VIRY.CZ

Zdravím
Mám problém s tímto virem. Chová se tak že blokuje domovskou stránku při spuštění prohlížeče a při brouzdání na internetu to vyhazuje reklamní spam. Projel jsem to malwarebytes ale problémy přetrvávají. Antivir nic nehlásí.
Rád bych se zbavil také těch HP programů. Odinstaloval jsem je ale stale tam běží nějaká instalace při spuštění.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Sova (03-09-2016 12:54:41)
Running from C:\Users\Sova\AppData\Local\Temp
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-03-22 21:50:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-375019350-2769613817-936794790-500 - Administrator - Disabled)
Guest (S-1-5-21-375019350-2769613817-936794790-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-375019350-2769613817-936794790-1003 - Limited - Enabled)
Sova (S-1-5-21-375019350-2769613817-936794790-1000 - Administrator - Enabled) => C:\Users\Sova

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{079F0C04-D744-D3E5-C3E0-50DDFB1EC129}) (Version: 3.0.624.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Media (HKLM\...\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}) (Version: - )
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (Version: 2007.0524.2140.36852 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
F300 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.9.3.1000 - Maxthon International Limited)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.05 - Motorola Inc)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81029}) (Version: 7.03.0188 - Nero AG)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Potplayer (HKLM\...\PotPlayer) (Version: - Kakao Corp.)
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0014 - ATK)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skins (Version: 2007.0524.2140.36852 - ATI) Hidden
Skype™ 7.26 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.)
Smart Switch (Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.) Hidden
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.1.0.0 - KYE Systems Corp.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-375019350-2769613817-936794790-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {015D653A-16A5-4FEA-B0BD-22D25B530EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {05ADE4C1-F4EF-48BB-A0DA-153DF345EC8D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {12ADB607-9BBB-419F-8331-FE452768A876} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-27] (Adobe Systems Incorporated)
Task: {52389FBB-5E27-4718-B575-289F0EDA23C0} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\MxEidolon.exe [2016-05-31] (Maxthon MxEidolo)
Task: {5F67B5D7-AB03-482D-8E67-DDAF843370F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {64E11E69-1571-44F3-A435-05DCF2CAE256} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7DBA337F-92E4-457B-A3CC-61BDA54AC50F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C9385825-55AD-4A2A-BC01-74950EBDE4F5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F4FE170E-D9CA-4E36-970B-D4F5392E6843} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FD03B01E-F365-4005-A43B-0A768D85B7B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD0B75D2-D2FF-4F43-AAA7-78FDDA0310F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FE82B8AF-1D27-46A0-BC98-A7B3BB82F0AE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sova\Desktop\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"

==================== Loaded Modules (Whitelisted) ==============

2016-03-24 02:18 - 2007-08-08 01:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2016-04-14 04:30 - 2015-12-16 15:16 - 00136704 _____ () C:\Users\Sova\AppData\Local\SmartGenius\resources\app\Protocol\Platform\win32\Release\ia32_hidWin.node
2016-04-14 04:30 - 2015-12-16 15:16 - 00102912 _____ () C:\Users\Sova\AppData\Local\SmartGenius\resources\app\Protocol\Platform\win32\Release\ia32_driverWin.node
2016-04-14 04:30 - 2015-12-16 15:16 - 00123904 _____ () C:\Users\Sova\AppData\Local\SmartGenius\resources\app\Protocol\Platform\win32\Release\ia32_sysWin.node
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-08-27 18:57 - 2016-02-02 10:13 - 00312744 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll
2016-08-27 18:57 - 2016-02-03 05:48 - 09266600 _____ () C:\Program Files\Maxthon\Core\Blink\plugins\pdf.dll
2016-08-27 18:57 - 2016-04-05 13:31 - 16393032 _____ () C:\Program Files\Maxthon\Core\Blink\plugins\pepflashplayer.dll
2016-08-27 18:57 - 2016-02-02 10:13 - 00312744 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll
2016-08-27 18:57 - 2016-02-03 05:48 - 02354488 _____ () C:\Program Files\Maxthon\Core\Blink\ffmpegsumo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [137]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-375019350-2769613817-936794790-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FDCB301B-3CA5-40B3-914F-BE5F3E85BED2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{006AF40C-10A5-433E-A548-9B0174DBAFBD}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9B600EEF-31DD-4624-9D12-6FB5A7B0ED8B}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBB31F55-D09A-4202-96BC-33FD5F8F2B44}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9F5BA603-A3ED-4C19-AFA3-F659A0BD38C2}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32D5D3A7-DB22-4213-83ED-D59F8FABD032}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFEB921D-7199-48D7-B170-5647840B5A8F}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{61349E0E-8672-4C55-B2BD-AF083FD26ED9}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [UDP Query User{3203277B-48AD-47F9-9682-DE581CDF6192}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [{92371D6C-9798-41D0-A3A8-C638D4366D4C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EB23EED1-B99F-4505-9C28-20F808F69BBC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{03DC4ECE-FE00-4314-AFF3-FE3AB0B9FEE5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{26A34F17-9A47-4AB9-A18A-EEE8CD3D5196}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{F69C139A-82D3-4A58-86B7-25050B9B77CD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{EB42BE8F-BB1B-4B4D-8C59-8C3095E1CB21}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FB36D5F5-EF96-41D2-BA4A-0C7A45BC3BDC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A279C2D5-F000-4EC5-9000-6B96601FDB9A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A4795FEA-A2E5-4918-BED4-6316FC7AD276}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{56A52144-2CC8-4D51-B480-C5E4AB838288}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2F0013BD-18F7-4D20-98BC-954CC4C71EFF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{DE949977-70D4-46FD-93B8-EE223A764BB8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{50378D3F-56CD-45FC-8BD9-2B6EFFE1EADF}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{7CB738FC-E07A-4D1A-BE72-4F8F5F47659B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{9E58750C-413D-4B6A-978E-63FD1FA036AD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{24BC6C8A-09B4-4479-B39F-EB28CC19A68D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{178784A5-BCC8-48AD-94C0-045E5B4607E7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FADED634-31DB-4A9F-AD51-54BE2D618E13}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{4D6D21FC-7806-47F4-AD78-EFB15B1ED399}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B3D7CD7D-5DAF-4CF6-9395-1AD4ACEFE28D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B79445F9-895D-492F-9D15-27E100FF4354}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A7464464-D5DF-4AA1-9700-1134D6A4AF6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{649C68F1-F8CE-4FF6-9D62-4AB9E1732361}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E2ACCF44-724E-491D-8EB0-814238F14DD2}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{62C5A24B-7D27-4288-8755-9FB8EF2E384B}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [TCP Query User{4737BF70-A7DF-410E-9998-B181BE0AC23E}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [UDP Query User{D2BAFD9B-E18D-40CD-8743-302C5D05C0A1}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe

==================== Restore Points =========================

02-09-2016 22:05:07 Configured PartitionMagic
02-09-2016 22:06:30 Revo Uninstaller's restore point - Remo Recover 4.0
02-09-2016 22:07:41 Revo Uninstaller's restore point - SysTools PenDrive Recovery v1.1
02-09-2016 22:08:48 Revo Uninstaller's restore point - UFS Explorer RAID Recovery, version 5.19
02-09-2016 22:09:48 Revo Uninstaller's restore point - USB Disk Storage Format Tool 5.1
03-09-2016 08:29:29 Revo Uninstaller's restore point - SrpnFiles
03-09-2016 11:12:07 Revo Uninstaller's restore point - R-Studio 8.0
03-09-2016 11:14:01 Revo Uninstaller's restore point - Recuva
03-09-2016 11:16:34 Revo Uninstaller's restore point - MiniTool Power Data Recovery Free Edition 7.0
03-09-2016 11:18:26 Revo Uninstaller's restore point - Shop for HP Supplies
03-09-2016 11:24:10 Revo Uninstaller's restore point - HP Solution Center 13.0
03-09-2016 11:39:01 Revo Uninstaller's restore point - HP Customer Participation Program 13.0
03-09-2016 11:47:15 Revo Uninstaller's restore point - HP Photosmart Essential 3.5
03-09-2016 11:48:32 Revo Uninstaller's restore point - HP Imaging Device Functions 13.0
03-09-2016 11:57:54 Revo Uninstaller's restore point - HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
03-09-2016 12:00:02 Revo Uninstaller's restore point - HP Imaging Device Functions 13.0
03-09-2016 12:01:34 Revo Uninstaller's restore point - HP Smart Web Printing 4.51
03-09-2016 12:03:44 Revo Uninstaller's restore point - HP Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2016 12:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqtra08.exe, verze: 130.0.422.0, časové razítko: 0x4ab683ef
Název chybujícího modulu: hpqtra08.exe, verze: 130.0.422.0, časové razítko: 0x4ab683ef
Kód výjimky: 0xc0000005
Posun chyby: 0x0000d01e
ID chybujícího procesu: 0xbf0
Čas spuštění chybující aplikace: 0x01d205cfa6fadfce
Cesta k chybující aplikaci: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Cesta k chybujícímu modulu: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
ID zprávy: 5cdb69a1-71c3-11e6-9308-001d604d90ae

Error: (09/03/2016 12:44:13 PM) (Source: MsiInstaller) (EventID: 11706) (User: Sova-PC)
Description: Product: HPPhotosmartEssential -- Error 1706. An installation package for the product HPPhotosmartEssential cannot be found. Try the installation again using a valid copy of the installation package 'HPPhotosmartEssential.msi'.

Error: (09/03/2016 11:57:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0529d746-5eee-4a55-a5f5-9b6851d836a4}

Error: (09/03/2016 11:56:50 AM) (Source: MsiInstaller) (EventID: 11706) (User: Sova-PC)
Description: Product: HPPhotosmartEssential -- Error 1706. An installation package for the product HPPhotosmartEssential cannot be found. Try the installation again using a valid copy of the installation package 'HPPhotosmartEssential.msi'.

Error: (09/03/2016 11:39:01 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {dba5bf61-64f6-4661-8535-2449898eaa2e}

Error: (09/03/2016 11:12:06 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {f24a6274-3c47-48a7-afb3-9f7037d1ebf2}

Error: (09/03/2016 08:36:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23418 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1a0

Čas spuštění: 01d205ad3020bc11

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: aed6b892-71a0-11e6-be89-001d604d90ae

Error: (09/03/2016 08:29:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {eefa6988-3526-4762-a049-34cf310a2aa2}

Error: (09/02/2016 10:09:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary PQNTDrv.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (09/02/2016 10:08:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary PQNTDrv.

System Error:
Systém nemůže nalézt uvedený soubor.
.


System errors:
=============
Error: (09/03/2016 12:39:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Eset Trial Reset neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/03/2016 12:39:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Eset Trial Reset bylo dosaženo časového limitu (30000 ms).

Error: (09/03/2016 11:51:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Eset Trial Reset neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/03/2016 11:51:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Eset Trial Reset bylo dosaženo časového limitu (30000 ms).

Error: (09/03/2016 11:50:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (09/03/2016 11:50:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Spooler se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (09/03/2016 11:49:55 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (09/03/2016 11:49:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Stínová kopie svazku byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/03/2016 11:49:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (09/03/2016 11:49:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55
Percentage of memory in use: 53%
Total physical RAM: 3071.21 MB
Available physical RAM: 1420.04 MB
Total Virtual: 6140.75 MB
Available Virtual: 4340.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:81.26 GB) (Free:21.14 GB) NTFS
Drive d: (DATA) (Fixed) (Total:67.69 GB) (Free:27.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=81.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=67.7 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

________________

formation tool 1.10 (written by random/random)
Run by Sova at 2016-09-03 12:53:59
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 22 GB (26%) free of 83 GB
Total RAM: 3071 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:54:08, on 3.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18427)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Sova\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Sova\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Users\Sova\AppData\Local\Temp\FRST(1).exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sova\Desktop\RSIT.exe
C:\Program Files\trend micro\Sova.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SmartGenius] "C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe" -noShow
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

