Zdravím, na stolním PC mi nejedou žádné stránky kromě některých od googlu (google search, gmail). Když dám diagnostiku řešení, vyhodí mi to "vzdálené zařízení nebo prostředek nepřijíma připojení". Soubor hosts jsem prošel, je tam jen localhost 127.0.0.1 jak má být, někde jsem četl že internetové připojení může blokovat antivir - projel jsem PC antivirem (MS Essentials) - nic nenašel, poté jsem odinstaloval - žádná změna. Spustil jsem v nouzovém režimu se sítí, žádná změna. Přikládám log z Hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:28, on 29.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:18562
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *origin.com;*ea.com;*akamaihd.net;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: (no name) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - (no file)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - (no file)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - (no file)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - (no file)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.66.2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - (no file)
O23 - Service: 74036d6ac0a9485.exe - Unknown owner - C:\Users\Sylva\AppData\Local\197f6067d7dc3defd0276d916ec69be7\74036d6ac0a9485.exe (file missing)
O23 - Service: a1d98c6ce829d82.exe - Unknown owner - C:\Users\Sylva\AppData\Local\25f1b30be79c03e6453be5e7d8d8fcdd\a1d98c6ce829d82.exe (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (file missing)
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (file missing)
O23 - Service: cb32ee736293399.exe - Unknown owner - C:\Users\Sylva\AppData\Local\96504deb1005a2eb231907d2e8ddd0b2\cb32ee736293399.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Windows Live Family Safety Service (fsssvc) - Unknown owner - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Unknown owner - C:\Program Files (x86)\Nero\Update\NASvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Unknown owner - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12164 bytes
děkuji za pomoc
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vzdálené zařízení nebo prostředek nepřijíma připojení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 . Je podrobnější, než HijackThis.
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 . Je podrobnější, než HijackThis.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Logfile of random's system information tool 1.10 (written by random/random)
Run by Sylva at 2014-09-29 21:27:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 326 GB (68%) free of 477 GB
Total RAM: 4073 MB (58% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2244
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
HydraDM64.exe -h:131412 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2188.0.269120848\359084668" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.100.17.0 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LANGMaster\com\cs-cz\DictDe_Cs\EasyLex.exe"
"C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE"
C:\Windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-565712b0-e14c-483e-a239-5c9b77beeba2 -SystemEventPortName:HostProcess-22f243cc-656d-4831-b436-4b075f4b3853 -IoCancelEventPortName:HostProcess-9958c1ba-9220-444f-b458-d2972045800d -NonStateChangingEventPortName:HostProcess-a16e90c7-3d6b-4aff-a247-eca65ac97000 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7f0c9529-c389-4678-9f25-4098cf5c27ef -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-09-25 885976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-25 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-03 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-09-25 710352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-03 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-05 11474024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-11-15 3093624]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-08-25 393216]
"GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailTray Activator]
C:\Program Files (x86)\EmailTray\bin\etactivator.exe -autorun -allusers []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastAccess Web Alert]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FATRY.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central 3]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [2011-04-08 503955]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Users\Sylva\AppData\Local\MediaGet2\mediaget.exe --minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE -b -l []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
Adobe Flash Player Updater.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
SA.DAT
SCHEDLGU.TXT
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-09-29 21:27:10 ----A---- C:\Program Files (x86)\RSITx64.exe
2014-09-29 21:23:38 ----D---- C:\rsit
2014-09-29 21:23:38 ----D---- C:\Program Files\trend micro
2014-09-29 21:07:22 ----D---- C:\Users\Sylva\AppData\Roaming\langmaster.com
2014-09-29 21:07:11 ----AD---- C:\ProgramData\TEMP
2014-09-29 21:06:55 ----D---- C:\Program Files (x86)\LANGMaster
2014-09-29 20:56:20 ----A---- C:\Windows\ntbtlog.txt
2014-09-24 18:07:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 18:07:43 ----A---- C:\Windows\system32\tzres.dll
2014-09-10 22:06:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-10 22:06:29 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 22:06:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 22:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 22:06:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 22:06:21 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 22:06:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 22:00:38 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-10 22:00:38 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 21:57:43 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-10 21:57:43 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-10 21:57:36 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-10 21:57:36 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-10 21:57:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 21:57:20 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 21:57:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 21:57:11 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 21:57:10 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-09-29 21:27:45 ----D---- C:\Windows\temp
2014-09-29 21:27:42 ----D---- C:\Windows\Prefetch
2014-09-29 21:27:10 ----RD---- C:\Program Files (x86)
2014-09-29 21:23:38 ----RD---- C:\Program Files
2014-09-29 21:07:27 ----D---- C:\Windows\System32
2014-09-29 21:07:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-29 21:07:26 ----D---- C:\Windows\inf
2014-09-29 21:07:11 ----D---- C:\ProgramData
2014-09-29 21:07:07 ----D---- C:\Program Files (x86)\Common Files
2014-09-29 21:00:35 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-29 21:00:13 ----D---- C:\Windows\system32\config
2014-09-29 20:59:34 ----SHD---- C:\Windows\Installer
2014-09-29 20:59:27 ----SD---- C:\ProgramData\Microsoft
2014-09-29 20:59:27 ----D---- C:\Windows\system32\drivers
2014-09-29 20:56:20 ----D---- C:\Windows
2014-09-29 20:45:02 ----D---- C:\Windows\system32\NDF
2014-09-28 11:53:31 ----D---- C:\Users\Sylva\AppData\Roaming\Skype
2014-09-28 10:26:30 ----SHD---- C:\System Volume Information
2014-09-27 21:40:13 ----D---- C:\Users\Sylva\AppData\Roaming\uTorrent
2014-09-27 20:59:48 ----D---- C:\Users\Sylva\AppData\Roaming\BSplayer
2014-09-27 12:53:20 ----D---- C:\Windows\system32\Tasks
2014-09-27 12:53:01 ----D---- C:\ProgramData\Skype
2014-09-25 23:31:55 ----D---- C:\Windows\rescache
2014-09-25 22:55:40 ----D---- C:\Windows\Microsoft.NET
2014-09-25 22:55:12 ----RSD---- C:\Windows\assembly
2014-09-25 19:39:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-09-25 19:39:03 ----D---- C:\Program Files\Microsoft Office 15
2014-09-24 22:00:49 ----D---- C:\Windows\winsxs
2014-09-24 22:00:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-24 22:00:39 ----D---- C:\Windows\SysWOW64
2014-09-24 22:00:39 ----D---- C:\Windows\system32\cs-CZ
2014-09-24 18:05:48 ----D---- C:\Windows\system32\catroot
2014-09-23 23:44:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-23 20:30:04 ----D---- C:\Users\Sylva\AppData\Roaming\Adobe
2014-09-23 15:27:59 ----D---- C:\Windows\system32\catroot2
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-10 22:24:58 ----D---- C:\Program Files\Internet Explorer
2014-09-10 22:24:57 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-10 22:24:57 ----D---- C:\Windows\system32\en-US
2014-09-10 22:24:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-10 22:09:33 ----D---- C:\ProgramData\Microsoft Help
2014-09-10 22:05:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-10 22:03:55 ----D---- C:\Windows\system32\MRT
2014-09-10 22:01:18 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 22:00:33 ----SD---- C:\Windows\system32\CompatTel
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-08 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-02-16 11612672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-02-16 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-01-15 96768]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-03-24 179648]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-10-05 2511464]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2010-08-02 31744]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RegFltrX64;RegFltrX64; \??\C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e\RegFltrX64.sys [2014-06-03 18064]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-02-16 240640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-12 2428088]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 74036d6ac0a9485.exe;74036d6ac0a9485.exe; C:\Users\Sylva\AppData\Local\197f6067d7dc3defd0276d916ec69be7\74036d6ac0a9485.exe []
S2 a1d98c6ce829d82.exe;a1d98c6ce829d82.exe; C:\Users\Sylva\AppData\Local\25f1b30be79c03e6453be5e7d8d8fcdd\a1d98c6ce829d82.exe []
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe []
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe []
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe []
S2 cb32ee736293399.exe;cb32ee736293399.exe; C:\Users\Sylva\AppData\Local\96504deb1005a2eb231907d2e8ddd0b2\cb32ee736293399.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-03-27 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe []
-----------------EOF-----------------
děkuji
Run by Sylva at 2014-09-29 21:27:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 326 GB (68%) free of 477 GB
Total RAM: 4073 MB (58% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2244
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
HydraDM64.exe -h:131412 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2188.0.269120848\359084668" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.100.17.0 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LANGMaster\com\cs-cz\DictDe_Cs\EasyLex.exe"
"C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE"
C:\Windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-565712b0-e14c-483e-a239-5c9b77beeba2 -SystemEventPortName:HostProcess-22f243cc-656d-4831-b436-4b075f4b3853 -IoCancelEventPortName:HostProcess-9958c1ba-9220-444f-b458-d2972045800d -NonStateChangingEventPortName:HostProcess-a16e90c7-3d6b-4aff-a247-eca65ac97000 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7f0c9529-c389-4678-9f25-4098cf5c27ef -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-09-25 885976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-25 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-03 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-09-25 710352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-03 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-05 11474024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-11-15 3093624]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-08-25 393216]
"GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailTray Activator]
C:\Program Files (x86)\EmailTray\bin\etactivator.exe -autorun -allusers []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastAccess Web Alert]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FATRY.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central 3]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [2011-04-08 503955]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Users\Sylva\AppData\Local\MediaGet2\mediaget.exe --minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE -b -l []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
Adobe Flash Player Updater.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
SA.DAT
SCHEDLGU.TXT
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-09-29 21:27:10 ----A---- C:\Program Files (x86)\RSITx64.exe
2014-09-29 21:23:38 ----D---- C:\rsit
2014-09-29 21:23:38 ----D---- C:\Program Files\trend micro
2014-09-29 21:07:22 ----D---- C:\Users\Sylva\AppData\Roaming\langmaster.com
2014-09-29 21:07:11 ----AD---- C:\ProgramData\TEMP
2014-09-29 21:06:55 ----D---- C:\Program Files (x86)\LANGMaster
2014-09-29 20:56:20 ----A---- C:\Windows\ntbtlog.txt
2014-09-24 18:07:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 18:07:43 ----A---- C:\Windows\system32\tzres.dll
2014-09-10 22:06:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-10 22:06:29 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 22:06:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 22:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 22:06:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 22:06:21 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 22:06:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 22:00:38 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-10 22:00:38 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 21:57:43 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-10 21:57:43 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-10 21:57:36 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-10 21:57:36 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-10 21:57:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 21:57:20 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 21:57:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 21:57:11 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 21:57:10 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-09-29 21:27:45 ----D---- C:\Windows\temp
2014-09-29 21:27:42 ----D---- C:\Windows\Prefetch
2014-09-29 21:27:10 ----RD---- C:\Program Files (x86)
2014-09-29 21:23:38 ----RD---- C:\Program Files
2014-09-29 21:07:27 ----D---- C:\Windows\System32
2014-09-29 21:07:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-29 21:07:26 ----D---- C:\Windows\inf
2014-09-29 21:07:11 ----D---- C:\ProgramData
2014-09-29 21:07:07 ----D---- C:\Program Files (x86)\Common Files
2014-09-29 21:00:35 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-29 21:00:13 ----D---- C:\Windows\system32\config
2014-09-29 20:59:34 ----SHD---- C:\Windows\Installer
2014-09-29 20:59:27 ----SD---- C:\ProgramData\Microsoft
2014-09-29 20:59:27 ----D---- C:\Windows\system32\drivers
2014-09-29 20:56:20 ----D---- C:\Windows
2014-09-29 20:45:02 ----D---- C:\Windows\system32\NDF
2014-09-28 11:53:31 ----D---- C:\Users\Sylva\AppData\Roaming\Skype
2014-09-28 10:26:30 ----SHD---- C:\System Volume Information
2014-09-27 21:40:13 ----D---- C:\Users\Sylva\AppData\Roaming\uTorrent
2014-09-27 20:59:48 ----D---- C:\Users\Sylva\AppData\Roaming\BSplayer
