Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Fler
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 13 črc 2008 11:14

Kontrola

#1 Příspěvek od Fler »

Prosím o kontrolu, po posledním scanu antivir našel nějaký bordel a odstranil ho, ale chtěl bych se ještě ujistit.
Díky za odpověď

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2013-09-17 21:53:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 36 GB (5%) free of 699 GB
Total RAM: 8030 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:12, on 17.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Programy\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Programy\Razer\Abyssus\razerhid.exe
C:\Programy\Avast\AvastUI.exe
C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe
C:\Programy\Razer\Abyssus\razertra.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Programy\Razer\Abyssus\razerofa.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Programy\Razer\Abyssus\vdDaemon.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Programy\Steam\Steam.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programy\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Abyssus] C:\Programy\Razer\Abyssus\razerhid.exe
O4 - HKLM\..\Run: [avast] "C:\Programy\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Programy\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1252841632-3293090450-1586646574-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1252841632-3293090450-1586646574-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16869 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 22172928
\??\C:\Windows\system32\conhost.exe "-807903382080829291-10699736901687844331215676484-18346665361330073625376678511
"C:\Programy\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
"C:\Program Files\Apoint2K\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "-19340588641083955516977980042028350805-396355420-1562229410-1340402582-1329145383
"C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Programy\Razer\Abyssus\razerhid.exe"
"C:\Programy\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
"C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Programy\Razer\Abyssus\razertra.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Programy\Razer\Abyssus\razerofa.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 5256
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7448.0.134180217\1987560817" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2653 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="7448.1.619788679\202821072" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.3.1765183892\857878658" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.4.1490955748\1982690735" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.5.1289441768\303848250" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7448.6.262626157\1012991479" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Programy\Razer\Abyssus\vdDaemon.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.9.2115649993\1779405266" /prefetch:673131151
"C:\Programy\Steam\Steam.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.15.1902749850\2055120790" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.16.1936922766\1087801798" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.17.1139983114\732743194" /prefetch:673131151
taskeng.exe {7A4BE972-5FCC-4810-B475-AD7ADD933FD0}
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.19.944297750\1738467533" /prefetch:673131151
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7448.21.426914342\130533009" /prefetch:673131151
"C:\Users\Michal\Downloads\RSITx64.exe"
taskeng.exe {71E08590-72BF-4E38-82BD-4BE7507C30D2}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Programy\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14 6311296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programy\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-28 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-13 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Programy\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-28 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll [2013-09-02 1357120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Programy\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Programy\Avast\aswWebRepIE.dll [2013-02-28 1224568]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll [2013-09-02 1357120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-19 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-19 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-19 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-14 12448872]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-02-08 1158248]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2012-02-02 576376]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-02-13 1020064]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-02-13 800416]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 1829768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-13 116648]
"PlayNC Launcher"= []
"DAEMON Tools Lite"=C:\Programy\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Programy\Origin\Origin.exe [2013-08-27 3549528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-29 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-09-02 1360192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Programy\Steam\Steam.exe [2013-09-06 1811368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programy\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
C:\Users\Michal\AppData\Local\Facebook\MESSEN~1\214651~1.0\FACEBO~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-01-06 296984]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-02-22 1105488]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"Abyssus"=C:\Programy\Razer\Abyssus\razerhid.exe [2011-03-10 231936]
"avast"=C:\Programy\Avast\avastUI.exe [2013-02-28 4767304]
"BCSSync"=C:\Programy\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"PowerDVD12DMREngine"=C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]
"PowerDVD12Agent"=C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe [2012-01-12 371256]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2012-12-10 338864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
""= []

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programy\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-17 21:53:06 ----D---- C:\rsit
2013-09-17 21:53:06 ----D---- C:\Program Files\trend micro
2013-09-17 10:39:52 ----D---- C:\Users\Michal\AppData\Roaming\Malwarebytes
2013-09-17 10:39:11 ----D---- C:\ProgramData\Malwarebytes
2013-09-17 10:39:10 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-09-17 10:21:16 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-09-16 23:39:34 ----D---- C:\Program Files\CCleaner
2013-09-14 19:01:37 ----D---- C:\Program Files (x86)\ss helper
2013-09-14 19:01:33 ----D---- C:\ProgramData\savenshAree
2013-09-14 19:01:18 ----D---- C:\ProgramData\InstallMate
2013-09-11 17:52:41 ----D---- C:\ProgramData\Codemasters
2013-09-11 17:52:39 ----D---- C:\ProgramData\Steam
2013-09-11 03:11:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-11 03:11:51 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 03:11:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-11 03:11:50 ----A---- C:\Windows\system32\iesetup.dll
2013-09-11 03:11:50 ----A---- C:\Windows\system32\iernonce.dll
2013-09-11 03:11:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-11 03:11:49 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-11 03:11:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-11 03:11:49 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-11 03:11:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-11 03:11:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 03:11:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-11 03:11:48 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 03:11:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-11 03:11:46 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 03:11:46 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 03:11:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-11 03:11:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-11 03:11:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-11 03:11:44 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 03:11:43 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 03:11:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-11 03:11:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-11 03:11:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 03:11:41 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 03:11:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-11 03:11:40 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 03:11:38 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 03:11:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-11 01:08:05 ----D---- C:\Program Files (x86)\Application Updater
2013-09-11 01:08:04 ----D---- C:\Program Files (x86)\YTD Toolbar
2013-09-11 01:01:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-11 01:01:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-11 01:01:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-11 01:01:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-11 01:01:40 ----A---- C:\Windows\system32\wow64.dll
2013-09-11 01:01:40 ----A---- C:\Windows\system32\ntdll.dll
2013-09-11 01:01:40 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 01:01:39 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-11 01:01:39 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-11 01:01:39 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 01:01:39 ----A---- C:\Windows\system32\smss.exe
2013-09-11 01:01:39 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 01:01:39 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 01:01:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-11 01:01:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\wow64win.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 01:01:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-11 01:01:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-11 01:01:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-11 01:01:32 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-11 01:01:31 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-11 01:01:30 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 00:38:31 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 00:38:25 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 00:38:24 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-11 00:38:23 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-11 00:38:23 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-08 17:30:25 ----RHD---- C:\Users\Michal\AppData\Roaming\SecuROM
2013-08-27 21:18:38 ----D---- C:\ProgramData\VirtualWifiRouter
2013-08-27 21:18:24 ----D---- C:\Program Files (x86)\MyPC Backup
2013-08-21 13:36:24 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-08-21 13:33:50 ----D---- C:\ProgramData\EA Logs
2013-08-20 22:48:52 ----D---- C:\Program Files (x86)\Origin Games
2013-08-20 18:01:16 ----D---- C:\Users\Michal\AppData\Roaming\Origin
2013-08-20 17:59:28 ----D---- C:\ProgramData\Origin

======List of files/folders modified in the last 1 month======

2013-09-17 21:53:09 ----D---- C:\Windows\Temp
2013-09-17 21:53:06 ----RD---- C:\Program Files
2013-09-17 21:43:51 ----A---- C:\Windows\SYSWOW64\log.txt
2013-09-17 21:42:00 ----D---- C:\Windows\system32\config
2013-09-17 21:41:01 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-09-17 21:37:19 ----SHD---- C:\Config.Msi
2013-09-17 21:06:04 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-09-17 17:48:52 ----D---- C:\Windows\system32\LogFiles
2013-09-17 10:51:45 ----D---- C:\Windows
2013-09-17 10:50:56 ----SHD---- C:\Windows\Installer
2013-09-17 10:50:56 ----D---- C:\Program Files (x86)
2013-09-17 10:46:08 ----HD---- C:\ProgramData