--
End of file - 6464 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06 584664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06 584664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2016-03-24 155648]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe [2016-08-27 1972224]
"SmartGenius"=C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe [2015-10-05 51267584]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-07-13 29494400]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-06-01 6690520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=serwvdrv.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.VP80"=vp8vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-03 12:53:59 ----D---- C:\rsit
2016-09-03 12:53:59 ----D---- C:\Program Files\trend micro
2016-09-03 12:49:58 ----D---- C:\FRST
2016-09-03 12:09:56 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-09-03 12:09:28 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-09-03 12:09:28 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-09-03 12:09:28 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-09-03 12:09:28 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-09-03 11:43:27 ----D---- C:\AdwCleaner
2016-09-02 23:33:32 ----D---- C:\Users\Sova\AppData\Roaming\R-TT
2016-09-02 23:26:35 ----D---- C:\Program Files\CCleaner
2016-08-31 17:30:49 ----D---- C:\ProgramData\SysDev Laboratories
2016-08-31 17:30:44 ----D---- C:\Users\Sova\AppData\Roaming\SysDev Laboratories
2016-08-31 17:20:18 ----D---- C:\ProgramData\Licenses
2016-08-31 17:20:18 ----AD---- C:\ProgramData\TEMP
2016-08-31 17:19:58 ----A---- C:\Windows\system32\drivers\rsdrv.sys
2016-08-28 09:52:08 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\wdigest.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\schannel.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\kerberos.dll
2016-08-28 09:52:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-28 09:52:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-28 09:52:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-28 09:52:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-28 09:52:06 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\sspicli.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\secur32.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\msobjs.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\msaudite.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\lsass.exe
2016-08-28 09:52:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-28 09:52:06 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\credssp.dll
2016-08-28 09:52:06 ----A---- C:\Windows\system32\auditpol.exe
2016-08-28 09:52:06 ----A---- C:\Windows\system32\adtschema.dll
2016-08-28 09:51:57 ----A---- C:\Windows\system32\wpnpinst.exe
2016-08-28 09:51:57 ----A---- C:\Windows\system32\win32spl.dll
2016-08-28 09:51:57 ----A---- C:\Windows\system32\ntprint.exe
2016-08-28 09:51:57 ----A---- C:\Windows\system32\ntprint.dll
2016-08-28 09:51:57 ----A---- C:\Windows\system32\localspl.dll
2016-08-28 09:51:57 ----A---- C:\Windows\system32\inetppui.dll
2016-08-28 09:51:57 ----A---- C:\Windows\system32\inetpp.dll
2016-08-28 09:51:53 ----A---- C:\Windows\system32\tzres.dll
2016-08-28 09:51:45 ----A---- C:\Windows\system32\win32k.sys
2016-08-28 09:51:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-28 09:51:32 ----A---- C:\Windows\system32\inseng.dll
2016-08-28 09:51:32 ----A---- C:\Windows\system32\iernonce.dll
2016-08-28 09:51:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-08-28 09:51:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-08-28 09:51:32 ----A---- C:\Windows\system32\ie4uinit.exe
2016-08-28 09:51:31 ----A---- C:\Windows\system32\urlmon.dll
2016-08-28 09:51:31 ----A---- C:\Windows\system32\occache.dll
2016-08-28 09:51:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-28 09:51:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-08-28 09:51:30 ----A---- C:\Windows\system32\jsproxy.dll
2016-08-28 09:51:30 ----A---- C:\Windows\system32\jscript9diag.dll
2016-08-28 09:51:30 ----A---- C:\Windows\system32\ieUnatt.exe
2016-08-28 09:51:29 ----A---- C:\Windows\system32\msfeeds.dll
2016-08-28 09:51:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-08-28 09:51:29 ----A---- C:\Windows\system32\dxtmsft.dll
2016-08-28 09:51:24 ----A---- C:\Windows\system32\webcheck.dll
2016-08-28 09:51:23 ----A---- C:\Windows\system32\msrating.dll
2016-08-28 09:51:23 ----A---- C:\Windows\system32\iesetup.dll
2016-08-28 09:51:21 ----A---- C:\Windows\system32\wininet.dll
2016-08-28 09:51:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-08-28 09:51:18 ----A---- C:\Windows\system32\dxtrans.dll
2016-08-28 09:51:16 ----A---- C:\Windows\system32\ieui.dll
2016-08-28 09:51:14 ----A---- C:\Windows\system32\ieframe.dll
2016-08-28 09:51:09 ----A---- C:\Windows\system32\mshtmled.dll
2016-08-28 09:51:08 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-08-28 09:51:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-08-28 09:51:05 ----A---- C:\Windows\system32\iertutil.dll
2016-08-28 09:51:01 ----A---- C:\Windows\system32\mshtml.dll
2016-08-28 09:50:57 ----A---- C:\Windows\system32\jscript9.dll
2016-08-28 09:50:54 ----A---- C:\Windows\system32\vbscript.dll
2016-08-28 09:50:54 ----A---- C:\Windows\system32\jscript.dll
2016-08-28 09:50:11 ----A---- C:\Windows\system32\invagent.dll
2016-08-28 09:50:11 ----A---- C:\Windows\system32\devinv.dll
2016-08-28 09:50:11 ----A---- C:\Windows\system32\centel.dll
2016-08-28 09:50:11 ----A---- C:\Windows\system32\appraiser.dll
2016-08-28 09:50:11 ----A---- C:\Windows\system32\aepic.dll
2016-08-28 09:50:11 ----A---- C:\Windows\system32\aeinv.dll
2016-08-28 09:50:10 ----A---- C:\Windows\system32\generaltel.dll
2016-08-28 09:50:10 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-08-28 09:50:10 ----A---- C:\Windows\system32\acmigration.dll
2016-08-27 18:57:24 ----D---- C:\Program Files\Maxthon

