Zdravím, prosím o preventivní kontrolu.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2013-07-03 12:01:12
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 61 GB (59%) free of 102 GB
Total RAM: 3071 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:01:20, on 3.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_S67FF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10995 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2008
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c89fc272-35c9-4119-8a45-d2b167000143 -SystemEventPortName:HostProcess-c4bb2aaa-8845-43c4-976c-79852d1be171 -IoCancelEventPortName:HostProcess-11945f14-51d4-4da5-b0d9-047e477d2252 -NonStateChangingEventPortName:HostProcess-bad7ff11-5652-46e0-88b9-06fc7f82222c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3dc0da29-1aa4-4393-95f1-627fadb2cadf -DeviceGroupId:WpdFsGroup
taskhost.exe USER
"C:\Windows\system32\Dwm.exe"
taskeng.exe {A7A87B0C-E944-4877-B0CF-99D1BCCC16B1}
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\Explorer.EXE
ATKOSD.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\QIP 2012\qip.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2224.0.393596201\421156418" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.7000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.1.724862941\2050566866" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.2.1617205502\1214617445" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.3.1517101984\1444134686" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.4.601753525\413150421" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.5.235791462\1032653473" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.6.145377785\305314468" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="2224.9.1132188937\1594450252" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.10.870312043\4122498" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.11.1253458791\1846326864" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.12.1899974700\746672287" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2224.18.545631685\45667498" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\notepad.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.25.1573372636\208940590" /prefetch:673131151
C:\Windows\splwow64.exe 8192
"C:\Windows\system32\NOTEPAD.EXE" D:\texty pedrouš.txt
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SendFeedbackLinkLocation/default/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.41.1511810302\917070043" /prefetch:673131151
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SendFeedbackLinkLocation/default/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2224.49.1212363454\1856656322" /prefetch:673131151
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-16 553376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-16 211360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [2007-03-01 211456]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-06-07 1641896]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-06-06 19676256]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-07-03 12:01:12 ----D---- C:\rsit
2013-07-02 23:22:22 ----D---- C:\Users\Michal\AppData\Roaming\Windows Live Writer
2013-07-02 21:29:57 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-02 21:29:53 ----D---- C:\Program Files\Microsoft Security Client
2013-07-02 19:34:31 ----D---- C:\Users\Michal\AppData\Roaming\Notepad++
2013-07-02 19:34:31 ----D---- C:\Program Files (x86)\Notepad++
2013-07-01 20:43:29 ----D---- C:\Users\Michal\AppData\Roaming\.technic
2013-07-01 17:39:51 ----D---- C:\Program Files\Microsoft Games
2013-06-29 16:55:44 ----D---- C:\Users\Michal\AppData\Roaming\NuGet
2013-06-28 20:56:54 ----D---- C:\Program Files\trend micro
2013-06-28 20:28:39 ----D---- C:\Users\Michal\AppData\Roaming\BatteryBar
2013-06-28 19:23:34 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-06-28 19:17:48 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2013-06-28 19:16:46 ----D---- C:\Program Files\Microsoft
2013-06-28 19:16:00 ----D---- C:\Program Files\IIS Express
2013-06-28 19:16:00 ----D---- C:\Program Files (x86)\IIS Express
2013-06-28 19:14:44 ----D---- C:\Program Files\IIS
2013-06-28 19:14:43 ----D---- C:\Program Files (x86)\IIS
2013-06-28 19:10:43 ----D---- C:\Program Files (x86)\Windows Kits
2013-06-28 19:02:28 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2013-06-28 19:01:01 ----D---- C:\Windows\SYSWOW64\1033
2013-06-28 19:00:40 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-06-28 19:00:39 ----D---- C:\Program Files\Microsoft SQL Server
2013-06-28 18:54:06 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-28 18:54:02 ----D---- C:\Windows\system32\1033
2013-06-28 18:53:49 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:28:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-28 18:28:08 ----D---- C:\ProgramData\Package Cache
2013-06-28 12:06:57 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-28 12:06:57 ----HD---- C:\ProgramData\Common Files
2013-06-27 10:35:20 ----D---- C:\Users\Michal\AppData\Roaming\WebcamMax
2013-06-27 10:35:20 ----D---- C:\ProgramData\WebcamMax
2013-06-27 10:34:26 ----D---- C:\Program Files (x86)\WebcamMax
2013-06-26 13:42:06 ----D---- C:\Program Files (x86)\Pando Networks
2013-06-23 15:43:36 ----D---- C:\drivers
2013-06-22 20:41:11 ----D---- C:\Users\Michal\AppData\Roaming\.minecraft
2013-06-19 15:27:47 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-18 17:43:22 ----D---- C:\Program Files (x86)\Google
2013-06-18 12:40:59 ----D---- C:\ProgramData\PMB Files
2013-06-17 20:43:01 ----D---- C:\Users\Michal\AppData\Roaming\.purple
2013-06-17 20:42:15 ----D---- C:\Program Files (x86)\Pidgin
2013-06-16 16:13:53 ----D---- C:\Program Files\Windows Live
2013-06-16 16:09:54 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-06-16 16:09:23 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-06-16 15:58:07 ----D---- C:\Users\Michal\AppData\Roaming\Opera Software
2013-06-16 15:58:00 ----D---- C:\Program Files (x86)\Opera Next
2013-06-16 14:46:36 ----D---- C:\Program Files\Recuva