2013-09-17 10:39:10 ----D---- C:\Windows\system32\drivers
2013-09-17 10:39:10 ----D---- C:\Programy
2013-09-17 10:29:35 ----SHD---- C:\System Volume Information
2013-09-17 10:28:13 ----D---- C:\Windows\Prefetch
2013-09-17 10:23:57 ----D---- C:\Windows\inf
2013-09-17 10:21:16 ----D---- C:\Windows\System32
2013-09-17 00:00:58 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2013-09-17 00:00:57 ----D---- C:\Users\Michal\AppData\Roaming\Winamp
2013-09-17 00:00:51 ----D---- C:\Users\Michal\AppData\Roaming\BitTorrent
2013-09-16 23:57:20 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-09-16 23:56:53 ----D---- C:\Windows\Panther
2013-09-16 23:56:07 ----D---- C:\Windows\Logs
2013-09-16 23:56:07 ----D---- C:\Windows\debug
2013-09-16 23:56:06 ----D---- C:\Windows\Minidump
2013-09-16 23:40:41 ----D---- C:\Windows\system32\catroot2
2013-09-16 23:39:55 ----D---- C:\Windows\system32\Tasks
2013-09-16 23:36:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-16 12:46:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-14 12:36:15 ----D---- C:\Windows\SysWOW64
2013-09-13 18:53:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 20:38:04 ----D---- C:\Games
2013-09-11 17:32:38 ----RSD---- C:\Windows\assembly
2013-09-11 12:01:04 ----D---- C:\Windows\Microsoft.NET
2013-09-11 03:31:57 ----D---- C:\Windows\winsxs
2013-09-11 03:27:47 ----D---- C:\Program Files\Internet Explorer
2013-09-11 03:27:47 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-11 03:27:45 ----D---- C:\Windows\AppPatch
2013-09-11 03:27:44 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-11 03:27:44 ----D---- C:\Windows\system32\cs-CZ
2013-09-11 03:27:43 ----D---- C:\Windows\system32\DriverStore
2013-09-11 03:12:12 ----D---- C:\Windows\system32\catroot
2013-09-11 03:11:33 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-11 03:11:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-09-11 03:11:21 ----D---- C:\Windows\system32\MRT
2013-09-11 03:07:38 ----A---- C:\Windows\system32\MRT.exe
2013-09-11 03:07:29 ----D---- C:\ProgramData\Microsoft Help
2013-09-03 13:16:51 ----D---- C:\Program Files (x86)\SweetIM
2013-08-24 19:16:34 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-08-21 13:54:11 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-08-21 13:33:54 ----D---- C:\ProgramData\Electronic Arts
2013-08-19 11:53:56 ----D---- C:\ProgramData\Skype
2013-08-19 11:53:55 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 65408]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-02-01 28992]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2012-09-09 2639976]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-02-28 71064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 1025880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 377992]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 68992]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-18 283200]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-02-24 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-02-24 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-02-24 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 33472]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-02-28 314016]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-02-28 43680]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2012-01-21 16128]
R3 Abyssus;Razer Abyssus; C:\Windows\system32\drivers\Abyssus.sys [2009-10-30 10880]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-09-21 376144]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-02-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-07 3538432]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-02-13 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-02-13 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-02-13 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-02-13 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-02-13 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-02-13 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-02-13 550560]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-02-14 4744808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2012-02-07 18432]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2012-02-07 17408]
R3 VKbms;Virtual HID Minidriver; C:\Windows\system32\DRIVERS\VKbms.sys [2010-10-01 13312]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 177672]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-09-02 807800]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-02-13 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Avast\AvastSvc.exe [2013-02-28 45248]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-02-22 355920]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 871296]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-06-26 8704]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-08-31 2425960]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-09 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-06 256536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-01-28 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-02 2458944]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-08-21 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2012-09-09 538000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-19 276248]
S3 DCDhcpService;DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [2012-02-10 111776]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-03-29 655624]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Programy\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-01-21 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-16 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola

#2 Příspěvek od Roli »

Zdravím, s tím nelegálním produktem od Microsoftu uděláme co ?
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Fler
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 13 črc 2008 11:14

Re: Kontrola

#3 Příspěvek od Fler »

Budiž mi odpuštěno
Díky za odpověď.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2013-09-20 10:08:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (5%) free of 699 GB
Total RAM: 8030 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:50, on 20.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Programy\DAEMON Tools Lite\DTLite.exe
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Programy\Razer\Abyssus\razerhid.exe
C:\Programy\Avast\AvastUI.exe
C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Programy\Razer\Abyssus\razerofa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Programy\Razer\Abyssus\razertra.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Programy\Razer\Abyssus\vdDaemon.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Abyssus] C:\Programy\Razer\Abyssus\razerhid.exe
O4 - HKLM\..\Run: [avast] "C:\Programy\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1252841632-3293090450-1586646574-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1252841632-3293090450-1586646574-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16425 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 26846480
\??\C:\Windows\system32\conhost.exe "-137128798-16222393213160653296901955171397445496-417509479-41823630-1722131919
"C:\Programy\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
C:\Windows\System32\spoolsv.exe
"C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Apoint2K\HidFind.exe"
"taskhost.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "501527600218579235-1264459915-16529274111493832806-304401305-150794433-796633475
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Programy\Razer\Abyssus\razerhid.exe"
"C:\Programy\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
"C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Programy\Razer\Abyssus\razerofa.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 4764
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Programy\Razer\Abyssus\razertra.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1016.0.782293647\1545377034" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2653 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="1016.1.1032591840\371961233" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.3.1256293395\1188193711" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.4.65119614\2142791566" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.6.253221229\613060504" /prefetch:673131151
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1016.7.187388682\1020874541" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Programy\Razer\Abyssus\vdDaemon.exe
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.11.1762592508\1944959332" /prefetch:673131151
taskeng.exe {C08D6CCD-CEF5-44ED-85C8-338D1A127DA7}
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.20.1600061214\1415354187" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.25.1434561377\1277742398" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.28.1426986353\425137360" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.35.1839217868\559718003" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.39.1309176333\1702771932" /prefetch:673131151
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:1a m29stable:r2 use_remote_ntp_on_startup:1 espv:208/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1016.40.517086926\1952728199" /prefetch:673131151
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Users\Michal\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1252841632-3293090450-1586646574-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Programy\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14 6311296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-28 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-13 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Programy\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-28 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll [2013-09-02 1357120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Programy\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Programy\Avast\aswWebRepIE.dll [2013-02-28 1224568]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll [2013-09-02 1357120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-19 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-19 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-19 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-14 12448872]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-02-08 1158248]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2012-02-02 576376]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-02-13 1020064]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-02-13 800416]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 1829768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-13 116648]
"PlayNC Launcher"= []
"DAEMON Tools Lite"=C:\Programy\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Programy\Origin\Origin.exe [2013-08-27 3549528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-29 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-09-02 1360192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Programy\Steam\Steam.exe [2013-09-06 1811368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programy\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
C:\Users\Michal\AppData\Local\Facebook\MESSEN~1\214651~1.0\FACEBO~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-01-06 296984]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-02-22 1105488]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"Abyssus"=C:\Programy\Razer\Abyssus\razerhid.exe [2011-03-10 231936]
"avast"=C:\Programy\Avast\avastUI.exe [2013-02-28 4767304]
"PowerDVD12DMREngine"=C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]
"PowerDVD12Agent"=C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe [2012-01-12 371256]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2012-12-10 338864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
""= []
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-19 23:03:16 ----D---- C:\Users\Michal\AppData\Roaming\OpenOffice.org
2013-09-19 22:49:11 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2013-09-19 19:37:03 ----D---- C:\Program Files\iPod
2013-09-19 19:37:02 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 19:37:02 ----D---- C:\Program Files\iTunes
2013-09-19 19:37:02 ----D---- C:\Program Files (x86)\iTunes
2013-09-18 18:16:30 ----A---- C:\Windows\system32\GDIPFONTCACHEV1.DAT
2013-09-17 21:53:06 ----D---- C:\rsit
2013-09-17 21:53:06 ----D---- C:\Program Files\trend micro
2013-09-17 10:39:52 ----D---- C:\Users\Michal\AppData\Roaming\Malwarebytes
2013-09-17 10:39:11 ----D---- C:\ProgramData\Malwarebytes
2013-09-17 10:39:10 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-09-17 10:21:16 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-09-16 23:39:34 ----D---- C:\Program Files\CCleaner
2013-09-14 19:01:37 ----D---- C:\Program Files (x86)\ss helper
2013-09-14 19:01:33 ----D---- C:\ProgramData\savenshAree
2013-09-14 19:01:18 ----D---- C:\ProgramData\InstallMate
2013-09-11 17:52:41 ----D---- C:\ProgramData\Codemasters
2013-09-11 17:52:39 ----D---- C:\ProgramData\Steam
2013-09-11 03:11:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-11 03:11:51 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 03:11:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-11 03:11:50 ----A---- C:\Windows\system32\iesetup.dll
2013-09-11 03:11:50 ----A---- C:\Windows\system32\iernonce.dll
2013-09-11 03:11:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-11 03:11:49 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-11 03:11:49 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-11 03:11:49 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-11 03:11:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-11 03:11:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 03:11:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-11 03:11:48 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 03:11:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-11 03:11:46 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 03:11:46 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 03:11:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-11 03:11:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-11 03:11:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-11 03:11:44 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 03:11:43 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 03:11:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-11 03:11:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-11 03:11:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 03:11:41 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 03:11:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-11 03:11:40 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 03:11:38 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 03:11:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-11 01:08:05 ----D---- C:\Program Files (x86)\Application Updater
2013-09-11 01:08:04 ----D---- C:\Program Files (x86)\YTD Toolbar
2013-09-11 01:01:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-11 01:01:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-11 01:01:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-11 01:01:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-11 01:01:40 ----A---- C:\Windows\system32\wow64.dll
2013-09-11 01:01:40 ----A---- C:\Windows\system32\ntdll.dll
2013-09-11 01:01:40 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 01:01:39 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-11 01:01:39 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-11 01:01:39 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 01:01:39 ----A---- C:\Windows\system32\smss.exe
2013-09-11 01:01:39 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 01:01:39 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 01:01:38 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 01:01:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-11 01:01:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\wow64win.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-11 01:01:38 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 01:01:37 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 01:01:36 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 01:01:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 01:01:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 01:01:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 01:01:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 01:01:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-11 01:01:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-11 01:01:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-11 01:01:32 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-11 01:01:31 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-11 01:01:30 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 00:38:31 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 00:38:25 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 00:38:24 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-11 00:38:23 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-11 00:38:23 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-08 17:30:25 ----RHD---- C:\Users\Michal\AppData\Roaming\SecuROM
2013-08-27 21:18:38 ----D---- C:\ProgramData\VirtualWifiRouter
2013-08-27 21:18:24 ----D---- C:\Program Files (x86)\MyPC Backup
2013-08-21 13:36:24 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-08-21 13:33:50 ----D---- C:\ProgramData\EA Logs

