B-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.22.00.85 - Huawei Technologies Co.,Ltd)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.51.116.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype™ 5.6 (HKLM-x32\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.6.110 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

15-01-2015 21:02:53 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-10 17:59 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05422CD1-EAF7-42FC-90C8-2D8611781099} - System32\Tasks\HPCeeScheduleForRobo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0B93AE06-CB9A-4BCB-8D92-A194F9555E2E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {274B1F9B-005E-462C-A714-8E704C89671A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {562A3C66-368C-4CE5-B47F-27223AEC01E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {68C99CE0-3A32-4C23-B3BD-296FE718CCFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9A2A9037-171E-4956-91D5-5229EC55A742} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {AB19BD1E-B0DD-43F4-850F-CB1CAFD291DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B850ACA2-2108-4C25-A45A-71B2C6F3D2F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C298504D-71B9-4206-8F6F-15CABDD30254} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6c10a83a7934 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {CDAEECF3-D85A-40BF-9C2B-80FAE1126257} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-15] (Adobe Systems Incorporated)
Task: {F525A764-700E-498A-9973-363B67CA17B9} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6c10a8d311f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: C:\Windows\Tasks\HPCeeScheduleForRobo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-01-21 13:13 - 2014-06-04 18:31 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2012-02-14 18:53 - 2012-02-14 18:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-12 23:25 - 2014-12-12 23:25 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-01-21 13:13 - 2013-01-21 13:12 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-11-01 08:53 - 2014-11-01 08:53 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-08-31 15:38 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-08-31 15:43 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 13:45 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-599836816-174285618-1041475717-500 - Administrator - Disabled)
Guest (S-1-5-21-599836816-174285618-1041475717-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-599836816-174285618-1041475717-1002 - Limited - Enabled)
Robo (S-1-5-21-599836816-174285618-1041475717-1000 - Administrator - Enabled) => C:\Users\Robo

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2015 06:51:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: DllHost.exe, verzia: 6.1.7600.16385, časová značka: 0x4a5bca54
Názov chybového modulu: igdumd64.dll, verzia: 8.15.10.2653, časová značka: 0x4f3aac44
Kód výnimky: 0xc000041d
Odstup chyby: 0x000000000030eb06
Identifikácia chybného procesu: 0x524
Čas spustenia chybnej aplikácie: 0xDllHost.exe0
Cesta chybnej aplikácie: DllHost.exe1
Cesta chybného modulu: DllHost.exe2
Identifikácia hlásenia: DllHost.exe3

Error: (01/17/2015 06:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: DllHost.exe, verzia: 6.1.7600.16385, časová značka: 0x4a5bca54
Názov chybového modulu: igdumd64.dll, verzia: 8.15.10.2653, časová značka: 0x4f3aac44
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000030eb06
Identifikácia chybného procesu: 0x524
Čas spustenia chybnej aplikácie: 0xDllHost.exe0
Cesta chybnej aplikácie: DllHost.exe1
Cesta chybného modulu: DllHost.exe2
Identifikácia hlásenia: DllHost.exe3

Error: (01/17/2015 06:32:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/17/2015 06:32:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/17/2015 06:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Názov chybového modulu: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Kód výnimky: 0xc0000005
Odstup chyby: 0x000154d6
Identifikácia chybného procesu: 0x6d0
Čas spustenia chybnej aplikácie: 0xTouchControl.exe0
Cesta chybnej aplikácie: TouchControl.exe1
Cesta chybného modulu: TouchControl.exe2
Identifikácia hlásenia: TouchControl.exe3

Error: (01/17/2015 06:28:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 05:48:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/16/2015 05:48:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/16/2015 05:43:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Názov chybového modulu: TouchControl.exe, verzia: 5.4.0.402, časová značka: 0x4ee46c90
Kód výnimky: 0xc0000005
Odstup chyby: 0x000154d6
Identifikácia chybného procesu: 0xc40
Čas spustenia chybnej aplikácie: 0xTouchControl.exe0
Cesta chybnej aplikácie: TouchControl.exe1
Cesta chybného modulu: TouchControl.exe2
Identifikácia hlásenia: TouchControl.exe3

Error: (01/16/2015 05:43:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (01/17/2015 06:28:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/17/2015 06:28:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/16/2015 05:43:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/16/2015 05:43:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/15/2015 09:03:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/15/2015 08:37:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/15/2015 04:45:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/15/2015 04:45:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Error: (01/10/2015 06:04:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. OUC zlyhalo kvôli nasledujúcej chybe:
%%1053

Error: (01/10/2015 06:04:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. OUC bol dosiahnutý časový limit (30000 ms).

Microsoft Office Sessions:
=========================
Error: (01/17/2015 06:51:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26534f3aac44c000041d000000000030eb0652401d0327e27345080C:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dll7caaecd1-9e71-11e4-b281-74e543e1e165

Error: (01/17/2015 06:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26534f3aac44c0000005000000000030eb0652401d0327e27345080C:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dll78044796-9e71-11e4-b281-74e543e1e165

Error: (01/17/2015 06:32:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (01/17/2015 06:32:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (01/17/2015 06:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TouchControl.exe5.4.0.4024ee46c90TouchControl.exe5.4.0.4024ee46c90c0000005000154d66d001d0327b01cfc5d7C:\Program Files (x86)\HP SimplePass\TouchControl.exeC:\Program Files (x86)\HP SimplePass\TouchControl.exe552696f5-9e6e-11e4-b281-74e543e1e165

Error: (01/17/2015 06:28:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 05:48:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (01/16/2015 05:48:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (01/16/2015 05:43:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TouchControl.exe5.4.0.4024ee46c90TouchControl.exe5.4.0.4024ee46c90c0000005000154d6c4001d031ab955b2ab8C:\Program Files (x86)\HP SimplePass\TouchControl.exeC:\Program Files (x86)\HP SimplePass\TouchControl.exed61478f2-9d9e-11e4-90be-74e543e1e165

Error: (01/16/2015 05:43:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B820 @ 1.70GHz
Percentage of memory in use: 45%
Total physical RAM: 3996.36 MB
Available physical RAM: 2189.17 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 5973.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:443.53 GB) (Free:395.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:21.93 GB) (Free:2.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 03CB32FF)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

VIRY.CZ

kontrola

kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola