Zdravím všechny prosím o kontrolu

Zpráva

strny83 · #1 Příspěvek od **strny83** » 23 úno 2015 18:24

Dobrý den,

prosím o kontrolu, zdá se mi nějaký divný ten můj počítač a píšu diplomku tak ho chci mít v pořádku.

Předem moc děkuji

)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petra at 2015-02-23 18:10:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 40 GB (39%) free of 102 GB
Total RAM: 2013 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:40, on 23.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\ProgramData\Boxtools\Boxofttoolbox.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Petra\Desktop\RSIT.exe
C:\Program Files\trend micro\Petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newh ... 061F6F}&i=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://services.freshy.com/general/newh ... 061F6F}&i=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: #5A006F006200720061007A006900740020006E00650062006F00200073006B007200FD007400200048005000200053006D00610072007400200057006500620020005000720069006E00740069006E006700 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Service of LFKA (LFKAS) - Unknown owner - C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\instalační aplikace\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdcoreservice) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: Update Techgile - Unknown owner - C:\Program Files\Techgile\updateTechgile.exe (file missing)

--
End of file - 10390 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\uaclauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\uaclauncher.exe -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently

=========Mozilla firefox=========

ProfilePath - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\qtrt47od.default-1377446873997

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{cb84136f-9c44-433a-9048-c5cd9df1dc16}"=C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\qtrt47od.default-1377446873997\searchplugins\
Google.xml
seznam-avast.xml
yahoo-1.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-06 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe [2011-07-12 64960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-26 2358544]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2015-01-14 311616]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-27 5227112]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"ISTray"=C:\Program Files\PC Tools Security\pctsGui.exe [2012-02-24 2659768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2015-01-14 1565504]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-01-14 845120]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2010-11-19 2590208]
"KiesPDLR.exe"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-01-14 845120]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2014-07-03 2483512]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-23 18:10:35 ----D---- C:\rsit
2015-02-23 18:10:35 ----D---- C:\Program Files\trend micro
2015-02-23 08:44:23 ----A---- C:\Windows\system32\drivers\pctEFA.sys
2015-02-23 08:44:23 ----A---- C:\Windows\system32\drivers\pctDS.sys
2015-02-23 08:44:20 ----A---- C:\Windows\system32\drivers\pctgntdi.sys
2015-02-23 08:44:19 ----A---- C:\Windows\system32\drivers\pctwfpfilter.sys
2015-02-23 08:44:13 ----A---- C:\Windows\system32\drivers\PCTCore.sys
2015-02-23 08:44:12 ----A---- C:\Windows\system32\drivers\PCTAppEvent.sys
2015-02-23 08:44:07 ----A---- C:\Windows\system32\drivers\pctBTFix.sys
2015-02-23 08:43:53 ----A---- C:\Windows\system32\drivers\pctplsg.sys
2015-02-16 18:25:10 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2015-02-16 18:25:10 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2015-02-13 07:55:01 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-13 07:54:56 ----A---- C:\Windows\system32\jscript9.dll
2015-02-12 07:40:29 ----A---- C:\Windows\system32\win32k.sys
2015-02-12 07:40:25 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 07:40:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 07:40:25 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 07:40:25 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 07:40:24 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 07:40:24 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 07:40:24 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 07:40:24 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 07:40:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 07:40:24 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 07:40:23 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 07:40:23 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 07:39:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-02-12 07:39:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 07:38:55 ----A---- C:\Windows\system32\mstscax.dll
2015-02-12 07:38:54 ----A---- C:\Windows\system32\aaclient.dll
2015-02-12 07:38:45 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 07:38:41 ----A---- C:\Windows\system32\generaltel.dll
2015-02-12 07:38:41 ----A---- C:\Windows\system32\appraiser.dll