======List of files/folders modified in the last 1 month======

2013-09-20 10:08:50 ----D---- C:\Windows\Temp
2013-09-20 10:05:33 ----D---- C:\Windows
2013-09-20 09:52:43 ----D---- C:\Windows\SysWOW64
2013-09-20 09:52:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-20 09:41:18 ----D---- C:\Windows\system32\config
2013-09-20 09:22:21 ----A---- C:\Windows\SYSWOW64\log.txt
2013-09-20 09:18:38 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-09-20 09:16:16 ----SHD---- C:\Config.Msi
2013-09-20 09:16:16 ----D---- C:\Program Files (x86)
2013-09-20 04:05:17 ----D---- C:\Windows\system32\catroot
2013-09-20 03:46:45 ----SHD---- C:\System Volume Information
2013-09-19 23:11:46 ----D---- C:\Users\Michal\AppData\Roaming\BitTorrent
2013-09-19 23:03:25 ----D---- C:\Windows\Prefetch
2013-09-19 22:50:32 ----SHD---- C:\Windows\Installer
2013-09-19 22:50:30 ----RSD---- C:\Windows\assembly
2013-09-19 22:49:30 ----RSD---- C:\Windows\Fonts
2013-09-19 21:42:02 ----SD---- C:\ProgramData\Microsoft
2013-09-19 21:42:00 ----RD---- C:\Program Files
2013-09-19 21:41:58 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-19 21:41:52 ----D---- C:\Windows\System32
2013-09-19 21:41:46 ----D---- C:\Program Files (x86)\Common Files
2013-09-19 21:41:41 ----D---- C:\Windows\inf
2013-09-19 21:41:11 ----D---- C:\Users\Michal\AppData\Roaming\SoftGrid Client
2013-09-19 21:37:53 ----D---- C:\Windows\Microsoft.NET
2013-09-19 21:36:58 ----D---- C:\ProgramData\Microsoft Help
2013-09-19 21:35:32 ----D---- C:\Programy
2013-09-19 21:33:00 ----D---- C:\Windows\ShellNew
2013-09-19 19:37:02 ----HD---- C:\ProgramData
2013-09-19 19:34:45 ----D---- C:\Windows\system32\DriverStore
2013-09-19 16:28:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-19 05:30:35 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-09-19 04:38:14 ----D---- C:\Windows\rescache
2013-09-18 02:04:47 ----D---- C:\Users\Michal\AppData\Roaming\Winamp
2013-09-17 17:48:52 ----D---- C:\Windows\system32\LogFiles
2013-09-17 10:39:10 ----D---- C:\Windows\system32\drivers
2013-09-17 00:00:58 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2013-09-16 23:57:20 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-09-16 23:56:53 ----D---- C:\Windows\Panther
2013-09-16 23:56:07 ----D---- C:\Windows\Logs
2013-09-16 23:56:07 ----D---- C:\Windows\debug
2013-09-16 23:56:06 ----D---- C:\Windows\Minidump
2013-09-16 23:40:41 ----D---- C:\Windows\system32\catroot2
2013-09-16 23:39:55 ----D---- C:\Windows\system32\Tasks
2013-09-16 23:36:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-11 20:38:04 ----D---- C:\Games
2013-09-11 13:36:14 ----D---- C:\Program Files (x86)\Origin Games
2013-09-11 03:31:57 ----D---- C:\Windows\winsxs
2013-09-11 03:27:47 ----D---- C:\Program Files\Internet Explorer
2013-09-11 03:27:47 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-11 03:27:45 ----D---- C:\Windows\AppPatch
2013-09-11 03:27:44 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-11 03:27:44 ----D---- C:\Windows\system32\cs-CZ
2013-09-11 03:11:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-09-11 03:11:21 ----D---- C:\Windows\system32\MRT
2013-09-11 03:07:38 ----A---- C:\Windows\system32\MRT.exe
2013-09-03 13:16:51 ----D---- C:\Program Files (x86)\SweetIM
2013-08-24 19:16:34 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-08-21 13:54:11 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-08-21 13:33:54 ----D---- C:\ProgramData\Electronic Arts
2013-08-21 11:29:51 ----D---- C:\Users\Michal\AppData\Roaming\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 65408]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-02-01 28992]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2012-09-09 2639976]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-02-28 71064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 1025880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 377992]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 68992]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-18 283200]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-02-24 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-02-24 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-02-24 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 33472]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-02-28 314016]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-02-28 43680]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2012-01-21 16128]
R3 Abyssus;Razer Abyssus; C:\Windows\system32\drivers\Abyssus.sys [2009-10-30 10880]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-09-21 376144]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-02-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-07 3538432]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-02-13 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-02-13 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-02-13 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-02-13 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-02-13 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-02-13 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-02-13 550560]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-02-14 4744808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2012-02-07 18432]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2012-02-07 17408]
R3 VKbms;Virtual HID Minidriver; C:\Windows\system32\DRIVERS\VKbms.sys [2010-10-01 13312]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 177672]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-09-02 807800]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-02-13 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Avast\AvastSvc.exe [2013-02-28 45248]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-02-22 355920]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 871296]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-06-26 8704]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-08-31 2425960]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-09 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-06 256536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-01-28 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-02 2458944]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-08-21 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2012-09-09 538000]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-19 276248]
S3 DCDhcpService;DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [2012-02-10 111776]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-03-29 655624]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-01-21 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-16 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola

#4 Příspěvek od Roli »

Fler píše:Budiž mi odpuštěno
Dobrá, tohle fixni v HJT :

R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Programy\PowerDVD12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Programy\PowerDVD12\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c

HJT najdeš zde :

C:\Program Files\trend micro\Michal.exe

Fix znamená že spustíš HJT Obrázek jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Live Updater Service - Acer Incorporated

NVIDIA Update Service Daemon

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


Přes Odebrat programy odinstaluj Facebook Update


V Naplánovaných úlohách zakaž :

Google Update může to tam být vícekrát


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Windows\AutoKMS.exe

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]

:commands
[purity]
[emptytemp]
[start explorer]
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Fler
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 13 črc 2008 11:14