======List of files/folders modified in the last 1 month======

2016-09-03 12:54:02 ----D---- C:\Windows\Temp
2016-09-03 12:53:59 ----RD---- C:\Program Files
2016-09-03 12:53:21 ----D---- C:\Users\Sova\AppData\Roaming\uTorrent
2016-09-03 12:51:13 ----SHD---- C:\System Volume Information
2016-09-03 12:50:11 ----D---- C:\Windows
2016-09-03 12:45:21 ----D---- C:\Windows\system32\config
2016-09-03 12:44:17 ----SHD---- C:\Windows\Installer
2016-09-03 12:44:16 ----HD---- C:\Config.Msi
2016-09-03 12:42:06 ----D---- C:\Users\Sova\AppData\Roaming\Skype
2016-09-03 12:40:19 ----D---- C:\ProgramData\Kaspersky Lab
2016-09-03 12:39:23 ----D---- C:\Program Files\HP
2016-09-03 12:39:19 ----D---- C:\Windows\system32\drivers
2016-09-03 12:39:19 ----D---- C:\Windows\cs-CZ
2016-09-03 11:58:24 ----D---- C:\Windows\inf
2016-09-03 11:31:20 ----D---- C:\ProgramData\HP
2016-09-03 11:31:19 ----RSD---- C:\Windows\Fonts
2016-09-03 11:31:03 ----D---- C:\Windows\System32
2016-09-03 11:29:42 ----HD---- C:\ProgramData
2016-09-03 11:26:30 ----D---- C:\Windows\Prefetch
2016-09-03 10:56:39 ----D---- C:\Windows\Panther
2016-09-03 10:56:39 ----D---- C:\Windows\ModemLogs
2016-09-03 10:56:39 ----D---- C:\Users\Sova\AppData\Roaming\DAEMON Tools Lite
2016-09-03 10:56:38 ----D---- C:\Windows\Minidump
2016-09-03 10:56:38 ----D---- C:\Windows\Logs
2016-09-03 10:56:38 ----D---- C:\Windows\debug
2016-09-02 23:26:46 ----D---- C:\Windows\system32\Tasks
2016-09-02 22:05:47 ----HD---- C:\Program Files\InstallShield Installation Information
2016-08-31 17:07:32 ----SD---- C:\Users\Sova\AppData\Roaming\Microsoft
2016-08-31 16:46:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-31 16:10:53 ----D---- C:\Program Files\Common Files\InstallShield
2016-08-31 11:17:33 ----D---- C:\442d6bbdd87cff373173f72da8
2016-08-29 10:52:26 ----D---- C:\Windows\rescache
2016-08-28 17:18:56 ----D---- C:\ProgramData\Yahoo!
2016-08-28 17:06:51 ----D---- C:\Windows\Microsoft.NET
2016-08-28 17:04:30 ----RSD---- C:\Windows\assembly
2016-08-28 16:38:09 ----D---- C:\Windows\winsxs
2016-08-28 16:34:33 ----D---- C:\Program Files\Windows Journal
2016-08-28 16:34:32 ----D---- C:\Windows\system32\cs-CZ
2016-08-28 16:34:31 ----D---- C:\Windows\AppPatch
2016-08-28 16:34:30 ----D---- C:\Windows\system32\en-US
2016-08-28 16:34:29 ----D---- C:\Program Files\Internet Explorer
2016-08-28 16:34:28 ----D---- C:\Windows\system32\appraiser
2016-08-28 12:21:58 ----D---- C:\Windows\system32\MRT
2016-08-28 12:16:52 ----AC---- C:\Windows\system32\MRT.exe
2016-08-28 09:49:52 ----D---- C:\Windows\system32\catroot2
2016-08-27 21:19:51 ----RD---- C:\Program Files\Skype
2016-08-27 21:19:39 ----D---- C:\ProgramData\Skype
2016-08-27 19:29:09 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-08-27 19:29:01 ----D---- C:\Windows\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x86 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 201912]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-06-22 153784]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 46776]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\rsdrv.sys [2009-02-12 22312]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-06-27 58224]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2016-05-25 53168]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-05-25 785328]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-05-25 44120]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-12-06 39304]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 54328]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-06-16 87736]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-06-23 156856]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-04-18 66976]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2016-03-24 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-03-24 2609152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 gFilterMouUsb;SmartGenius Mouse Drv; C:\Windows\system32\DRIVERS\gFilterMouUsb.sys [2015-08-10 25432]
R3 ioFakDrv;ioVirtual Device; C:\Windows\system32\DRIVERS\ioFakDrv.sys [2015-08-10 31576]
R3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer; C:\Windows\system32\DRIVERS\ioFakMap.sys [2015-08-10 20312]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-12-06 147328]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-06-06 37048]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 38072]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-01-08 99296]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-01-08 191200]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2016-03-24 602112]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 .EsetTrialReset;Eset Trial Reset; C:\Windows\system32\regedt32.exe [2009-07-14 9216]
S2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [2015-12-06 194000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-27 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-08-02 102912]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

zde

To nemůžete dát ten log rovnou sem? Dejte nový log FRST a Additional.

Nešlo to vložit tak jsem to dal do RARu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Sova (administrator) on SOVA-PC (03-09-2016 17:24:25)
Running from C:\Users\Sova\Desktop
Loaded Profiles: Sova (Available Profiles: Sova)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BitTorrent Inc.) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
(KYE Systems Corp, Inc.) C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BitTorrent Inc.) C:\Users\Sova\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(BitTorrent Inc.) C:\Users\Sova\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(ALPS) C:\Program Files\Apoint2K\Apvfb.exe
(KYE Systems Corp, Inc.) C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [155648 2016-03-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\Run: [uTorrent] => C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-27] (BitTorrent Inc.)
HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\Run: [SmartGenius] => C:\Users\Sova\AppData\Local\SmartGenius\SmartGenius.exe [51267584 2015-10-05] (KYE Systems Corp, Inc.)
HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-01] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-03-23] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5970C647-DDB1-4173-AB42-F1E8DA963951}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{CDD6593E-D98D-4219-85FA-C84D2173F608}: [DhcpNameServer] 10.0.0.138
ManualProxies: 0hxxp://nonblock.net/wpad.dat?8a29011cdfd858c162c18e704d0ab09715627362

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-05-25]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
S2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 .EsetTrialReset; C:\Windows\system32\regedt32.exe /s C:\Windows\esettrialreset.reg