2015-02-12 07:38:40 ----A---- C:\Windows\system32\invagent.dll
2015-02-12 07:38:40 ----A---- C:\Windows\system32\devinv.dll
2015-02-12 07:38:40 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-12 07:38:40 ----A---- C:\Windows\system32\aeinv.dll
2015-02-12 07:38:37 ----A---- C:\Windows\system32\aepdu.dll
2015-02-12 07:38:36 ----A---- C:\Windows\system32\aepic.dll
2015-02-12 07:38:29 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 07:38:29 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 07:38:27 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 07:38:27 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 07:38:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 07:38:26 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 07:38:25 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 07:38:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 07:38:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 07:38:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 07:38:03 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 07:38:03 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 07:38:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 07:38:01 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 07:38:00 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 07:38:00 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 07:37:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 07:37:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 07:37:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 07:37:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 07:37:51 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 07:37:51 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 07:37:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 07:37:49 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 07:37:48 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 07:37:47 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 07:37:46 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 07:37:44 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 07:37:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 07:37:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 07:37:40 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 07:37:37 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 07:37:35 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 07:35:54 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 07:35:41 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 07:35:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-01-27 16:48:10 ----D---- C:\ProgramData\FarmFrenzy3
2015-01-27 15:51:13 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-02-23 18:13:20 ----D---- C:\Windows\Temp
2015-02-23 18:10:35 ----D---- C:\Program Files
2015-02-23 18:03:56 ----AD---- C:\ProgramData\TEMP
2015-02-23 18:02:07 ----D---- C:\Windows\system32\config
2015-02-23 17:58:31 ----D---- C:\Windows\tracing
2015-02-23 17:46:45 ----D---- C:\Program Files\PC Tools Security
2015-02-23 17:46:02 ----D---- C:\ProgramData\Boxtools
2015-02-23 08:59:54 ----D---- C:\Program Files\Common Files\PC Tools
2015-02-23 08:44:25 ----SHD---- C:\System Volume Information
2015-02-23 08:44:23 ----D---- C:\Windows\system32\drivers
2015-02-23 08:43:58 ----D---- C:\ProgramData\PC Tools
2015-02-23 08:43:33 ----SHD---- C:\Windows\Installer
2015-02-23 08:43:33 ----HD---- C:\Config.Msi
2015-02-23 08:40:23 ----D---- C:\Users\Petra\AppData\Roaming\Spy Emergency
2015-02-22 08:08:16 ----D---- C:\Windows\Prefetch
2015-02-17 07:30:48 ----D---- C:\Windows\Microsoft.NET
2015-02-16 20:55:41 ----D---- C:\Windows\system32\catroot
2015-02-16 18:29:51 ----D---- C:\Windows\inf
2015-02-16 18:25:37 ----D---- C:\Windows\system32\DriverStore
2015-02-16 14:08:49 ----D---- C:\Windows\rescache
2015-02-13 10:46:08 ----D---- C:\Windows\winsxs
2015-02-13 10:46:03 ----D---- C:\Windows\system32\en-US
2015-02-13 10:46:03 ----D---- C:\Windows\System32
2015-02-12 19:45:12 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 19:45:11 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 19:45:10 ----SD---- C:\Windows\system32\CompatTel
2015-02-12 19:45:10 ----D---- C:\Windows\system32\appraiser
2015-02-12 19:45:06 ----D---- C:\Program Files\Internet Explorer
2015-02-12 15:02:38 ----D---- C:\Windows\system32\MRT
2015-02-12 14:53:47 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 14:51:08 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 14:51:08 ----A---- C:\Windows\win.ini
2015-02-12 14:50:50 ----RSD---- C:\Windows\assembly
2015-02-12 07:35:13 ----D---- C:\Windows\system32\catroot2
2015-02-08 10:13:38 ----D---- C:\ProgramData\PCDr
2015-02-07 21:12:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-07 11:10:05 ----D---- C:\Windows\Tasks
2015-02-05 20:04:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-30 18:34:36 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-01-27 16:48:10 ----HD---- C:\ProgramData
2015-01-26 19:36:07 ----D---- C:\Windows
2015-01-26 19:28:21 ----D---- C:\HDD