Re: Kontrola

#5 Příspěvek od Fler »

díky dík
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola

#6 Příspěvek od Roli »

Fler píše:díky dík
Ještě neděkuj, protože jsme nezkončili.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Fler
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 13 črc 2008 11:14

Re: Kontrola

#7 Příspěvek od Fler »

adw:

# AdwCleaner v3.004 - Report created 21/09/2013 at 12:26:37
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michal - Michal-PC
# Running from : C:\Users\Michal\Downloads\adwcleaner (1).exe
# Option : Scan

***** [ Services ] *****

Service Found : Application Updater

***** [ Files / Folders ] *****

File Found : C:\Users\Michal\AppData\Local\mysearchdial.crx
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ffxtlbr@mysearchdial.com
Folder Found C:\Program Files (x86)\Application Updater
Folder Found C:\Program Files (x86)\Common Files\spigot
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\SweetIM
Folder Found C:\Program Files (x86)\YTD Toolbar
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\savenshAree
Folder Found C:\Users\Michal\AppData\Local\apn
Folder Found C:\Users\Michal\AppData\LocalLow\Mysearchdial
Folder Found C:\Users\Michal\AppData\LocalLow\Search Settings
Folder Found C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Found C:\Users\Michal\AppData\Roaming\pdfforge
Folder Found C:\Users\Michal\AppData\Roaming\Systweak

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\wscontb
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\mysearchdial
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Search Settings
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\wscontb
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Found : HKLM\Software\mysearchdial
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzy0E0D0EtA0FtDyEtCzytN0D0Tzu0CyDtCzztN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1397106091&ir=
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzy0E0D0EtA0FtDyEtCzytN0D0Tzu0CyDtCzztN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1397106091&ir=

-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8199 octets] - [21/09/2013 12:23:08]
AdwCleaner[R1].txt - [7947 octets] - [21/09/2013 12:26:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [8007 octets] ##########

OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
C:\WINDOWS\System32\shoABF6.tmp moved successfully.
C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File/Folder C:\Windows\AutoKMS.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michal
->Temp folder emptied: 81814237 bytes
->Temporary Internet Files folder emptied: 3147891 bytes
->Java cache emptied: 1337158 bytes
->Google Chrome cache emptied: 480319581 bytes
->Flash cache emptied: 58742 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 258019837 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 14255745 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42305091 bytes
RecycleBin emptied: 130103440 bytes

Total Files Cleaned = 965,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09212013_125238

Files moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Temp\MMDUtl.log moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\_avast_\Webshlock.txt not found!
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola

#8 Příspěvek od Roli »

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.


Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Fler
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 13 črc 2008 11:14

Re: Kontrola

#9 Příspěvek od Fler »

AdwCleaner možnost clean nejde

Combo fix:

ComboFix 13-09-26.03 - Michal 28.09.2013 12:15:09.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8030.5803 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michal\AppData\Local\assembly\tmp
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\SysWow64\DEBUG.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-28 do 2013-09-28 )))))))))))))))))))))))))))))))
.
.
2013-09-28 10:22 . 2013-09-28 10:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-28 10:22 . 2013-09-28 10:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-27 18:14 . 2013-09-27 20:25 -------- d-----w- c:\users\Michal\bluej
2013-09-27 18:13 . 2013-09-27 18:13 973736 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-27 18:13 . 2013-09-27 18:13 312744 ----a-w- c:\windows\system32\javaws.exe
2013-09-27 18:13 . 2013-09-27 18:13 1095080 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-27 18:13 . 2013-09-27 18:13 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-27 18:13 . 2013-09-27 18:13 189352 ----a-w- c:\windows\system32\javaw.exe
2013-09-27 18:13 . 2013-09-27 18:13 189352 ----a-w- c:\windows\system32\java.exe
2013-09-27 18:11 . 2013-09-27 18:13 -------- d-----w- c:\program files\Java
2013-09-27 17:58 . 2013-09-28 10:14 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0485DE4-0EA9-49A8-8B73-5EC5AC948928}\offreg.dll
2013-09-27 17:11 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0485DE4-0EA9-49A8-8B73-5EC5AC948928}\mpengine.dll
2013-09-21 10:23 . 2013-09-21 10:26 -------- d-----w- C:\AdwCleaner
2013-09-20 14:31 . 2013-09-20 14:31 -------- d-----w- c:\users\Michal\AppData\Roaming\SUPERAntiSpyware.com
2013-09-19 21:03 . 2013-09-19 21:03 -------- d-----w- c:\users\Michal\AppData\Roaming\OpenOffice.org
2013-09-19 20:49 . 2013-09-19 20:49 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\program files\iPod
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\program files\iTunes
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\program files (x86)\iTunes
2013-09-17 19:53 . 2013-09-20 20:22 -------- d-----w- c:\program files\trend micro
2013-09-17 08:39 . 2013-09-17 08:39 -------- d-----w- c:\users\Michal\AppData\Roaming\Malwarebytes
2013-09-17 08:39 . 2013-09-17 08:39 -------- d-----w- c:\programdata\Malwarebytes
2013-09-16 21:39 . 2013-09-16 21:39 -------- d-----w- c:\program files\CCleaner
2013-09-14 17:01 . 2013-09-17 08:51 -------- d-----w- c:\program files (x86)\ss helper
2013-09-14 17:01 . 2013-09-17 08:50 -------- d-----w- c:\programdata\savenshAree
2013-09-14 17:01 . 2013-09-14 17:01 -------- d-----w- c:\programdata\InstallMate
2013-09-11 15:52 . 2013-09-11 15:52 -------- d-----w- c:\programdata\Codemasters
2013-09-11 15:52 . 2013-09-11 15:52 -------- d-----w- c:\programdata\Steam
2013-09-10 23:08 . 2013-09-10 23:08 -------- d-----w- c:\program files (x86)\Application Updater
2013-09-10 23:08 . 2013-09-10 23:08 -------- d-----w- c:\program files (x86)\YTD Toolbar
2013-09-10 22:38 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-10 22:38 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-10 22:38 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-08 15:30 . 2013-09-08 15:30 -------- d-----w- c:\users\Michal\AppData\Local\Criterion Games
2013-09-08 15:30 . 2013-09-08 15:30 -------- d--h--r- c:\users\Michal\AppData\Roaming\SecuROM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-22 18:29 . 2012-08-03 14:57 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-22 18:29 . 2012-08-03 13:17 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-20 07:52 . 2012-06-03 07:57 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-20 07:52 . 2012-02-24 13:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 01:07 . 2012-05-13 22:24 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-24 17:16 . 2012-08-03 13:17 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-21 11:54 . 2012-08-03 13:17 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-10 23:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 10:31 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 10:31 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 10:31 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 10:31 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 10:31 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 10:31 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 10:32 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 10:31 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 10:31 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 10:31 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 10:31 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 10:31 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 10:31 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 10:31 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 09:47 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 21:04 220632 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 21:04 220632 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 21:04 220632 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2012-01-05 296984]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-02-22 1105488]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 291608]
"Abyssus"="c:\programy\Razer\Abyssus\razerhid.exe" [2011-03-10 231936]
"avast"="c:\programy\Avast\avastUI.exe" [2013-02-28 4767304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2012-12-10 338864]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-17 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc;c:\windows\SYSNATIVE\appdrvrem01.exe svc [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 DCDhcpService;DCDhcpService;c:\program files (x86)\Acer\WDAgent\DCDhcpService.exe;c:\program files (x86)\Acer\WDAgent\DCDhcpService.exe [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswRvrt;aswRvrt; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys;c:\windows\SYSNATIVE\Drivers\appdrv01.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/11/17 19:06];c:\programy\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl;c:\programy\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys;c:\windows\SYSNATIVE\drivers\Abyssus.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys;c:\windows\SYSNATIVE\DRIVERS\VKbms.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 07:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 21:04 244696 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 21:04 244696 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 21:04 244696 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\programy\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-19 440600]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-14 12448872]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2012-02-02 576376]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-13 1020064]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-13 800416]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-07 1829768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\programy\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\programy\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-28 12:24:28
ComboFix-quarantined-files.txt 2013-09-28 10:24
.
Před spuštěním: Volných bajtů: 37 290 676 224
Po spuštění: Volných bajtů: 37 218 230 272
.
- - End Of File - - F3DFEBE25D3A740374C39E2D3C69BA63
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola

#10 Příspěvek od Roli »

Fler píše:AdwCleaner možnost clean nejde
Musí to jít, zkus to znovu.

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock:: 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Fler
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 13 črc 2008 11:14

Re: Kontrola

#11 Příspěvek od Fler »

ComboFix:

ComboFix 13-09-26.03 - Michal 04.10.2013 19:17:58.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8030.5771 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michal\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-04 do 2013-10-04 )))))))))))))))))))))))))))))))
.
.
2013-10-04 17:28 . 2013-10-04 17:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-04 17:28 . 2013-10-04 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-04 16:11 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{215F2493-E9E2-43D7-ADC1-27EEF13AEC9E}\mpengine.dll
2013-09-27 18:14 . 2013-09-27 20:25 -------- d-----w- c:\users\Michal\bluej
2013-09-27 18:13 . 2013-09-27 18:13 973736 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-27 18:13 . 2013-09-27 18:13 312744 ----a-w- c:\windows\system32\javaws.exe
2013-09-27 18:13 . 2013-09-27 18:13 1095080 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-27 18:13 . 2013-09-27 18:13 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-27 18:13 . 2013-09-27 18:13 189352 ----a-w- c:\windows\system32\javaw.exe
2013-09-27 18:13 . 2013-09-27 18:13 189352 ----a-w- c:\windows\system32\java.exe
2013-09-27 18:11 . 2013-09-27 18:13 -------- d-----w- c:\program files\Java
2013-09-21 10:23 . 2013-09-28 23:00 -------- d-----w- C:\AdwCleaner
2013-09-20 14:31 . 2013-09-20 14:31 -------- d-----w- c:\users\Michal\AppData\Roaming\SUPERAntiSpyware.com
2013-09-19 21:03 . 2013-09-19 21:03 -------- d-----w- c:\users\Michal\AppData\Roaming\OpenOffice.org
2013-09-19 20:49 . 2013-09-19 20:49 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\program files\iPod
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\program files\iTunes
2013-09-19 17:37 . 2013-09-19 17:37 -------- d-----w- c:\program files (x86)\iTunes
2013-09-17 19:53 . 2013-09-20 20:22 -------- d-----w- c:\program files\trend micro
2013-09-17 08:39 . 2013-09-17 08:39 -------- d-----w- c:\users\Michal\AppData\Roaming\Malwarebytes
2013-09-17 08:39 . 2013-09-17 08:39 -------- d-----w- c:\programdata\Malwarebytes
2013-09-16 21:39 . 2013-09-16 21:39 -------- d-----w- c:\program files\CCleaner
2013-09-14 17:01 . 2013-09-17 08:51 -------- d-----w- c:\program files (x86)\ss helper
2013-09-14 17:01 . 2013-09-14 17:01 -------- d-----w- c:\programdata\InstallMate
2013-09-11 15:52 . 2013-09-11 15:52 -------- d-----w- c:\programdata\Codemasters
2013-09-11 15:52 . 2013-09-11 15:52 -------- d-----w- c:\programdata\Steam
2013-09-10 23:01 . 2013-08-02 02:23 5550528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-09-10 22:38 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-10 22:38 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-10 22:38 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-08 15:30 . 2013-09-08 15:30 -------- d-----w- c:\users\Michal\AppData\Local\Criterion Games
2013-09-08 15:30 . 2013-09-08 15:30 -------- d--h--r- c:\users\Michal\AppData\Roaming\SecuROM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-22 18:29 . 2012-08-03 14:57 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-22 18:29 . 2012-08-03 13:17 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-20 07:52 . 2012-06-03 07:57 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-20 07:52 . 2012-02-24 13:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 01:07 . 2012-05-13 22:24 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-24 17:16 . 2012-08-03 13:17 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-21 11:54 . 2012-08-03 13:17 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-10 23:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 10:31 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 10:31 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 10:31 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 10:31 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 10:31 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 10:31 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 10:32 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 10:31 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 10:31 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 10:31 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 10:31 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 10:31 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 10:31 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 10:31 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 21:04 220632 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 21:04 220632 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 21:04 220632 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2012-01-05 296984]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-02-22 1105488]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 291608]
"Abyssus"="c:\programy\Razer\Abyssus\razerhid.exe" [2011-03-10 231936]
"avast"="c:\programy\Avast\avastUI.exe" [2013-02-28 4767304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2012-12-10 338864]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-17 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc;c:\windows\SYSNATIVE\appdrvrem01.exe svc [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 DCDhcpService;DCDhcpService;c:\program files (x86)\Acer\WDAgent\DCDhcpService.exe;c:\program files (x86)\Acer\WDAgent\DCDhcpService.exe [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswRvrt;aswRvrt; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys;c:\windows\SYSNATIVE\Drivers\appdrv01.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/11/17 19:06];c:\programy\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl;c:\programy\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\programy\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys;c:\windows\SYSNATIVE\drivers\Abyssus.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys;c:\windows\SYSNATIVE\DRIVERS\VKbms.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 07:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 21:04 244696 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 21:04 244696 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 21:04 244696 ----a-w- c:\users\Michal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\programy\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michal\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-19 440600]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-14 12448872]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2012-02-02 576376]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-13 1020064]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-13 800416]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-07 1829768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\programy\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\programy\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
Celkový čas: 2013-10-04 19:31:15
ComboFix-quarantined-files.txt 2013-10-04 17:31
ComboFix2.txt 2013-09-28 10:24
.
Před spuštěním: Volných bajtů: 34 542 993 408
Po spuštění: Volných bajtů: 35 851 325 440
.
- - End Of File - - 376AC712938CE74BAEB8B6AC3D5F4EBB

Adw:

# AdwCleaner v3.005 - Report created 29/09/2013 at 01:00:00
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michal - Michal-PC
# Running from : C:\Users\Michal\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Application Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\savenshAree
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\YTD Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\Michal\AppData\Local\apn
Folder Deleted : C:\Users\Michal\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\Michal\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Michal\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Michal\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ffxtlbr@mysearchdial.com
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Michal\AppData\Local\mysearchdial.crx
File Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\mysearchdial
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8199 octets] - [21/09/2013 12:23:08]
AdwCleaner[R1].txt - [8151 octets] - [21/09/2013 12:26:37]
AdwCleaner[R2].txt - [7935 octets] - [29/09/2013 00:54:33]
AdwCleaner[S0].txt - [7056 octets] - [29/09/2013 01:00:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7116 octets] ##########
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola

#12 Příspěvek od Roli »

Fler píše: # AdwCleaner
# Option : Clean
A pak že to nepůjde :)


Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“