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R3 gFilterMouUsb; C:\Windows\System32\DRIVERS\gFilterMouUsb.sys [25432 2015-08-10] ()
R3 ioFakDrv; C:\Windows\System32\DRIVERS\ioFakDrv.sys [31576 2015-08-10] (KYE System Corp.)
R3 ioFakMap; C:\Windows\System32\DRIVERS\ioFakMap.sys [20312 2015-08-10] (KYE System Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [58224 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [66976 2016-04-18] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [147328 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [53168 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [785328 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [44120 2016-05-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [39304 2015-12-06] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-03 17:24 - 2016-09-03 17:24 - 01747968 _____ (Farbar) C:\Users\Sova\Desktop\FRST.exe
2016-09-03 17:24 - 2016-09-03 17:24 - 00011848 _____ C:\Users\Sova\Desktop\FRST.txt
2016-09-03 17:22 - 2016-09-03 17:22 - 00015327 _____ C:\Users\Sova\Desktop\LM.bat
2016-09-03 14:32 - 2016-09-03 14:32 - 03826240 _____ C:\Users\Sova\Desktop\adwcleaner_6.010.exe
2016-09-03 12:53 - 2016-09-03 12:54 - 00000000 ____D C:\rsit
2016-09-03 12:53 - 2016-09-03 12:54 - 00000000 ____D C:\Program Files\trend micro
2016-09-03 12:53 - 2016-09-03 12:53 - 01107968 _____ C:\Users\Sova\Desktop\RSIT.exe
2016-09-03 12:51 - 2016-09-03 12:51 - 00112640 _____ (forum.viry.cz) C:\Users\Sova\Desktop\FRSTLauncher.exe
2016-09-03 12:50 - 2016-09-03 17:22 - 00029696 _____ C:\Users\Sova\AppData\Local\MSGBOX.EXE
2016-09-03 12:49 - 2016-09-03 17:24 - 00000000 ____D C:\FRST
2016-09-03 12:41 - 2016-09-03 12:41 - 00000000 ____D C:\Users\Sova\AppData\LocalLow\uTorrent
2016-09-03 12:09 - 2016-09-03 12:41 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-03 12:09 - 2016-09-03 12:09 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-03 12:09 - 2016-09-03 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-03 12:09 - 2016-09-03 12:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-03 12:09 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-03 12:09 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-03 12:09 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-03 11:43 - 2016-09-03 14:44 - 00000000 ____D C:\AdwCleaner
2016-09-02 23:38 - 2016-09-02 23:38 - 00000000 ____D C:\Users\Sova\Downloads\Root
2016-09-02 23:33 - 2016-09-02 23:33 - 00000000 ____D C:\Users\Sova\AppData\Roaming\R-TT
2016-09-02 23:32 - 2016-09-02 23:33 - 00000000 ____D C:\Users\Sova\Documents\R-TT
2016-09-02 23:26 - 2016-09-03 08:41 - 00000000 ____D C:\Program Files\CCleaner
2016-09-02 23:26 - 2016-09-02 23:26 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-02 23:26 - 2016-09-02 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-31 17:41 - 2016-08-31 17:41 - 00262144 _____ C:\Windows\system32\config\elam
2016-08-31 17:30 - 2016-09-02 22:09 - 00000000 ____D C:\Users\Sova\AppData\Roaming\SysDev Laboratories
2016-08-31 17:30 - 2016-08-31 17:30 - 00000000 ____D C:\ProgramData\SysDev Laboratories
2016-08-31 17:20 - 2016-08-31 20:45 - 00000000 ____D C:\ProgramData\TEMP
2016-08-31 17:19 - 2009-02-12 15:11 - 00022312 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrv.sys
2016-08-28 09:52 - 2016-07-08 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-28 09:52 - 2016-07-08 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-28 09:52 - 2016-07-08 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-28 09:52 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-28 09:52 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-28 09:52 - 2016-07-08 16:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-28 09:52 - 2016-07-08 16:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-28 09:52 - 2016-07-08 16:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-28 09:52 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-28 09:52 - 2016-07-08 16:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-28 09:52 - 2016-07-08 16:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-28 09:51 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-28 09:51 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-28 09:51 - 2016-08-02 08:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-28 09:51 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-28 09:51 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-28 09:51 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-28 09:51 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-28 09:51 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-28 09:51 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-28 09:51 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-28 09:51 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-28 09:51 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-28 09:51 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-28 09:51 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-28 09:51 - 2016-08-02 07:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-28 09:51 - 2016-08-02 07:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-28 09:51 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-28 09:51 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-28 09:51 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-28 09:51 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-28 09:51 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-28 09:51 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-28 09:51 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-28 09:51 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-28 09:51 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-28 09:51 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-28 09:51 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-28 09:51 - 2016-08-02 07:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-28 09:51 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-28 09:51 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-28 09:51 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-28 09:51 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-28 09:51 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-28 09:51 - 2016-07-08 16:53 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-28 09:51 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-28 09:51 - 2016-06-25 21:53 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-28 09:51 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-28 09:51 - 2016-06-25 21:53 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-28 09:51 - 2016-06-25 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-28 09:51 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-28 09:51 - 2016-06-25 21:41 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-28 09:50 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-28 09:50 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-28 09:50 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-28 09:50 - 2016-06-25 22:01 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-28 09:50 - 2016-06-25 21:53 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-28 09:50 - 2016-06-22 15:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-28 09:50 - 2016-06-17 20:23 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-28 09:50 - 2016-06-17 20:23 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-28 09:50 - 2016-06-17 20:23 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-28 09:50 - 2016-06-17 20:23 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-28 09:50 - 2016-06-17 20:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-28 09:50 - 2016-06-17 20:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-27 22:11 - 2015-12-04 05:38 - 00000000 ____D C:\Users\Sova\Todd & woman
2016-08-27 22:10 - 2016-08-27 22:10 - 03924861 _____ C:\Users\Sova\Downloads\Toddwoman.rar
2016-08-27 21:48 - 2016-09-02 22:12 - 00001023 _____ C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-08-27 21:48 - 2016-09-02 22:12 - 00000975 _____ C:\Users\Sova\Desktop\Start Tor Browser.lnk
2016-08-27 21:46 - 2016-08-27 21:47 - 00000000 ____D C:\Users\Sova\Desktop\Tor Browser
2016-08-27 18:57 - 2016-09-02 22:12 - 00001237 _____ C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2016-08-27 18:57 - 2016-08-27 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2016-08-27 18:57 - 2016-08-27 18:57 - 00000000 ____D C:\Program Files\Maxthon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-03 17:24 - 2016-03-29 18:26 - 00000000 ____D C:\Users\Sova\AppData\Roaming\uTorrent
2016-09-03 16:41 - 2016-03-29 14:10 - 00000000 ____D C:\Users\Sova\AppData\Roaming\Skype
2016-09-03 16:28 - 2016-04-16 11:03 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-03 12:50 - 2009-07-14 06:34 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-03 12:50 - 2009-07-14 06:34 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-03 12:40 - 2016-04-17 12:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-03 12:39 - 2016-05-15 11:58 - 00000000 ____D C:\Program Files\HP
2016-09-03 12:39 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-03 12:05 - 2016-05-15 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-09-03 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-09-03 11:36 - 2016-03-23 00:22 - 00084576 _____ C:\Users\Sova\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-03 11:34 - 2009-07-14 06:33 - 00342248 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-03 11:31 - 2016-05-15 11:49 - 00000000 ____D C:\ProgramData\HP
2016-09-03 10:56 - 2016-04-02 20:56 - 00000000 ____D C:\Windows\Minidump
2016-09-03 10:56 - 2016-03-29 15:41 - 00000000 ____D C:\Users\Sova\AppData\Roaming\DAEMON Tools Lite
2016-09-03 10:56 - 2016-03-22 23:41 - 00000000 ____D C:\Windows\Panther
2016-09-03 10:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\ModemLogs
2016-09-02 22:12 - 2016-03-22 23:50 - 00001611 _____ C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-02 22:05 - 2016-03-23 15:27 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-08-31 16:46 - 2016-03-22 23:54 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-31 16:46 - 2009-07-14 10:44 - 00668376 _____ C:\Windows\system32\perfh005.dat
2016-08-31 16:46 - 2009-07-14 10:44 - 00141004 _____ C:\Windows\system32\perfc005.dat
2016-08-31 16:10 - 2016-03-23 15:26 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-08-31 11:17 - 2016-03-24 15:08 - 00000000 ____D C:\442d6bbdd87cff373173f72da8
2016-08-29 10:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-08-28 17:18 - 2016-04-16 10:11 - 00000000 ____D C:\ProgramData\Yahoo!
2016-08-28 16:34 - 2016-03-24 23:20 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-28 16:34 - 2009-07-14 11:21 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-28 12:21 - 2016-03-23 00:45 - 00000000 ____D C:\Windows\system32\MRT
2016-08-28 12:16 - 2016-03-23 00:45 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-27 22:11 - 2016-03-22 23:50 - 00000000 ____D C:\Users\Sova
2016-08-27 21:19 - 2016-06-14 13:26 - 00000000 ___RD C:\Program Files\Skype
2016-08-27 21:19 - 2016-03-29 14:09 - 00000000 ____D C:\ProgramData\Skype
2016-08-27 19:29 - 2016-04-16 11:03 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-08-27 19:29 - 2016-04-16 11:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-08-27 19:29 - 2016-04-16 11:03 - 00000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2016-09-03 12:50 - 2016-09-03 17:22 - 0029696 _____ () C:\Users\Sova\AppData\Local\MSGBOX.EXE
2016-05-15 11:57 - 2016-09-03 12:02 - 0008811 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Sova\AppData\Local\Temp\adwcleaner_6.010(1).exe
C:\Users\Sova\AppData\Local\Temp\adwcleaner_6.010.exe
C:\Users\Sova\AppData\Local\Temp\DDR_Pen_Drive_Recovery_Version_4.0.1.6_Crack_free.rar_downloader.exe
C:\Users\Sova\AppData\Local\Temp\FRST(1).exe
C:\Users\Sova\AppData\Local\Temp\FRST.exe
C:\Users\Sova\AppData\Local\Temp\FRSTLauncher(1).exe
C:\Users\Sova\AppData\Local\Temp\FRSTLauncher.exe
C:\Users\Sova\AppData\Local\Temp\mbam-setup-2.2.1.1043.exe
C:\Users\Sova\AppData\Local\Temp\pdr7free.exe
C:\Users\Sova\AppData\Local\Temp\rcsetup153.exe
C:\Users\Sova\AppData\Local\Temp\RStudio8.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-29 10:42