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-06 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-06 206248]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore.sys [2012-10-22 368616]
R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS.sys [2012-02-28 342168]
R0 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA.sys [2012-02-28 909728]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-06 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-06 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-06 423784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD.sys [2012-11-01 202280]
R1 SpyEmrg;Spy Emergency Driver; C:\Windows\System32\Drivers\spyemrg.sys [2011-04-21 14168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys [2007-07-24 13880]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-06 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-06 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-06 91496]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-09-15 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-09-15 38400]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-18 242240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 MTsensor32;PU ACPI UTILITY; C:\Windows\system32\DRIVERS\PuAcpi32.sys [2009-06-04 14344]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2011-04-21 16216]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-26 325136]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 89856]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-03-29 38224]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-06-11 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-06-11 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD.sys [2012-10-23 62688]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\Windows\System32\Drivers\spyemrg_access.sys [2011-04-21 20056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 184192]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-06-11 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-06-11 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 ASLDRService;ASLDR Service; C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe [2009-02-13 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe [2009-02-13 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-06 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 127336]
R2 LFKAS;Service of LFKA; C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe [2009-04-15 208896]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NMSAccessU;NMSAccessU; D:\instalační aplikace\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\PC Tools Security\pctsAuxs.exe [2012-02-24 402336]
R2 sdcoreservice;PC Tools Security Service; C:\Program Files\PC Tools Security\pctsSvc.exe [2012-02-24 1117624]
R2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2013-03-11 2438896]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-09-24 15872]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Update Techgile;Update Techgile; C:\Program Files\Techgile\updateTechgile.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-08 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-15 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 23 úno 2015 18:46

Zdravim

Odinstalujte

McAfee Security Scan - adware z instalace Adobe Flash Playeru http://forum.viry.cz/viewtopic.php?p=1374437#p1374437

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

strny83 · #3 Příspěvek od **strny83** » 25 úno 2015 07:07

Dobrý den,

taky zdravím po delší odmlce, ale bohužel jsem byla 2 dny pryč. Nicméně jsem vše splnila a tady je výsledný log

# AdwCleaner v4.111 - Logfile created 25/02/2015 at 07:03:23
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Petra - PETRA-PC
# Running from : C:\Users\Petra\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : Update Techgile

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Petra\AppData\Local\Temp\allgenius
Folder Deleted : C:\Users\Petra\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
File Deleted : C:\END
File Deleted : C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\qtrt47od.default-1377446873997\user.js

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\systweak

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

-\\ Mozilla Firefox v35.0.1 (x86 cs)

[qtrt47od.default-1377446873997\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1400824350353");
[qtrt47od.default-1377446873997\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");
[qtrt47od.default-1377446873997\prefs.js] - Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
[qtrt47od.default-1377446873997\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "DBGETGEDLNTYJ8WZ+HHBTI4AGHOBAVLFAOJIB4VGLSJ4AVSMZGACCLK3XSYHU4UR+ZSKGJQJJ962OMD2J0OISQ");

-\\ Google Chrome v40.0.2214.115

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [3259 bytes] - [25/02/2015 07:00:21]
AdwCleaner[S0].txt - [3292 bytes] - [25/02/2015 07:03:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3351 bytes] ##########