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 15:23:13 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 15:23:13 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 15:23:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 15:23:11 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 15:23:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 15:23:10 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 15:23:09 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 15:23:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 15:23:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 15:23:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 15:23:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 15:23:03 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 15:16:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-12 15:16:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-12 15:16:58 ----A---- C:\Windows\system32\urlmon.dll
2013-06-12 15:16:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-12 15:16:57 ----A---- C:\Windows\system32\iertutil.dll
2013-06-12 15:16:56 ----A---- C:\Windows\system32\ieui.dll
2013-06-12 15:16:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-12 15:16:54 ----A---- C:\Windows\system32\ieframe.dll
2013-06-12 15:16:50 ----A---- C:\Windows\system32\mshtml.dll
2013-06-12 15:16:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-12 15:16:41 ----D---- C:\Program Files\Sublime Text 2
2013-06-12 15:10:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 15:10:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 15:10:03 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 15:09:46 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 15:09:46 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 15:09:41 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 15:09:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 15:09:40 ----A---- C:\Windows\system32\d3d11.dll
2013-06-12 15:09:39 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 15:09:34 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 15:09:34 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 15:09:33 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 15:09:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 15:09:32 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 15:09:32 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 15:09:31 ----A---- C:\Windows\system32\certenc.dll
2013-06-09 19:53:16 ----A---- C:\Windows\SYSWOW64\atl110.dll
2013-06-09 15:59:36 ----A---- C:\Windows\system32\atl110.dll
2013-06-09 13:56:06 ----D---- C:\Users\Michal\AppData\Roaming\NuSphere
2013-06-09 13:55:04 ----A---- C:\Windows\SYSWOW64\midas.dll
2013-06-09 13:53:12 ----D---- C:\ProgramData\StarApp
2013-06-09 13:00:37 ----D---- C:\ProgramData\InstallMate
2013-06-08 21:41:38 ----D---- C:\Program Files (x86)\Zend
2013-06-08 21:28:27 ----D---- C:\Program Files (x86)\Foxit Software
2013-06-07 23:38:39 ----A---- C:\Windows\SYSWOW64\esint7e.dll
2013-06-07 23:38:31 ----D---- C:\Program Files (x86)\epson
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxwiaml.dll
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxwia7e.dll
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxuin7e.dll
======List of files/folders modified in the last 1 months======
2013-07-03 12:01:03 ----D---- C:\Windows\Temp
2013-07-03 11:46:54 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-07-03 10:53:04 ----SHD---- C:\Windows\Installer
2013-07-03 10:49:33 ----D---- C:\Windows\system32\config
2013-07-03 10:48:52 ----RD---- C:\Program Files (x86)
2013-07-03 10:41:32 ----D---- C:\Windows\System32
2013-07-03 10:41:32 ----D---- C:\Windows\inf
2013-07-03 10:41:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-03 10:35:43 ----D---- C:\Program Files (x86)\Steam
2013-07-03 00:10:54 ----D---- C:\Windows\system32\catroot
2013-07-02 21:43:40 ----D---- C:\Windows\winsxs
2013-07-02 21:32:15 ----SHD---- C:\System Volume Information
2013-07-02 21:29:59 ----D---- C:\Windows\system32\drivers
2013-07-02 21:29:53 ----RD---- C:\Program Files
2013-07-02 21:29:04 ----HD---- C:\ProgramData
2013-07-02 21:28:51 ----D---- C:\Windows
2013-07-02 21:28:33 ----D---- C:\Windows\system32\DriverStore
2013-07-02 21:25:54 ----D---- C:\ProgramData\Skype
2013-07-02 20:27:21 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2013-07-02 16:54:55 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2013-07-02 12:23:56 ----D---- C:\Windows\Microsoft.NET
2013-07-02 12:23:54 ----RSD---- C:\Windows\assembly
2013-07-02 12:14:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-07-02 12:10:05 ----SD---- C:\ProgramData\Microsoft
2013-07-02 12:09:52 ----D---- C:\Windows\SysWOW64
2013-07-02 12:09:41 ----D---- C:\Program Files (x86)\MSBuild
2013-07-02 11:58:54 ----D---- C:\Program Files (x86)\Common Files
2013-07-01 17:39:55 ----D---- C:\Windows\system32\cs-CZ
2013-06-29 16:14:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-29 16:09:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-29 16:09:39 ----D---- C:\Windows\system32\en-US
2013-06-28 20:52:02 ----D---- C:\Windows\system32\catroot2
2013-06-28 20:10:43 ----D---- C:\Users\Michal\AppData\Roaming\Media Player Classic
2013-06-28 20:09:33 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2013-06-28 20:09:32 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-06-28 20:09:18 ----D---- C:\Windows\Panther
2013-06-28 20:09:16 ----D---- C:\Windows\Logs
2013-06-28 20:09:16 ----D---- C:\Windows\debug
2013-06-28 19:40:53 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-28 19:10:59 ----RSD---- C:\Windows\Fonts
2013-06-28 18:38:51 ----D---- C:\Windows\SoftwareDistribution
2013-06-27 16:30:57 ----D---- C:\Windows\ShellNew
2013-06-26 23:08:21 ----D---- C:\Windows\Prefetch
2013-06-26 22:52:48 ----D---- C:\Windows\SYSWOW64\directx
2013-06-24 19:40:50 ----D---- C:\Windows\rescache
2013-06-24 11:28:38 ----SHD---- C:\$Recycle.Bin
2013-06-23 15:43:11 ----D---- C:\Windows\system32\NDF
2013-06-23 10:42:12 ----D---- C:\Windows\Tasks
2013-06-23 10:42:12 ----D---- C:\Windows\system32\Tasks
2013-06-23 10:41:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-19 19:39:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-19 19:15:33 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-06-19 15:27:42 ----D---- C:\Program Files (x86)\Java
2013-06-19 10:33:59 ----D---- C:\Program Files (x86)\QIP 2012
2013-06-18 18:59:02 ----D---- C:\Windows\SYSWOW64\drivers
2013-06-16 16:25:20 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-06-16 16:15:19 ----D---- C:\Program Files (x86)\Windows Live