2014-09-27 12:53:20 ----D---- C:\Windows\system32\Tasks
2014-09-27 12:53:01 ----D---- C:\ProgramData\Skype
2014-09-25 23:31:55 ----D---- C:\Windows\rescache
2014-09-25 22:55:40 ----D---- C:\Windows\Microsoft.NET
2014-09-25 22:55:12 ----RSD---- C:\Windows\assembly
2014-09-25 19:39:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-09-25 19:39:03 ----D---- C:\Program Files\Microsoft Office 15
2014-09-24 22:00:49 ----D---- C:\Windows\winsxs
2014-09-24 22:00:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-24 22:00:39 ----D---- C:\Windows\SysWOW64
2014-09-24 22:00:39 ----D---- C:\Windows\system32\cs-CZ
2014-09-24 18:05:48 ----D---- C:\Windows\system32\catroot
2014-09-23 23:44:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-23 20:30:04 ----D---- C:\Users\Sylva\AppData\Roaming\Adobe
2014-09-23 15:27:59 ----D---- C:\Windows\system32\catroot2
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-10 22:24:58 ----D---- C:\Program Files\Internet Explorer
2014-09-10 22:24:57 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-10 22:24:57 ----D---- C:\Windows\system32\en-US
2014-09-10 22:24:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-10 22:09:33 ----D---- C:\ProgramData\Microsoft Help
2014-09-10 22:05:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-10 22:03:55 ----D---- C:\Windows\system32\MRT
2014-09-10 22:01:18 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 22:00:33 ----SD---- C:\Windows\system32\CompatTel
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-08 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-02-16 11612672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-02-16 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-01-15 96768]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-03-24 179648]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-10-05 2511464]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2010-08-02 31744]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RegFltrX64;RegFltrX64; \??\C:\Users\Sylva\AppData\Local\f4854413752793fb3b2b4b111f01418e\RegFltrX64.sys [2014-06-03 18064]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-02-16 240640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-12 2428088]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 74036d6ac0a9485.exe;74036d6ac0a9485.exe; C:\Users\Sylva\AppData\Local\197f6067d7dc3defd0276d916ec69be7\74036d6ac0a9485.exe []
S2 a1d98c6ce829d82.exe;a1d98c6ce829d82.exe; C:\Users\Sylva\AppData\Local\25f1b30be79c03e6453be5e7d8d8fcdd\a1d98c6ce829d82.exe []
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe []
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe []
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe []
S2 cb32ee736293399.exe;cb32ee736293399.exe; C:\Users\Sylva\AppData\Local\96504deb1005a2eb231907d2e8ddd0b2\cb32ee736293399.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-03-27 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe []
-----------------EOF-----------------
děkuji
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
# AdwCleaner v3.310 - Report created 29/09/2014 at 21:42:13
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sylva - SYLVA-PC
# Running from : C:\Users\Sylva\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : RegFltrX64
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Mozilla Firefox v4.0.1 (cs)
-\\ Google Chrome v37.0.2062.124
[ File : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=2DACD6E6-4CDC-4952-8508-17445BAD40F1&apn_sauid=4306BE1B-1D96-4ACC-A2C4-B8E6010A31AB
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=120812_bandext_3312_3&babsrc=SP_ss&mntrId=84af746000000000000000ff2850d649
*************************
AdwCleaner[R0].txt - [10289 octets] - [08/06/2014 17:34:47]
AdwCleaner[R1].txt - [1574 octets] - [29/09/2014 21:41:37]
AdwCleaner[S0].txt - [10773 octets] - [08/06/2014 17:36:40]
AdwCleaner[S1].txt - [2106 octets] - [29/09/2014 21:42:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2166 octets] ##########
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sylva - SYLVA-PC
# Running from : C:\Users\Sylva\Desktop\adwcleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : RegFltrX64
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Mozilla Firefox v4.0.1 (cs)
-\\ Google Chrome v37.0.2062.124
[ File : C:\Users\Sylva\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=2DACD6E6-4CDC-4952-8508-17445BAD40F1&apn_sauid=4306BE1B-1D96-4ACC-A2C4-B8E6010A31AB
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=120812_bandext_3312_3&babsrc=SP_ss&mntrId=84af746000000000000000ff2850d649
*************************
AdwCleaner[R0].txt - [10289 octets] - [08/06/2014 17:34:47]
AdwCleaner[R1].txt - [1574 octets] - [29/09/2014 21:41:37]
AdwCleaner[S0].txt - [10773 octets] - [08/06/2014 17:36:40]
AdwCleaner[S1].txt - [2106 octets] - [29/09/2014 21:42:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2166 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Logfile of random's system information tool 1.10 (written by random/random)
Run by Sylva at 2014-09-29 22:10:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 326 GB (68%) free of 477 GB
Total RAM: 4073 MB (65% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2144