#4 Příspěvek od **altrok** » 25 úno 2015 13:09

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

strny83 · #5 Příspěvek od **strny83** » 25 úno 2015 14:37

Tady vkládám log a přikládám rar do přílohy

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015
Ran by Petra (administrator) on PETRA-PC on 25-02-2015 14:32:12
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available profiles: Petra)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() D:\instalační aplikace\CDBurnerXP\NMSAccessU.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(ATK0101) C:\Program Files\Lenovo\ATK Hotkey\LControl.exe
(Lenovo) C:\Program Files\Lenovo\ATK Hotkey\LFKA.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsAuxs.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Google) C:\Program Files\Google\Google Talk\googletalk.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(PC Tools) C:\Program Files\PC Tools Security\pctsGui.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\ProgramData\Boxtools\Boxofttoolbox.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe [64960 2011-07-12] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2358544 2012-04-26] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [googletalk] => C:\Program Files\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [ISTray] => C:\Program Files\PC Tools Security\pctsGui.exe [2659768 2012-02-24] (PC Tools)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [2590208 2010-11-19] ()
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2483512 2014-07-03] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {39014370-5a4a-11e2-bd8e-0026180126a8} - F:\AutoRun.exe
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {630c1085-54bc-11e2-aa49-0026180126a8} - F:\AutoRun.exe
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {bd7b6717-0334-11e2-b6a8-0026180126a8} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://services.freshy.com/general/newh ... 061F6F}&i=
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newh ... 061F6F}&i=
URLSearchHook: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> {59043189-2E47-4252-958F-3E31DBF70CC5} URL = https://search.yahoo.com/yhs/search?hsp ... earchTerms}
SearchScopes: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> {6EF97C3B-89D0-4E2F-ACE6-06B179C64155} URL = http://search.yahoo.com/search?p={searc ... type=11185
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> No Name - {DEAB96ED-3F0D-4D79-BE3A-B4B95778C1A3} - No File
Toolbar: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 05 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 06 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 31 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\qtrt47od.default-1377446873997
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-102095476-2772293636-1273119950-1000: @kb-ext.cz/PKIComponent -> C:\Users\Petra\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\qtrt47od.default-1377446873997\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\qtrt47od.default-1377446873997\searchplugins\yahoo-1.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-15]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-16]
FF HKLM\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox
FF Extension: No Name - C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox [2015-01-05]
FF HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR HomePage: Default -> https://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-19]
CHR Extension: (Google Docs) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-08]
CHR Extension: (Google Drive) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-08]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-08]
CHR Extension: (Google Search) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-08]
CHR Extension: (Google Wallet) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-08]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-08]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe [94208 2009-02-13] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe [94208 2009-02-13] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-06] (AVAST Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Users\Petra\AppData\Local\Temp\7zS7DC4\hpslpsvc32.dll [701288 2013-07-19] (Hewlett-Packard Co.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [127336 2011-07-12] (Lenovo Group Limited)
R2 LFKAS; C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe [208896 2009-04-15] () [File not signed]
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; D:\instalační aplikace\CDBurnerXP\NMSAccessU.exe [71096 2009-09-06] ()
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 sdAuxService; C:\Program Files\PC Tools Security\pctsAuxs.exe [402336 2012-02-24] (PC Tools)
U2 sdcoreservice; C:\Program Files\PC Tools Security\pctsSvc.exe [1117624 2012-02-24] (PC Tools)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2438896 2013-03-11] (NETGATE Technologies s.r.o.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [15872 2009-09-24] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys [13880 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-06] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-07-18] (DT Soft Ltd)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [38224 2010-03-29] (Malwarebytes Corporation)
R3 MTsensor32; C:\Windows\System32\DRIVERS\PuAcpi32.sys [14344 2009-06-04] ()
S3 PCTBD; C:\Windows\System32\Drivers\PCTBD.sys [62688 2012-10-23] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [368616 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [909728 2012-02-28] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [202280 2012-11-01] (PC Tools)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [14168 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [20056 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [16216 2011-04-21] (NETGATE Technologies s.r.o.)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-09-28] () [File not signed]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 14:32 - 2015-02-25 14:32 - 00021046 _____ () C:\Users\Petra\Desktop\FRST.txt
2015-02-25 14:31 - 2015-02-25 14:32 - 00000000 ____D () C:\FRST
2015-02-25 14:29 - 2015-02-25 14:29 - 01127424 _____ (Farbar) C:\Users\Petra\Desktop\FRST.exe
2015-02-25 07:00 - 2015-02-25 07:03 - 00000000 ____D () C:\AdwCleaner
2015-02-23 18:10 - 2015-02-23 18:14 - 00000000 ____D () C:\rsit
2015-02-23 18:10 - 2015-02-23 18:14 - 00000000 ____D () C:\Program Files\trend micro
2015-02-23 08:44 - 2015-02-23 08:44 - 00001998 _____ () C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2015-02-23 08:44 - 2015-02-23 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
2015-02-23 08:44 - 2012-10-22 16:38 - 00368616 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore.sys
2015-02-23 08:44 - 2012-10-22 16:38 - 00163288 _____ (PC Tools) C:\Windows\system32\Drivers\PCTAppEvent.sys
2015-02-23 08:44 - 2012-02-28 11:43 - 00909728 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA.sys
2015-02-23 08:44 - 2012-02-28 11:43 - 00342168 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS.sys
2015-02-23 08:44 - 2012-02-24 10:35 - 00017848 _____ (PC Tools) C:\Windows\system32\Drivers\pctBTFix.sys