2013-06-16 15:34:58 ----D---- C:\Users\Michal\AppData\Roaming\WinRAR
2013-06-12 23:07:24 ----D---- C:\Program Files\Internet Explorer
2013-06-12 23:07:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-12 21:48:23 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-12 21:48:17 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-12 15:24:24 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 15:08:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-12 15:08:04 ----RD---- C:\Program Files (x86)\Skype
2013-06-08 16:38:48 ----D---- C:\Users\Michal\AppData\Roaming\Foxit Software
2013-06-07 23:38:31 ----D---- C:\Windows\twain_32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-05-16 564824]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-21 1799680]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 avp4wvg9;avp4wvg9; C:\Windows\system32\drivers\avp4wvg9.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 X6va012;X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-07 543656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-18 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-12 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivní kontrola
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivní kontrola
# AdwCleaner v2.303 - Log vytvooen 03/07/2013 v 12:28:00
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - K50AD
# Spuštin systém : Normální
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\InstallMate
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\oxslnhnc.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v28.0.1500.63
Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Michal\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1173 octets] - [03/07/2013 12:28:00]
########## EOF - C:\AdwCleaner[R1].txt - [1233 octets] ##########
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - K50AD
# Spuštin systém : Normální
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\InstallMate
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\oxslnhnc.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v28.0.1500.63
Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Michal\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1173 octets] - [03/07/2013 12:28:00]
########## EOF - C:\AdwCleaner[R1].txt - [1233 octets] ##########
Re: preventivní kontrola
Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivní kontrola
# AdwCleaner v2.303 - Log vytvooen 03/07/2013 v 12:32:38
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - K50AD
# Spuštin systém : Normální
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\ProgramData\InstallMate
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\oxslnhnc.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v28.0.1500.63
Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Michal\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1302 octets] - [03/07/2013 12:28:00]
AdwCleaner[S1].txt - [1291 octets] - [03/07/2013 12:32:38]
########## EOF - C:\AdwCleaner[S1].txt - [1351 octets] ##########
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - K50AD
# Spuštin systém : Normální
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\ProgramData\InstallMate
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\oxslnhnc.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v28.0.1500.63
Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Michal\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1302 octets] - [03/07/2013 12:28:00]
AdwCleaner[S1].txt - [1291 octets] - [03/07/2013 12:32:38]
########## EOF - C:\AdwCleaner[S1].txt - [1351 octets] ##########
Re: preventivní kontrola
Najdete tento soubor C:\Program Files\trend micro\Michal.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravceKliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko
Kód: Vybrat vše
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
:services
X6va012
Skype C2C Service
gupdate
SkypeUpdate
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\ProgramData\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000UA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"SunJavaUpdateSched"=-
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivní kontrola
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Michal
->Temp folder emptied: 716285347 bytes
->Temporary Internet Files folder emptied: 4256789 bytes
->Java cache emptied: 987472 bytes
->FireFox cache emptied: 17677910 bytes
->Google Chrome cache emptied: 481329314 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 58405 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80468905 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 241,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service X6va012 stopped successfully!
Service X6va012 deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\ProgramData\Skype\Toolbars\Skype C2C Service folder moved successfully.
C:\ProgramData\Skype\Toolbars folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000UA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveSync deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 07032013_124259
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Michal
->Temp folder emptied: 716285347 bytes
->Temporary Internet Files folder emptied: 4256789 bytes
->Java cache emptied: 987472 bytes
->FireFox cache emptied: 17677910 bytes
->Google Chrome cache emptied: 481329314 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 58405 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80468905 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 241,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service X6va012 stopped successfully!
Service X6va012 deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\ProgramData\Skype\Toolbars\Skype C2C Service folder moved successfully.
C:\ProgramData\Skype\Toolbars folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983528358-499442816-1998290867-1000UA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveSync deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 07032013_124259
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Re: preventivní kontrola
Dejte novy log z RSIT
Je s pc nejaky problem, nebo jde ciste jen o prevenci?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivní kontrola
Problémy nejsou, jen jsem se chtěl ujistit zda je vše v pořádku.