HydraDM64.exe -h:65840 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1388.0.2045330403\611143065" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.100.17.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\LANGMaster\com\cs-cz\DictDe_Cs\EasyLex.exe"
"C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5af6edca-54c5-4536-9869-6149ef82be8d -SystemEventPortName:HostProcess-ce249fa9-51c9-4539-be59-37213e1b525f -IoCancelEventPortName:HostProcess-9977bb19-1408-4ea9-90e3-a119b6885481 -NonStateChangingEventPortName:HostProcess-cd093272-7c5f-4617-a09a-de78e3164b4d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9c14df8b-3986-4101-ba82-cf409486d59f -DeviceGroupId:WpdFsGroup
taskhost.exe "c:\program files\windows defender\MpCmdRun.exe" -IdleTask -TaskName MpIdleTask
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files (x86)\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-09-25 885976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-25 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-03 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-09-25 710352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-03 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-05 11474024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-11-15 3093624]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-08-25 393216]
"GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailTray Activator]
C:\Program Files (x86)\EmailTray\bin\etactivator.exe -autorun -allusers []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastAccess Web Alert]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FATRY.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central 3]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [2011-04-08 503955]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Users\Sylva\AppData\Local\MediaGet2\mediaget.exe --minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE -b -l []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
Adobe Flash Player Updater.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
SA.DAT
SCHEDLGU.TXT
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-09-29 21:27:10 ----A---- C:\Program Files (x86)\RSITx64.exe
2014-09-29 21:23:38 ----D---- C:\rsit
2014-09-29 21:23:38 ----D---- C:\Program Files\trend micro
2014-09-29 21:07:22 ----D---- C:\Users\Sylva\AppData\Roaming\langmaster.com
2014-09-29 21:07:11 ----AD---- C:\ProgramData\TEMP
2014-09-29 21:06:55 ----D---- C:\Program Files (x86)\LANGMaster
2014-09-29 20:56:20 ----A---- C:\Windows\ntbtlog.txt
2014-09-24 18:07:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 18:07:43 ----A---- C:\Windows\system32\tzres.dll
2014-09-10 22:06:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-10 22:06:29 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 22:06:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 22:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 22:06:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 22:06:21 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 22:06:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 22:00:38 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-10 22:00:38 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 21:57:43 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-10 21:57:43 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-10 21:57:36 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-10 21:57:36 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-10 21:57:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 21:57:20 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 21:57:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 21:57:11 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 21:57:10 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-09-29 22:10:19 ----D---- C:\Windows\temp
2014-09-29 22:07:16 ----D---- C:\Windows\Prefetch
2014-09-29 21:57:59 ----D---- C:\Windows\system32\config
2014-09-29 21:46:46 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-29 21:42:15 ----D---- C:\AdwCleaner
2014-09-29 21:27:10 ----RD---- C:\Program Files (x86)
2014-09-29 21:23:38 ----RD---- C:\Program Files
2014-09-29 21:07:27 ----D---- C:\Windows\System32
2014-09-29 21:07:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-29 21:07:26 ----D---- C:\Windows\inf
2014-09-29 21:07:11 ----D---- C:\ProgramData
2014-09-29 21:07:07 ----D---- C:\Program Files (x86)\Common Files
2014-09-29 20:59:34 ----SHD---- C:\Windows\Installer
2014-09-29 20:59:27 ----SD---- C:\ProgramData\Microsoft
2014-09-29 20:59:27 ----D---- C:\Windows\system32\drivers
2014-09-29 20:56:20 ----D---- C:\Windows
2014-09-29 20:45:02 ----D---- C:\Windows\system32\NDF
2014-09-28 11:53:31 ----D---- C:\Users\Sylva\AppData\Roaming\Skype
2014-09-28 10:26:30 ----SHD---- C:\System Volume Information
2014-09-27 21:40:13 ----D---- C:\Users\Sylva\AppData\Roaming\uTorrent
2014-09-27 20:59:48 ----D---- C:\Users\Sylva\AppData\Roaming\BSplayer
2014-09-27 12:53:20 ----D---- C:\Windows\system32\Tasks
2014-09-27 12:53:01 ----D---- C:\ProgramData\Skype
2014-09-25 23:31:55 ----D---- C:\Windows\rescache
2014-09-25 22:55:40 ----D---- C:\Windows\Microsoft.NET