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Sova (03-09-2016 17:25:14)
Running from C:\Users\Sova\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-03-22 21:50:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-375019350-2769613817-936794790-500 - Administrator - Disabled)
Guest (S-1-5-21-375019350-2769613817-936794790-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-375019350-2769613817-936794790-1003 - Limited - Enabled)
Sova (S-1-5-21-375019350-2769613817-936794790-1000 - Administrator - Enabled) => C:\Users\Sova

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-375019350-2769613817-936794790-1000\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{079F0C04-D744-D3E5-C3E0-50DDFB1EC129}) (Version: 3.0.624.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Media (HKLM\...\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}) (Version: - )
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (Version: 2007.0524.2140.36852 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
F300 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.9.3.1000 - Maxthon International Limited)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.05 - Motorola Inc)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81029}) (Version: 7.03.0188 - Nero AG)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Potplayer (HKLM\...\PotPlayer) (Version: - Kakao Corp.)
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0014 - ATK)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skins (Version: 2007.0524.2140.36852 - ATI) Hidden
Skype™ 7.26 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.)
Smart Switch (Version: 4.1.16034.4 - Samsung Electronics Co., Ltd.) Hidden
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.1.0.0 - KYE Systems Corp.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-375019350-2769613817-936794790-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {015D653A-16A5-4FEA-B0BD-22D25B530EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {05ADE4C1-F4EF-48BB-A0DA-153DF345EC8D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {12ADB607-9BBB-419F-8331-FE452768A876} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-27] (Adobe Systems Incorporated)
Task: {52389FBB-5E27-4718-B575-289F0EDA23C0} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\MxEidolon.exe [2016-05-31] (Maxthon MxEidolo)
Task: {5F67B5D7-AB03-482D-8E67-DDAF843370F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {64E11E69-1571-44F3-A435-05DCF2CAE256} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7DBA337F-92E4-457B-A3CC-61BDA54AC50F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C9385825-55AD-4A2A-BC01-74950EBDE4F5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F4FE170E-D9CA-4E36-970B-D4F5392E6843} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FD03B01E-F365-4005-A43B-0A768D85B7B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD0B75D2-D2FF-4F43-AAA7-78FDDA0310F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FE82B8AF-1D27-46A0-BC98-A7B3BB82F0AE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sova\Desktop\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"