Log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2013-07-03 12:51:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (60%) free of 102 GB
Total RAM: 3071 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:10, on 3.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_S67FF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8527 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
taskeng.exe {E44C1737-4D65-4101-B37E-F3F7A59C148C}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
taskeng.exe {1882294A-7B2E-4112-BBFB-1638067BAA83}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2480
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a03223d7-2a1c-4094-afa3-c046584cbb40 -SystemEventPortName:HostProcess-6091b150-784a-4c41-938b-8f3ba7856c71 -IoCancelEventPortName:HostProcess-93dc4ba5-5a73-4d00-bb32-3e9a4e5ac598 -NonStateChangingEventPortName:HostProcess-41a4cf92-7c87-415f-93fb-4b4cc7bdaf77 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5c60305d-77ea-434e-be51-78969f5284f1 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3664.0.2002432776\1221182279" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.7000 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.3.494849150\1946427278" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.4.761989577\780637598" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.5.2036084548\1731274060" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.6.418619927\1688811967" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.7.933830729\1231393057" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.8.1120132637\1173098862" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3664.11.569925008\1956266500" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.12.1960378467\452454081" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe"
C:\Windows\system32\sppsvc.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="3664.20.1097573692\2076283710" /prefetch:673131151
wmiadap.exe /F /T /R
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Michal\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-16 553376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-16 211360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [2007-03-01 211456]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-06-07 1641896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-07-03 12:42:59 ----D---- C:\_OTM
2013-07-03 12:32:38 ----A---- C:\AdwCleaner[S1].txt
2013-07-03 12:28:00 ----A---- C:\AdwCleaner[R1].txt
2013-07-03 12:01:12 ----D---- C:\rsit
2013-07-02 23:22:22 ----D---- C:\Users\Michal\AppData\Roaming\Windows Live Writer
2013-07-02 21:29:57 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-02 21:29:53 ----D---- C:\Program Files\Microsoft Security Client
2013-07-02 19:34:31 ----D---- C:\Users\Michal\AppData\Roaming\Notepad++
2013-07-02 19:34:31 ----D---- C:\Program Files (x86)\Notepad++
2013-07-01 20:43:29 ----D---- C:\Users\Michal\AppData\Roaming\.technic
2013-07-01 17:39:51 ----D---- C:\Program Files\Microsoft Games
2013-06-29 16:55:44 ----D---- C:\Users\Michal\AppData\Roaming\NuGet
2013-06-28 20:56:54 ----D---- C:\Program Files\trend micro
2013-06-28 20:28:39 ----D---- C:\Users\Michal\AppData\Roaming\BatteryBar
2013-06-28 19:23:34 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-06-28 19:17:48 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2013-06-28 19:16:46 ----D---- C:\Program Files\Microsoft
2013-06-28 19:16:00 ----D---- C:\Program Files\IIS Express
2013-06-28 19:16:00 ----D---- C:\Program Files (x86)\IIS Express
2013-06-28 19:14:44 ----D---- C:\Program Files\IIS
2013-06-28 19:14:43 ----D---- C:\Program Files (x86)\IIS
2013-06-28 19:10:43 ----D---- C:\Program Files (x86)\Windows Kits
2013-06-28 19:02:28 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2013-06-28 19:01:01 ----D---- C:\Windows\SYSWOW64\1033
2013-06-28 19:00:40 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-06-28 19:00:39 ----D---- C:\Program Files\Microsoft SQL Server
2013-06-28 18:54:06 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-28 18:54:02 ----D---- C:\Windows\system32\1033
2013-06-28 18:53:49 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:28:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-28 18:28:08 ----D---- C:\ProgramData\Package Cache
2013-06-28 12:06:57 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-28 12:06:57 ----HD---- C:\ProgramData\Common Files
2013-06-27 10:35:20 ----D---- C:\Users\Michal\AppData\Roaming\WebcamMax
2013-06-27 10:35:20 ----D---- C:\ProgramData\WebcamMax
2013-06-27 10:34:26 ----D---- C:\Program Files (x86)\WebcamMax
2013-06-26 13:42:06 ----D---- C:\Program Files (x86)\Pando Networks
2013-06-23 15:43:36 ----D---- C:\drivers
2013-06-22 20:41:11 ----D---- C:\Users\Michal\AppData\Roaming\.minecraft
2013-06-19 15:27:47 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-18 17:43:22 ----D---- C:\Program Files (x86)\Google
2013-06-18 12:40:59 ----D---- C:\ProgramData\PMB Files
2013-06-17 20:43:01 ----D---- C:\Users\Michal\AppData\Roaming\.purple
2013-06-17 20:42:15 ----D---- C:\Program Files (x86)\Pidgin
2013-06-16 16:13:53 ----D---- C:\Program Files\Windows Live
2013-06-16 16:09:54 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-06-16 16:09:23 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-06-16 15:58:07 ----D---- C:\Users\Michal\AppData\Roaming\Opera Software
2013-06-16 15:58:00 ----D---- C:\Program Files (x86)\Opera Next
2013-06-16 14:46:36 ----D---- C:\Program Files\Recuva