2015-02-23 08:44 - 2012-02-24 10:31 - 00253352 _____ (PC Tools) C:\Windows\system32\Drivers\pctgntdi.sys
2015-02-23 08:44 - 2012-02-24 10:31 - 00107864 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter.sys
2015-02-23 08:43 - 2012-02-24 10:37 - 00070536 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsg.sys
2015-02-19 10:51 - 2015-02-19 10:52 - 00456704 _____ () C:\Users\Petra\Desktop\A150210_VEN_024_DANE_2014C.xls
2015-02-16 18:25 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-02-16 18:25 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-02-16 18:04 - 2015-02-16 18:04 - 00001908 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-02-13 07:55 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 07:54 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 07:40 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 07:40 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 07:40 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 07:40 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 07:40 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 07:40 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 07:40 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 07:40 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 07:40 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 07:40 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 07:40 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 07:40 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 07:40 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 07:39 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-12 07:39 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 07:38 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 07:38 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 07:38 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 07:38 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 07:38 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 07:38 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-12 07:38 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 07:38 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-12 07:38 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 07:38 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 07:38 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 07:38 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 07:38 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 07:38 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 07:38 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 07:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 07:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 07:38 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 07:38 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 07:38 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 07:38 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-12 07:37 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 07:37 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 07:37 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 07:37 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 07:37 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 07:37 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 07:37 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 07:37 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 07:37 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 07:37 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 07:37 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 07:37 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 07:37 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 07:37 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 07:37 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 07:37 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 07:37 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 07:37 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 07:37 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 07:35 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 07:35 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 07:35 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-01-27 16:48 - 2015-01-27 16:48 - 00000000 ____D () C:\ProgramData\FarmFrenzy3
2015-01-27 15:51 - 2015-01-27 15:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 14:27 - 2012-07-18 17:27 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 14:15 - 2014-05-08 12:40 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 13:43 - 2012-07-15 12:30 - 01172703 _____ () C:\Windows\WindowsUpdate.log
2015-02-25 11:28 - 2014-05-08 12:40 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-25 08:50 - 2013-10-12 16:44 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-25 07:39 - 2013-07-11 09:45 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-25 07:29 - 2013-07-11 09:45 - 00000000 ____D () C:\Program Files\PC Tools Security
2015-02-25 07:17 - 2009-07-14 05:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 07:17 - 2009-07-14 05:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 07:07 - 2014-02-19 07:30 - 00000000 ____D () C:\ProgramData\Boxtools
2015-02-25 07:06 - 2014-07-09 08:40 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Spy Emergency
2015-02-25 07:05 - 2015-01-05 14:45 - 00011870 _____ () C:\Windows\setupact.log
2015-02-25 07:05 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-25 06:55 - 2012-07-24 19:38 - 00000000 ____D () C:\Users\Petra\AppData\Local\Adobe
2015-02-25 06:55 - 2012-07-18 17:27 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-25 06:55 - 2012-07-18 17:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-25 06:42 - 2015-01-05 14:45 - 00039624 _____ () C:\Windows\PFRO.log
2015-02-25 06:31 - 2012-07-18 14:53 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-02-24 19:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-02-23 08:59 - 2013-11-07 19:00 - 00000000 ____D () C:\Program Files\Common Files\PC Tools
2015-02-23 08:43 - 2013-11-07 18:26 - 00000000 ____D () C:\ProgramData\PC Tools
2015-02-17 07:30 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-16 18:25 - 2013-07-11 09:47 - 02170353 _____ () C:\Windows\system32\Drivers\Cat.DB
2015-02-16 14:08 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-12 19:46 - 2009-07-14 05:33 - 00411032 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 19:45 - 2014-12-10 11:57 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 19:45 - 2014-05-06 16:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 15:02 - 2013-11-15 09:48 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 14:53 - 2012-07-15 13:49 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-12 14:51 - 2012-07-18 17:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 14:51 - 2009-07-14 03:04 - 00000615 _____ () C:\Windows\win.ini
2015-02-08 10:13 - 2012-07-15 14:48 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-07 21:12 - 2012-07-15 12:43 - 01590786 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 18:34 - 2012-07-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-27 15:33 - 2012-07-18 14:53 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-26 19:28 - 2012-07-15 07:41 - 00000000 ____D () C:\HDD