==================== Loaded Modules (Whitelisted) ==============

2016-03-24 02:18 - 2007-08-08 01:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2016-04-14 04:30 - 2015-12-16 15:16 - 00136704 _____ () C:\Users\Sova\AppData\Local\SmartGenius\resources\app\Protocol\Platform\win32\Release\ia32_hidWin.node
2016-04-14 04:30 - 2015-12-16 15:16 - 00102912 _____ () C:\Users\Sova\AppData\Local\SmartGenius\resources\app\Protocol\Platform\win32\Release\ia32_driverWin.node
2016-04-14 04:30 - 2015-12-16 15:16 - 00123904 _____ () C:\Users\Sova\AppData\Local\SmartGenius\resources\app\Protocol\Platform\win32\Release\ia32_sysWin.node
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-08-27 18:57 - 2016-02-02 10:13 - 00312744 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll
2016-08-27 18:57 - 2016-02-03 05:48 - 09266600 _____ () C:\Program Files\Maxthon\Core\Blink\plugins\pdf.dll
2016-08-27 18:57 - 2016-04-05 13:31 - 16393032 _____ () C:\Program Files\Maxthon\Core\Blink\plugins\pepflashplayer.dll
2016-08-27 18:57 - 2016-02-02 10:13 - 00312744 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll
2016-08-27 18:57 - 2016-02-03 05:48 - 02354488 _____ () C:\Program Files\Maxthon\Core\Blink\ffmpegsumo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [137]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-375019350-2769613817-936794790-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FDCB301B-3CA5-40B3-914F-BE5F3E85BED2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{006AF40C-10A5-433E-A548-9B0174DBAFBD}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9B600EEF-31DD-4624-9D12-6FB5A7B0ED8B}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBB31F55-D09A-4202-96BC-33FD5F8F2B44}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9F5BA603-A3ED-4C19-AFA3-F659A0BD38C2}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32D5D3A7-DB22-4213-83ED-D59F8FABD032}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFEB921D-7199-48D7-B170-5647840B5A8F}] => (Allow) C:\Users\Sova\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{61349E0E-8672-4C55-B2BD-AF083FD26ED9}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [UDP Query User{3203277B-48AD-47F9-9682-DE581CDF6192}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [{92371D6C-9798-41D0-A3A8-C638D4366D4C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EB23EED1-B99F-4505-9C28-20F808F69BBC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{03DC4ECE-FE00-4314-AFF3-FE3AB0B9FEE5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{26A34F17-9A47-4AB9-A18A-EEE8CD3D5196}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{F69C139A-82D3-4A58-86B7-25050B9B77CD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{EB42BE8F-BB1B-4B4D-8C59-8C3095E1CB21}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FB36D5F5-EF96-41D2-BA4A-0C7A45BC3BDC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A279C2D5-F000-4EC5-9000-6B96601FDB9A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A4795FEA-A2E5-4918-BED4-6316FC7AD276}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{56A52144-2CC8-4D51-B480-C5E4AB838288}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2F0013BD-18F7-4D20-98BC-954CC4C71EFF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{DE949977-70D4-46FD-93B8-EE223A764BB8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{50378D3F-56CD-45FC-8BD9-2B6EFFE1EADF}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{7CB738FC-E07A-4D1A-BE72-4F8F5F47659B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{9E58750C-413D-4B6A-978E-63FD1FA036AD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{24BC6C8A-09B4-4479-B39F-EB28CC19A68D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{178784A5-BCC8-48AD-94C0-045E5B4607E7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FADED634-31DB-4A9F-AD51-54BE2D618E13}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{4D6D21FC-7806-47F4-AD78-EFB15B1ED399}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B3D7CD7D-5DAF-4CF6-9395-1AD4ACEFE28D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B79445F9-895D-492F-9D15-27E100FF4354}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A7464464-D5DF-4AA1-9700-1134D6A4AF6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{649C68F1-F8CE-4FF6-9D62-4AB9E1732361}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E2ACCF44-724E-491D-8EB0-814238F14DD2}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{62C5A24B-7D27-4288-8755-9FB8EF2E384B}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [TCP Query User{4737BF70-A7DF-410E-9998-B181BE0AC23E}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe
FirewallRules: [UDP Query User{D2BAFD9B-E18D-40CD-8743-302C5D05C0A1}C:\program files\maxthon\bin\maxthon.exe] => (Allow) C:\program files\maxthon\bin\maxthon.exe

==================== Restore Points =========================

02-09-2016 22:05:07 Configured PartitionMagic
02-09-2016 22:06:30 Revo Uninstaller's restore point - Remo Recover 4.0
02-09-2016 22:07:41 Revo Uninstaller's restore point - SysTools PenDrive Recovery v1.1
02-09-2016 22:08:48 Revo Uninstaller's restore point - UFS Explorer RAID Recovery, version 5.19
02-09-2016 22:09:48 Revo Uninstaller's restore point - USB Disk Storage Format Tool 5.1
03-09-2016 08:29:29 Revo Uninstaller's restore point - SrpnFiles
03-09-2016 11:12:07 Revo Uninstaller's restore point - R-Studio 8.0
03-09-2016 11:14:01 Revo Uninstaller's restore point - Recuva
03-09-2016 11:16:34 Revo Uninstaller's restore point - MiniTool Power Data Recovery Free Edition 7.0
03-09-2016 11:18:26 Revo Uninstaller's restore point - Shop for HP Supplies
03-09-2016 11:24:10 Revo Uninstaller's restore point - HP Solution Center 13.0
03-09-2016 11:39:01 Revo Uninstaller's restore point - HP Customer Participation Program 13.0
03-09-2016 11:47:15 Revo Uninstaller's restore point - HP Photosmart Essential 3.5
03-09-2016 11:48:32 Revo Uninstaller's restore point - HP Imaging Device Functions 13.0
03-09-2016 11:57:54 Revo Uninstaller's restore point - HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
03-09-2016 12:00:02 Revo Uninstaller's restore point - HP Imaging Device Functions 13.0
03-09-2016 12:01:34 Revo Uninstaller's restore point - HP Smart Web Printing 4.51
03-09-2016 12:03:44 Revo Uninstaller's restore point - HP Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2016 12:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqtra08.exe, verze: 130.0.422.0, časové razítko: 0x4ab683ef
Název chybujícího modulu: hpqtra08.exe, verze: 130.0.422.0, časové razítko: 0x4ab683ef
Kód výjimky: 0xc0000005
Posun chyby: 0x0000d01e
ID chybujícího procesu: 0xbf0
Čas spuštění chybující aplikace: 0x01d205cfa6fadfce
Cesta k chybující aplikaci: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Cesta k chybujícímu modulu: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
ID zprávy: 5cdb69a1-71c3-11e6-9308-001d604d90ae

Error: (09/03/2016 12:44:13 PM) (Source: MsiInstaller) (EventID: 11706) (User: Sova-PC)
Description: Product: HPPhotosmartEssential -- Error 1706. An installation package for the product HPPhotosmartEssential cannot be found. Try the installation again using a valid copy of the installation package 'HPPhotosmartEssential.msi'.

Error: (09/03/2016 11:57:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0529d746-5eee-4a55-a5f5-9b6851d836a4}

Error: (09/03/2016 11:56:50 AM) (Source: MsiInstaller) (EventID: 11706) (User: Sova-PC)
Description: Product: HPPhotosmartEssential -- Error 1706. An installation package for the product HPPhotosmartEssential cannot be found. Try the installation again using a valid copy of the installation package 'HPPhotosmartEssential.msi'.

Error: (09/03/2016 11:39:01 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {dba5bf61-64f6-4661-8535-2449898eaa2e}

Error: (09/03/2016 11:12:06 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {f24a6274-3c47-48a7-afb3-9f7037d1ebf2}

Error: (09/03/2016 08:36:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23418 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1a0

Čas spuštění: 01d205ad3020bc11

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: aed6b892-71a0-11e6-be89-001d604d90ae

Error: (09/03/2016 08:29:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {eefa6988-3526-4762-a049-34cf310a2aa2}

Error: (09/02/2016 10:09:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary PQNTDrv.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (09/02/2016 10:08:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary PQNTDrv.