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 15:23:13 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 15:23:13 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 15:23:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 15:23:11 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 15:23:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 15:23:10 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 15:23:09 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 15:23:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 15:23:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 15:23:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 15:23:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 15:23:03 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 15:16:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-12 15:16:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-12 15:16:58 ----A---- C:\Windows\system32\urlmon.dll
2013-06-12 15:16:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-12 15:16:57 ----A---- C:\Windows\system32\iertutil.dll
2013-06-12 15:16:56 ----A---- C:\Windows\system32\ieui.dll
2013-06-12 15:16:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-12 15:16:54 ----A---- C:\Windows\system32\ieframe.dll
2013-06-12 15:16:50 ----A---- C:\Windows\system32\mshtml.dll
2013-06-12 15:16:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-12 15:16:41 ----D---- C:\Program Files\Sublime Text 2
2013-06-12 15:10:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 15:10:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 15:10:03 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 15:09:46 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 15:09:46 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 15:09:41 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 15:09:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 15:09:40 ----A---- C:\Windows\system32\d3d11.dll
2013-06-12 15:09:39 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 15:09:34 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 15:09:34 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 15:09:33 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 15:09:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 15:09:32 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 15:09:32 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 15:09:31 ----A---- C:\Windows\system32\certenc.dll
2013-06-09 19:53:16 ----A---- C:\Windows\SYSWOW64\atl110.dll
2013-06-09 15:59:36 ----A---- C:\Windows\system32\atl110.dll
2013-06-09 13:56:06 ----D---- C:\Users\Michal\AppData\Roaming\NuSphere
2013-06-09 13:55:04 ----A---- C:\Windows\SYSWOW64\midas.dll
2013-06-09 13:53:12 ----D---- C:\ProgramData\StarApp
2013-06-08 21:41:38 ----D---- C:\Program Files (x86)\Zend
2013-06-08 21:28:27 ----D---- C:\Program Files (x86)\Foxit Software
2013-06-07 23:38:39 ----A---- C:\Windows\SYSWOW64\esint7e.dll
2013-06-07 23:38:31 ----D---- C:\Program Files (x86)\epson
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxwiaml.dll
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxwia7e.dll
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxuin7e.dll
======List of files/folders modified in the last 1 months======
2013-07-03 12:48:27 ----D---- C:\Windows\Temp
2013-07-03 12:46:52 ----D---- C:\Program Files (x86)\Steam
2013-07-03 12:44:58 ----D---- C:\Windows\system32\config
2013-07-03 12:44:36 ----D---- C:\Windows\Tasks
2013-07-03 12:44:36 ----D---- C:\ProgramData\Skype
2013-07-03 12:44:13 ----SHD---- C:\System Volume Information
2013-07-03 12:43:47 ----D---- C:\Windows\system32\drivers\etc
2013-07-03 12:42:25 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-07-03 12:41:25 ----D---- C:\Windows\System32
2013-07-03 12:41:25 ----D---- C:\Windows\inf
2013-07-03 12:41:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-03 12:33:02 ----HD---- C:\ProgramData
2013-07-03 10:53:04 ----SHD---- C:\Windows\Installer
2013-07-03 10:48:52 ----RD---- C:\Program Files (x86)
2013-07-03 00:10:54 ----D---- C:\Windows\system32\catroot
2013-07-02 21:43:40 ----D---- C:\Windows\winsxs
2013-07-02 21:29:59 ----D---- C:\Windows\system32\drivers
2013-07-02 21:29:53 ----RD---- C:\Program Files
2013-07-02 21:28:51 ----D---- C:\Windows
2013-07-02 21:28:33 ----D---- C:\Windows\system32\DriverStore
2013-07-02 20:27:21 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2013-07-02 16:54:55 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2013-07-02 12:23:56 ----D---- C:\Windows\Microsoft.NET
2013-07-02 12:23:54 ----RSD---- C:\Windows\assembly
2013-07-02 12:14:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-07-02 12:10:05 ----SD---- C:\ProgramData\Microsoft
2013-07-02 12:09:52 ----D---- C:\Windows\SysWOW64
2013-07-02 12:09:41 ----D---- C:\Program Files (x86)\MSBuild
2013-07-02 11:58:54 ----D---- C:\Program Files (x86)\Common Files
2013-07-01 17:39:55 ----D---- C:\Windows\system32\cs-CZ
2013-06-29 16:14:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-29 16:09:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-29 16:09:39 ----D---- C:\Windows\system32\en-US
2013-06-28 20:52:02 ----D---- C:\Windows\system32\catroot2
2013-06-28 20:10:43 ----D---- C:\Users\Michal\AppData\Roaming\Media Player Classic
2013-06-28 20:09:33 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2013-06-28 20:09:32 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-06-28 20:09:18 ----D---- C:\Windows\Panther
2013-06-28 20:09:16 ----D---- C:\Windows\Logs
2013-06-28 20:09:16 ----D---- C:\Windows\debug
2013-06-28 19:40:53 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-28 19:10:59 ----RSD---- C:\Windows\Fonts
2013-06-28 18:38:51 ----D---- C:\Windows\SoftwareDistribution
2013-06-27 16:30:57 ----D---- C:\Windows\ShellNew
2013-06-26 23:08:21 ----D---- C:\Windows\Prefetch