2014-09-25 22:55:12 ----RSD---- C:\Windows\assembly
2014-09-25 19:39:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-09-25 19:39:03 ----D---- C:\Program Files\Microsoft Office 15
2014-09-24 22:00:49 ----D---- C:\Windows\winsxs
2014-09-24 22:00:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-24 22:00:39 ----D---- C:\Windows\SysWOW64
2014-09-24 22:00:39 ----D---- C:\Windows\system32\cs-CZ
2014-09-24 18:05:48 ----D---- C:\Windows\system32\catroot
2014-09-23 23:44:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-23 20:30:04 ----D---- C:\Users\Sylva\AppData\Roaming\Adobe
2014-09-23 15:27:59 ----D---- C:\Windows\system32\catroot2
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-10 22:24:58 ----D---- C:\Program Files\Internet Explorer
2014-09-10 22:24:57 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-10 22:24:57 ----D---- C:\Windows\system32\en-US
2014-09-10 22:24:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-10 22:09:33 ----D---- C:\ProgramData\Microsoft Help
2014-09-10 22:05:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-10 22:03:55 ----D---- C:\Windows\system32\MRT
2014-09-10 22:01:18 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 22:00:33 ----SD---- C:\Windows\system32\CompatTel
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-08 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-02-16 11612672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-02-16 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-01-15 96768]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-03-24 179648]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-10-05 2511464]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2010-08-02 31744]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-02-16 240640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-12 2428088]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 74036d6ac0a9485.exe;74036d6ac0a9485.exe; C:\Users\Sylva\AppData\Local\197f6067d7dc3defd0276d916ec69be7\74036d6ac0a9485.exe []
S2 a1d98c6ce829d82.exe;a1d98c6ce829d82.exe; C:\Users\Sylva\AppData\Local\25f1b30be79c03e6453be5e7d8d8fcdd\a1d98c6ce829d82.exe []
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe []
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe []
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe []
S2 cb32ee736293399.exe;cb32ee736293399.exe; C:\Users\Sylva\AppData\Local\96504deb1005a2eb231907d2e8ddd0b2\cb32ee736293399.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-03-27 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe []
-----------------EOF-----------------
Run by Sylva at 2014-09-29 22:10:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 326 GB (68%) free of 477 GB
Total RAM: 4073 MB (65% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2144
HydraDM64.exe -h:65840 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1388.0.2045330403\611143065" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x683f --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.100.17.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\LANGMaster\com\cs-cz\DictDe_Cs\EasyLex.exe"
"C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5af6edca-54c5-4536-9869-6149ef82be8d -SystemEventPortName:HostProcess-ce249fa9-51c9-4539-be59-37213e1b525f -IoCancelEventPortName:HostProcess-9977bb19-1408-4ea9-90e3-a119b6885481 -NonStateChangingEventPortName:HostProcess-cd093272-7c5f-4617-a09a-de78e3164b4d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9c14df8b-3986-4101-ba82-cf409486d59f -DeviceGroupId:WpdFsGroup
taskhost.exe "c:\program files\windows defender\MpCmdRun.exe" -IdleTask -TaskName MpIdleTask
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files (x86)\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job - C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-09-25 885976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-25 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-03 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-09-25 710352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-03 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-05 11474024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-11-15 3093624]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-08-25 393216]
"GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailTray Activator]
C:\Program Files (x86)\EmailTray\bin\etactivator.exe -autorun -allusers []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Sylva\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastAccess Web Alert]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FATRY.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_7472D2282A9AD5FE2D061499B8CFC4CC]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-09-23 852808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central 3]
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [2011-04-08 503955]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Users\Sylva\AppData\Local\MediaGet2\mediaget.exe --minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE -b -l []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-02-16 642656]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