System Error:
Systém nemůže nalézt uvedený soubor.
.


System errors:
=============
Error: (09/03/2016 01:41:54 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:54 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:50 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.

Error: (09/03/2016 01:41:50 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Struktura systému souborů disku je poškozená a je nepoužitelná.
Je nutné na svazek G: spustit nástroj chkdsk.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55
Percentage of memory in use: 61%
Total physical RAM: 3071.21 MB
Available physical RAM: 1182.4 MB
Total Virtual: 6140.75 MB
Available Virtual: 4424.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:81.26 GB) (Free:20.8 GB) NTFS
Drive d: (DATA) (Fixed) (Total:67.69 GB) (Free:27.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=81.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=67.7 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Co ten nelegální Eset?

Rudy píše:Co ten nelegální Eset?

Ten mi tam instaloval ten člověk co mi nahrával windows...
Nicméně já už ESET nemám, odinstaloval jsem ho a štve mne, že se tam nějaké zbytky programu objevují.

bylo by možné to přes Vás také smazat?

Používám Kaspersky

Ten ESET už v počítači opravdu není, nebyl jsem s tím spokojen a s nelegalním softwarem jsou vždy problémy

OK, to mohu. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
S2 .EsetTrialReset; C:\Windows\system32\regedt32.exe /s C:\Windows\esettrialreset.reg
C:\Users\Sova\AppData\Local\Temp
Task: {015D653A-16A5-4FEA-B0BD-22D25B530EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {05ADE4C1-F4EF-48BB-A0DA-153DF345EC8D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {64E11E69-1571-44F3-A435-05DCF2CAE256} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7DBA337F-92E4-457B-A3CC-61BDA54AC50F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C9385825-55AD-4A2A-BC01-74950EBDE4F5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F4FE170E-D9CA-4E36-970B-D4F5392E6843} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FD03B01E-F365-4005-A43B-0A768D85B7B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD0B75D2-D2FF-4F43-AAA7-78FDDA0310F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FE82B8AF-1D27-46A0-BC98-A7B3BB82F0AE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Sova\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [137]
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Mohu poprosit o smazání zbytku Hewlett-Packard programů?Odinstaloval jsem je ale při startu systemu se pořád něco od HP instaluje. Jinak domovská stránka už v pořádku

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Sova (03-09-2016 19:34:29) Run:1
Running from C:\Users\Sova\Desktop
Loaded Profiles: Sova (Available Profiles: Sova)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
S2 .EsetTrialReset; C:\Windows\system32\regedt32.exe /s C:\Windows\esettrialreset.reg
C:\Users\Sova\AppData\Local\Temp
Task: {015D653A-16A5-4FEA-B0BD-22D25B530EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {05ADE4C1-F4EF-48BB-A0DA-153DF345EC8D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {64E11E69-1571-44F3-A435-05DCF2CAE256} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7DBA337F-92E4-457B-A3CC-61BDA54AC50F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C9385825-55AD-4A2A-BC01-74950EBDE4F5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F4FE170E-D9CA-4E36-970B-D4F5392E6843} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FD03B01E-F365-4005-A43B-0A768D85B7B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FD0B75D2-D2FF-4F43-AAA7-78FDDA0310F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FE82B8AF-1D27-46A0-BC98-A7B3BB82F0AE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Sova\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Sova\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
ShortcutWithArgument: C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74"
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [137]
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value removed successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully.
.EsetTrialReset => service removed successfully.

"C:\Users\Sova\AppData\Local\Temp" folder move:

Could not move "C:\Users\Sova\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{015D653A-16A5-4FEA-B0BD-22D25B530EEF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{015D653A-16A5-4FEA-B0BD-22D25B530EEF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05ADE4C1-F4EF-48BB-A0DA-153DF345EC8D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05ADE4C1-F4EF-48BB-A0DA-153DF345EC8D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64E11E69-1571-44F3-A435-05DCF2CAE256}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64E11E69-1571-44F3-A435-05DCF2CAE256}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DBA337F-92E4-457B-A3CC-61BDA54AC50F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DBA337F-92E4-457B-A3CC-61BDA54AC50F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9385825-55AD-4A2A-BC01-74950EBDE4F5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9385825-55AD-4A2A-BC01-74950EBDE4F5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4FE170E-D9CA-4E36-970B-D4F5392E6843}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4FE170E-D9CA-4E36-970B-D4F5392E6843}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD03B01E-F365-4005-A43B-0A768D85B7B6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD03B01E-F365-4005-A43B-0A768D85B7B6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD0B75D2-D2FF-4F43-AAA7-78FDDA0310F5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD0B75D2-D2FF-4F43-AAA7-78FDDA0310F5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE82B8AF-1D27-46A0-BC98-A7B3BB82F0AE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE82B8AF-1D27-46A0-BC98-A7B3BB82F0AE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
C:\Users\Sova\Desktop\Tor Browser\Start Tor Browser.lnk => Shortcut argument removed successfully..
Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74" => Error: No automatic fix found for this entry.
Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472847150&a=1003624&src=sh&uuid=0ec1f79f-ce33-4e3b-a5e1-ba7908012f74" => Error: No automatic fix found for this entry.
C:\Users\Sova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument restored successfully
C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument removed successfully..
C:\Users\Sova\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Maxthon Cloud Browser.lnk => Shortcut argument removed successfully..
C:\ProgramData\TEMP => ":6DDED7D9" ADS removed successfully..

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-09-2016 19:36:56)

C:\Users\Sova\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:36:56 ====

Smazáno. Nastala nějaká změna?

Rudy píše:Smazáno. Nastala nějaká změna?

Ano zdá se to v pořádku

Akorát mám problém při spuštění s HP Photosmart essential který jsem odinstaloval, stale se otvirají nějaká okna s instalací.

l\Temp\7zS6293\setup\HPPhotoSmartEssential\

Šlo by to ještě smazat?

To by mělo jít i ručně. Zkuste to.

V Program files to nejde odstranit protože je to otevřené v jiném programu (nevím v kterém ale)
Nemužete mi s tím pomoct? já to normálně v Revu odinstaloval

Bohužel Safesurf domovská stránka opět nabihá

Zkusíme ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.