2013-06-26 22:52:48 ----D---- C:\Windows\SYSWOW64\directx
2013-06-24 19:40:50 ----D---- C:\Windows\rescache
2013-06-24 11:28:38 ----SHD---- C:\$Recycle.Bin
2013-06-23 15:43:11 ----D---- C:\Windows\system32\NDF
2013-06-23 10:42:12 ----D---- C:\Windows\system32\Tasks
2013-06-23 10:41:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-19 19:39:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-19 19:15:33 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-06-19 15:27:42 ----D---- C:\Program Files (x86)\Java
2013-06-19 10:33:59 ----D---- C:\Program Files (x86)\QIP 2012
2013-06-18 18:59:02 ----D---- C:\Windows\SYSWOW64\drivers
2013-06-16 16:25:20 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-06-16 16:15:19 ----D---- C:\Program Files (x86)\Windows Live
2013-06-16 15:34:58 ----D---- C:\Users\Michal\AppData\Roaming\WinRAR
2013-06-12 23:07:24 ----D---- C:\Program Files\Internet Explorer
2013-06-12 23:07:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-12 21:48:23 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-12 21:48:17 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-12 15:24:24 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 15:08:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-12 15:08:04 ----RD---- C:\Program Files (x86)\Skype
2013-06-08 16:38:48 ----D---- C:\Users\Michal\AppData\Roaming\Foxit Software
2013-06-07 23:38:31 ----D---- C:\Windows\twain_32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-05-16 564824]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-21 1799680]
S3 akk9v6h1;akk9v6h1; C:\Windows\system32\drivers\akk9v6h1.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-07 543656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-12 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2013-07-03 12:51:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (60%) free of 102 GB
Total RAM: 3071 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:10, on 3.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_S67FF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8527 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
taskeng.exe {E44C1737-4D65-4101-B37E-F3F7A59C148C}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
taskeng.exe {1882294A-7B2E-4112-BBFB-1638067BAA83}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2480
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a03223d7-2a1c-4094-afa3-c046584cbb40 -SystemEventPortName:HostProcess-6091b150-784a-4c41-938b-8f3ba7856c71 -IoCancelEventPortName:HostProcess-93dc4ba5-5a73-4d00-bb32-3e9a4e5ac598 -NonStateChangingEventPortName:HostProcess-41a4cf92-7c87-415f-93fb-4b4cc7bdaf77 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5c60305d-77ea-434e-be51-78969f5284f1 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3664.0.2002432776\1221182279" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.7000 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.3.494849150\1946427278" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.4.761989577\780637598" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.5.2036084548\1731274060" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.6.418619927\1688811967" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.7.933830729\1231393057" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.8.1120132637\1173098862" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3664.11.569925008\1956266500" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3664.12.1960378467\452454081" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe"
C:\Windows\system32\sppsvc.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="3664.20.1097573692\2076283710" /prefetch:673131151
wmiadap.exe /F /T /R
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Michal\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-16 553376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-16 211360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [2007-03-01 211456]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-06-07 1641896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-07-03 12:42:59 ----D---- C:\_OTM
2013-07-03 12:32:38 ----A---- C:\AdwCleaner[S1].txt
2013-07-03 12:28:00 ----A---- C:\AdwCleaner[R1].txt
2013-07-03 12:01:12 ----D---- C:\rsit
2013-07-02 23:22:22 ----D---- C:\Users\Michal\AppData\Roaming\Windows Live Writer
2013-07-02 21:29:57 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-02 21:29:53 ----D---- C:\Program Files\Microsoft Security Client
2013-07-02 19:34:31 ----D---- C:\Users\Michal\AppData\Roaming\Notepad++
2013-07-02 19:34:31 ----D---- C:\Program Files (x86)\Notepad++
2013-07-01 20:43:29 ----D---- C:\Users\Michal\AppData\Roaming\.technic
2013-07-01 17:39:51 ----D---- C:\Program Files\Microsoft Games
2013-06-29 16:55:44 ----D---- C:\Users\Michal\AppData\Roaming\NuGet
2013-06-28 20:56:54 ----D---- C:\Program Files\trend micro
2013-06-28 20:28:39 ----D---- C:\Users\Michal\AppData\Roaming\BatteryBar
2013-06-28 19:23:34 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-06-28 19:17:48 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2013-06-28 19:16:46 ----D---- C:\Program Files\Microsoft
2013-06-28 19:16:00 ----D---- C:\Program Files\IIS Express
2013-06-28 19:16:00 ----D---- C:\Program Files (x86)\IIS Express
2013-06-28 19:14:44 ----D---- C:\Program Files\IIS
2013-06-28 19:14:43 ----D---- C:\Program Files (x86)\IIS
2013-06-28 19:10:43 ----D---- C:\Program Files (x86)\Windows Kits
2013-06-28 19:02:28 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2013-06-28 19:01:01 ----D---- C:\Windows\SYSWOW64\1033