==================== Files in the root of some directories =======

2012-09-08 17:51 - 2013-12-16 09:27 - 0032921 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\EAInstall.dll
C:\Users\Petra\AppData\Local\Temp\eauninstall.exe
C:\Users\Petra\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Petra\AppData\Local\Temp\GC_PCTOOLS.exe
C:\Users\Petra\AppData\Local\Temp\Quarantine.exe
C:\Users\Petra\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-16 14:01

==================== End Of Log ============================

#6 Příspěvek od **altrok** » 25 úno 2015 19:25

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC.

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Odinstalujte PC Tools Spyware Doctor 9.0

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {39014370-5a4a-11e2-bd8e-0026180126a8} - F:\AutoRun.exe
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {630c1085-54bc-11e2-aa49-0026180126a8} - F:\AutoRun.exe
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {bd7b6717-0334-11e2-b6a8-0026180126a8} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://services.freshy.com/general/newh ... 1185&guid={6A95CE6B-E977-44ED-BB8D-E3E6DB061F6F}&i=
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newh ... 1185&guid={6A95CE6B-E977-44ED-BB8D-E3E6DB061F6F}&i=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> {59043189-2E47-4252-958F-3E31DBF70CC5} URL = https://search.yahoo.com/yhs/search?hsp ... _010515&p={searchTerms}
SearchScopes: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> {6EF97C3B-89D0-4E2F-ACE6-06B179C64155} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11185
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
Toolbar: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> No Name - {DEAB96ED-3F0D-4D79-BE3A-B4B95778C1A3} - No File

FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"

2015-02-25 07:00 - 2015-02-25 07:03 - 00000000 ____D () C:\AdwCleaner
2015-02-23 18:10 - 2015-02-23 18:14 - 00000000 ____D () C:\rsit
2015-02-23 18:10 - 2015-02-23 18:14 - 00000000 ____D () C:\Program Files\trend micro
C:\Program Files\McAfee Security Scan

Task: {5C2BEDAE-1157-476A-8CDC-5876443F3DDF} - System32\Tasks\{11653A0E-30A7-4861-9041-B23E040BB06F} => pcalua.exe -a "D:\hry\Medal of Honor - Alied Assault\Důležité\Čeština.exe" -d "D:\hry\Medal of Honor - Alied Assault\Důležité"
Task: {5E718BE2-CFFF-46CC-911D-84A06823780C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {7AA4BA42-14E7-40A2-9ADD-0DA574ED877C} - System32\Tasks\{A6250923-1701-422A-B8E7-3E2C2FF838C2} => pcalua.exe -a "D:\hry\Mafia 1 – Plna Verze Hry – CZ\Setup.exe" -d "D:\hry\Mafia 1 – Plna Verze Hry – CZ"
Task: {7F9ACD06-7B0D-4DB3-9BDE-4D75738218A3} - System32\Tasks\{A3F2D03A-2FEA-4AFB-825D-A149C73B3DFF} => pcalua.exe -a C:\Users\Petra\Desktop\install_icq7.exe -d C:\Users\Petra\Desktop
Task: {9D1FD7A7-F231-484E-8827-9D49F5EA5F78} - System32\Tasks\{AC90A3E5-D9AC-4B9A-B9E4-DD60E50EC495} => pcalua.exe -a "D:\Nová složka\osfq03ww.exe" -d "D:\Nová složka"
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
Hosts:
EmptyTemp:
End

strny83 · #7 Příspěvek od **strny83** » 26 úno 2015 06:51

Tady je další log. Proč se vlastně měl zastavit ten windows defender? Není to spíš užitečný program? Chápu že je od windows, ale i tak..