2013-06-28 19:00:40 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-06-28 19:00:39 ----D---- C:\Program Files\Microsoft SQL Server
2013-06-28 18:54:06 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-28 18:54:02 ----D---- C:\Windows\system32\1033
2013-06-28 18:53:49 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:28:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-28 18:28:08 ----D---- C:\ProgramData\Package Cache
2013-06-28 12:06:57 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-28 12:06:57 ----HD---- C:\ProgramData\Common Files
2013-06-27 10:35:20 ----D---- C:\Users\Michal\AppData\Roaming\WebcamMax
2013-06-27 10:35:20 ----D---- C:\ProgramData\WebcamMax
2013-06-27 10:34:26 ----D---- C:\Program Files (x86)\WebcamMax
2013-06-26 13:42:06 ----D---- C:\Program Files (x86)\Pando Networks
2013-06-23 15:43:36 ----D---- C:\drivers
2013-06-22 20:41:11 ----D---- C:\Users\Michal\AppData\Roaming\.minecraft
2013-06-19 15:27:47 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-19 15:27:42 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-18 17:43:22 ----D---- C:\Program Files (x86)\Google
2013-06-18 12:40:59 ----D---- C:\ProgramData\PMB Files
2013-06-17 20:43:01 ----D---- C:\Users\Michal\AppData\Roaming\.purple
2013-06-17 20:42:15 ----D---- C:\Program Files (x86)\Pidgin
2013-06-16 16:13:53 ----D---- C:\Program Files\Windows Live
2013-06-16 16:09:54 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-06-16 16:09:23 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-06-16 15:58:07 ----D---- C:\Users\Michal\AppData\Roaming\Opera Software
2013-06-16 15:58:00 ----D---- C:\Program Files (x86)\Opera Next
2013-06-16 14:46:36 ----D---- C:\Program Files\Recuva
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 15:23:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 15:23:14 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 15:23:13 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 15:23:13 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 15:23:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 15:23:11 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 15:23:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 15:23:10 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 15:23:09 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 15:23:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 15:23:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 15:23:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 15:23:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 15:23:03 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 15:16:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-12 15:16:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-12 15:16:58 ----A---- C:\Windows\system32\urlmon.dll
2013-06-12 15:16:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-12 15:16:57 ----A---- C:\Windows\system32\iertutil.dll
2013-06-12 15:16:56 ----A---- C:\Windows\system32\ieui.dll
2013-06-12 15:16:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-12 15:16:54 ----A---- C:\Windows\system32\ieframe.dll
2013-06-12 15:16:50 ----A---- C:\Windows\system32\mshtml.dll
2013-06-12 15:16:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-12 15:16:41 ----D---- C:\Program Files\Sublime Text 2
2013-06-12 15:10:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 15:10:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 15:10:03 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 15:09:46 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 15:09:46 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 15:09:41 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 15:09:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 15:09:40 ----A---- C:\Windows\system32\d3d11.dll
2013-06-12 15:09:39 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 15:09:34 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 15:09:34 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 15:09:33 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 15:09:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 15:09:32 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 15:09:32 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 15:09:31 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 15:09:31 ----A---- C:\Windows\system32\certenc.dll
2013-06-09 19:53:16 ----A---- C:\Windows\SYSWOW64\atl110.dll
2013-06-09 15:59:36 ----A---- C:\Windows\system32\atl110.dll
2013-06-09 13:56:06 ----D---- C:\Users\Michal\AppData\Roaming\NuSphere
2013-06-09 13:55:04 ----A---- C:\Windows\SYSWOW64\midas.dll
2013-06-09 13:53:12 ----D---- C:\ProgramData\StarApp
2013-06-08 21:41:38 ----D---- C:\Program Files (x86)\Zend
2013-06-08 21:28:27 ----D---- C:\Program Files (x86)\Foxit Software
2013-06-07 23:38:39 ----A---- C:\Windows\SYSWOW64\esint7e.dll
2013-06-07 23:38:31 ----D---- C:\Program Files (x86)\epson
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxwiaml.dll
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxwia7e.dll
2013-06-07 23:38:31 ----A---- C:\Windows\system32\esxuin7e.dll
======List of files/folders modified in the last 1 months======
2013-07-03 12:48:27 ----D---- C:\Windows\Temp
2013-07-03 12:46:52 ----D---- C:\Program Files (x86)\Steam
2013-07-03 12:44:58 ----D---- C:\Windows\system32\config
2013-07-03 12:44:36 ----D---- C:\Windows\Tasks
2013-07-03 12:44:36 ----D---- C:\ProgramData\Skype
2013-07-03 12:44:13 ----SHD---- C:\System Volume Information
2013-07-03 12:43:47 ----D---- C:\Windows\system32\drivers\etc
2013-07-03 12:42:25 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-07-03 12:41:25 ----D---- C:\Windows\System32
2013-07-03 12:41:25 ----D---- C:\Windows\inf
2013-07-03 12:41:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-03 12:33:02 ----HD---- C:\ProgramData
2013-07-03 10:53:04 ----SHD---- C:\Windows\Installer
2013-07-03 10:48:52 ----RD---- C:\Program Files (x86)
2013-07-03 00:10:54 ----D---- C:\Windows\system32\catroot
2013-07-02 21:43:40 ----D---- C:\Windows\winsxs
2013-07-02 21:29:59 ----D---- C:\Windows\system32\drivers
2013-07-02 21:29:53 ----RD---- C:\Program Files
2013-07-02 21:28:51 ----D---- C:\Windows
2013-07-02 21:28:33 ----D---- C:\Windows\system32\DriverStore
2013-07-02 20:27:21 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2013-07-02 16:54:55 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2013-07-02 12:23:56 ----D---- C:\Windows\Microsoft.NET
2013-07-02 12:23:54 ----RSD---- C:\Windows\assembly
2013-07-02 12:14:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-07-02 12:10:05 ----SD---- C:\ProgramData\Microsoft
2013-07-02 12:09:52 ----D---- C:\Windows\SysWOW64
2013-07-02 12:09:41 ----D---- C:\Program Files (x86)\MSBuild
2013-07-02 11:58:54 ----D---- C:\Program Files (x86)\Common Files
2013-07-01 17:39:55 ----D---- C:\Windows\system32\cs-CZ
2013-06-29 16:14:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-29 16:09:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-29 16:09:39 ----D---- C:\Windows\system32\en-US
2013-06-28 20:52:02 ----D---- C:\Windows\system32\catroot2
2013-06-28 20:10:43 ----D---- C:\Users\Michal\AppData\Roaming\Media Player Classic
2013-06-28 20:09:33 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2013-06-28 20:09:32 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-06-28 20:09:18 ----D---- C:\Windows\Panther
2013-06-28 20:09:16 ----D---- C:\Windows\Logs
2013-06-28 20:09:16 ----D---- C:\Windows\debug
2013-06-28 19:40:53 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-28 19:10:59 ----RSD---- C:\Windows\Fonts
2013-06-28 18:38:51 ----D---- C:\Windows\SoftwareDistribution
2013-06-27 16:30:57 ----D---- C:\Windows\ShellNew
2013-06-26 23:08:21 ----D---- C:\Windows\Prefetch
2013-06-26 22:52:48 ----D---- C:\Windows\SYSWOW64\directx
2013-06-24 19:40:50 ----D---- C:\Windows\rescache
2013-06-24 11:28:38 ----SHD---- C:\$Recycle.Bin
2013-06-23 15:43:11 ----D---- C:\Windows\system32\NDF
2013-06-23 10:42:12 ----D---- C:\Windows\system32\Tasks
2013-06-23 10:41:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-19 19:39:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-19 19:15:33 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-06-19 15:27:42 ----D---- C:\Program Files (x86)\Java
2013-06-19 10:33:59 ----D---- C:\Program Files (x86)\QIP 2012
2013-06-18 18:59:02 ----D---- C:\Windows\SYSWOW64\drivers
2013-06-16 16:25:20 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-06-16 16:15:19 ----D---- C:\Program Files (x86)\Windows Live
2013-06-16 15:34:58 ----D---- C:\Users\Michal\AppData\Roaming\WinRAR
2013-06-12 23:07:24 ----D---- C:\Program Files\Internet Explorer
2013-06-12 23:07:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-12 21:48:23 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-12 21:48:17 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-12 15:24:24 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 15:08:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-12 15:08:04 ----RD---- C:\Program Files (x86)\Skype
2013-06-08 16:38:48 ----D---- C:\Users\Michal\AppData\Roaming\Foxit Software
2013-06-07 23:38:31 ----D---- C:\Windows\twain_32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-05-16 564824]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-21 1799680]
S3 akk9v6h1;akk9v6h1; C:\Windows\system32\drivers\akk9v6h1.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-07 543656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-12 117144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Re: preventivní kontrola
V logu nevidim nic nebezpecneho, ale ten samozrejme neukaze vsechno. Takze preventivne...
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivní kontrola
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.07.03.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Michal :: K50AD [administrátor]
3.7.2013 12:58:00
MBAM-log-2013-07-03 (14-26-25).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 361548
Uplynulý čas: 1 hodin, 28 minut, 12 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
www.malwarebytes.org
Verze: v2013.07.03.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Michal :: K50AD [administrátor]
3.7.2013 12:58:00
MBAM-log-2013-07-03 (14-26-25).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 361548
Uplynulý čas: 1 hodin, 28 minut, 12 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: preventivní kontrola
MBAM muzete odinstalovat. 1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)2) Zkopirujte do nej ten zeleny text
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) Na to, co jste prave ulozil/a, 2x kliknete, ono se to spusti a vy to jen potvrdte
8) Pak ten soubor muzete smazat
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete CCleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, zda je vse v poradku. A pokud ano, mame hotovo.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivní kontrola
Vše proběhlo v pořádku. Co se týče CCleaneru tak ho používám tak nějak "pravidelně", a disk defragmentuji taky.
Děkuji za pomoc a ochotu Mějte se.
Děkuji za pomoc a ochotu
Mějte se.Re: preventivní kontrola
Vyborne. Jen k te defragmentaci. Jestli defragmentujete jen systemovym nastrojem, doporucuji pouzit i ten specializovany program. Ta systemova je slaba 
Nemate zac!
Mejte se a treba zase nekdy
Nemate zac!
Mejte se a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?