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-02-2015
Ran by Petra at 2015-02-26 06:45:54 Run:2
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available profiles: Petra)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {39014370-5a4a-11e2-bd8e-0026180126a8} - F:\AutoRun.exe
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {630c1085-54bc-11e2-aa49-0026180126a8} - F:\AutoRun.exe
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\MountPoints2: {bd7b6717-0334-11e2-b6a8-0026180126a8} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://services.freshy.com/general/newh ... 1185&guid={6A95CE6B-E977-44ED-BB8D-E3E6DB061F6F}&i=
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newh ... 1185&guid={6A95CE6B-E977-44ED-BB8D-E3E6DB061F6F}&i=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> {59043189-2E47-4252-958F-3E31DBF70CC5} URL = https://search.yahoo.com/yhs/search?hsp ... _010515&p={searchTerms}
SearchScopes: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> {6EF97C3B-89D0-4E2F-ACE6-06B179C64155} URL = http://search.yahoo.com/search?p={searc ... type=11185
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
Toolbar: HKU\S-1-5-21-102095476-2772293636-1273119950-1000 -> No Name - {DEAB96ED-3F0D-4D79-BE3A-B4B95778C1A3} - No File

FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF HKU\S-1-5-21-102095476-2772293636-1273119950-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

CHR StartupUrls: Default -> "https://www.seznam.cz/?clid=22668"

2015-02-25 07:00 - 2015-02-25 07:03 - 00000000 ____D () C:\AdwCleaner
2015-02-23 18:10 - 2015-02-23 18:14 - 00000000 ____D () C:\rsit
2015-02-23 18:10 - 2015-02-23 18:14 - 00000000 ____D () C:\Program Files\trend micro
C:\Program Files\McAfee Security Scan

Task: {5C2BEDAE-1157-476A-8CDC-5876443F3DDF} - System32\Tasks\{11653A0E-30A7-4861-9041-B23E040BB06F} => pcalua.exe -a "D:\hry\Medal of Honor - Alied Assault\Důležité\Čeština.exe" -d "D:\hry\Medal of Honor - Alied Assault\Důležité"
Task: {5E718BE2-CFFF-46CC-911D-84A06823780C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {7AA4BA42-14E7-40A2-9ADD-0DA574ED877C} - System32\Tasks\{A6250923-1701-422A-B8E7-3E2C2FF838C2} => pcalua.exe -a "D:\hry\Mafia 1 – Plna Verze Hry – CZ\Setup.exe" -d "D:\hry\Mafia 1 – Plna Verze Hry – CZ"
Task: {7F9ACD06-7B0D-4DB3-9BDE-4D75738218A3} - System32\Tasks\{A3F2D03A-2FEA-4AFB-825D-A149C73B3DFF} => pcalua.exe -a C:\Users\Petra\Desktop\install_icq7.exe -d C:\Users\Petra\Desktop
Task: {9D1FD7A7-F231-484E-8827-9D49F5EA5F78} - System32\Tasks\{AC90A3E5-D9AC-4B9A-B9E4-DD60E50EC495} => pcalua.exe -a "D:\Nová složka\osfq03ww.exe" -d "D:\Nová složka"
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39014370-5a4a-11e2-bd8e-0026180126a8} => Key not found.
HKCR\CLSID\{39014370-5a4a-11e2-bd8e-0026180126a8} => Key not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{630c1085-54bc-11e2-aa49-0026180126a8} => Key not found.
HKCR\CLSID\{630c1085-54bc-11e2-aa49-0026180126a8} => Key not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd7b6717-0334-11e2-b6a8-0026180126a8} => Key not found.
HKCR\CLSID\{bd7b6717-0334-11e2-b6a8-0026180126a8} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{59043189-2E47-4252-958F-3E31DBF70CC5} => Key not found.
HKCR\CLSID\{59043189-2E47-4252-958F-3E31DBF70CC5} => Key not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EF97C3B-89D0-4E2F-ACE6-06B179C64155} => Key not found.
HKCR\CLSID\{6EF97C3B-89D0-4E2F-ACE6-06B179C64155} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key not found.
HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DEAB96ED-3F0D-4D79-BE3A-B4B95778C1A3} => Value not found.
HKCR\CLSID\{DEAB96ED-3F0D-4D79-BE3A-B4B95778C1A3} => Key not found.
Firefox DefaultSearchUrl deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => Key not found.
HKU\S-1-5-21-102095476-2772293636-1273119950-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => Value not found.
Chrome StartupUrls not detected.
"C:\AdwCleaner" => File/Directory not found.
"C:\rsit" => File/Directory not found.
"C:\Program Files\trend micro" => File/Directory not found.
"C:\Program Files\McAfee Security Scan" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C2BEDAE-1157-476A-8CDC-5876443F3DDF} => Key not found.
C:\Windows\System32\Tasks\{11653A0E-30A7-4861-9041-B23E040BB06F} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{11653A0E-30A7-4861-9041-B23E040BB06F} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E718BE2-CFFF-46CC-911D-84A06823780C} => Key not found.
C:\Windows\System32\Tasks\AutoKMS not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AA4BA42-14E7-40A2-9ADD-0DA574ED877C} => Key not found.
C:\Windows\System32\Tasks\{A6250923-1701-422A-B8E7-3E2C2FF838C2} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6250923-1701-422A-B8E7-3E2C2FF838C2} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F9ACD06-7B0D-4DB3-9BDE-4D75738218A3} => Key not found.
C:\Windows\System32\Tasks\{A3F2D03A-2FEA-4AFB-825D-A149C73B3DFF} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3F2D03A-2FEA-4AFB-825D-A149C73B3DFF} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D1FD7A7-F231-484E-8827-9D49F5EA5F78} => Key not found.
C:\Windows\System32\Tasks\{AC90A3E5-D9AC-4B9A-B9E4-DD60E50EC495} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AC90A3E5-D9AC-4B9A-B9E4-DD60E50EC495} => Key not found.
C:\Windows\Tasks\AutoKMS.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job not found.
C:\Windows\Tasks\SystemToolsDailyTest.job not found.
"C:\ProgramData\TEMP" => ":430C6D84" ADS not found.
"C:\ProgramData\TEMP" => ":DFC5A2B2" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 283.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog 06:46:24 ====

#8 Příspěvek od **altrok** » 26 úno 2015 10:24

Kód: Vybrat vše

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spy Emergency (Disabled - Up to date) {A77BE48A-B776-F747-8A39-C3ECDC95366D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: PC Tools Spyware Doctor (Disabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

Protoze jste mela zapnutych moc antispywarovych stitu, coz nedela dobrotu - koliduji a v nekterych pripadech zpusobuji pady systemu do modrych smrti (BSOD)... bohate postaci stit avastu (a chovat se bezpecne).

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

strny83 · #9 Příspěvek od **strny83** » 26 úno 2015 11:43

Aha a ta tabulka v poslením vašem příspěvku - tu zase mám zkopírovat uložit na plochu a spustit FRST a pak dočistit? Děkuji vám moc za pomoc! Jste super ! A byl tam nějaký vir nebo jen "bordel"?

#10 Příspěvek od **altrok** » 26 úno 2015 12:03

Ta tabulka ma ciste informativni charakter, kolik antispywarovych (zkratka "AS:" na zacatku radku) jste v PC mela - staci jedno - avast

Takze muzete uklidit a je hotovo

Vsechno to byly jen zbytecnosti a brzdy... zadni trojsti konici ani podobne zakernosti

strny83 · #11 Příspěvek od **strny83** » 26 úno 2015 14:10

Tak vám moc děkuji za pomoc. Jste tady skvělý tým.

děkuji moc!!!

#12 Příspěvek od **altrok** » 27 úno 2015 00:32

Nemate zac, rad jsem pomohl

Preju hladky prubeh statnic

Mejte se krasne a treba zase nekdy

VIRY.CZ

Zdravím všechny prosím o kontrolu

Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu

Re: Zdravím všechny prosím o kontrolu