Adobe Flash Player Updater.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job
FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
SA.DAT
SCHEDLGU.TXT
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-09-29 21:27:10 ----A---- C:\Program Files (x86)\RSITx64.exe
2014-09-29 21:23:38 ----D---- C:\rsit
2014-09-29 21:23:38 ----D---- C:\Program Files\trend micro
2014-09-29 21:07:22 ----D---- C:\Users\Sylva\AppData\Roaming\langmaster.com
2014-09-29 21:07:11 ----AD---- C:\ProgramData\TEMP
2014-09-29 21:06:55 ----D---- C:\Program Files (x86)\LANGMaster
2014-09-29 20:56:20 ----A---- C:\Windows\ntbtlog.txt
2014-09-24 18:07:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 18:07:43 ----A---- C:\Windows\system32\tzres.dll
2014-09-10 22:06:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-10 22:06:29 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 22:06:28 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 22:06:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 22:06:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 22:06:27 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 22:06:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 22:06:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 22:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 22:06:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 22:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 22:06:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 22:06:22 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 22:06:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 22:06:21 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 22:06:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 22:00:38 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-10 22:00:38 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 21:57:43 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-10 21:57:43 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-10 21:57:36 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-10 21:57:36 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-10 21:57:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 21:57:20 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-10 21:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 21:57:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 21:57:11 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 21:57:10 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-09-29 22:10:19 ----D---- C:\Windows\temp
2014-09-29 22:07:16 ----D---- C:\Windows\Prefetch
2014-09-29 21:57:59 ----D---- C:\Windows\system32\config
2014-09-29 21:46:46 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-29 21:42:15 ----D---- C:\AdwCleaner
2014-09-29 21:27:10 ----RD---- C:\Program Files (x86)
2014-09-29 21:23:38 ----RD---- C:\Program Files
2014-09-29 21:07:27 ----D---- C:\Windows\System32
2014-09-29 21:07:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-29 21:07:26 ----D---- C:\Windows\inf
2014-09-29 21:07:11 ----D---- C:\ProgramData
2014-09-29 21:07:07 ----D---- C:\Program Files (x86)\Common Files
2014-09-29 20:59:34 ----SHD---- C:\Windows\Installer
2014-09-29 20:59:27 ----SD---- C:\ProgramData\Microsoft
2014-09-29 20:59:27 ----D---- C:\Windows\system32\drivers
2014-09-29 20:56:20 ----D---- C:\Windows
2014-09-29 20:45:02 ----D---- C:\Windows\system32\NDF
2014-09-28 11:53:31 ----D---- C:\Users\Sylva\AppData\Roaming\Skype
2014-09-28 10:26:30 ----SHD---- C:\System Volume Information
2014-09-27 21:40:13 ----D---- C:\Users\Sylva\AppData\Roaming\uTorrent
2014-09-27 20:59:48 ----D---- C:\Users\Sylva\AppData\Roaming\BSplayer
2014-09-27 12:53:20 ----D---- C:\Windows\system32\Tasks
2014-09-27 12:53:01 ----D---- C:\ProgramData\Skype
2014-09-25 23:31:55 ----D---- C:\Windows\rescache
2014-09-25 22:55:40 ----D---- C:\Windows\Microsoft.NET
2014-09-25 22:55:12 ----RSD---- C:\Windows\assembly
2014-09-25 19:39:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-09-25 19:39:03 ----D---- C:\Program Files\Microsoft Office 15
2014-09-24 22:00:49 ----D---- C:\Windows\winsxs
2014-09-24 22:00:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-24 22:00:39 ----D---- C:\Windows\SysWOW64
2014-09-24 22:00:39 ----D---- C:\Windows\system32\cs-CZ
2014-09-24 18:05:48 ----D---- C:\Windows\system32\catroot
2014-09-23 23:44:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-23 20:30:04 ----D---- C:\Users\Sylva\AppData\Roaming\Adobe
2014-09-23 15:27:59 ----D---- C:\Windows\system32\catroot2
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-10 22:24:58 ----D---- C:\Program Files\Internet Explorer
2014-09-10 22:24:57 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-10 22:24:57 ----D---- C:\Windows\system32\en-US
2014-09-10 22:24:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-10 22:09:33 ----D---- C:\ProgramData\Microsoft Help
2014-09-10 22:05:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-10 22:03:55 ----D---- C:\Windows\system32\MRT
2014-09-10 22:01:18 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 22:00:33 ----SD---- C:\Windows\system32\CompatTel
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-08 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-02-16 11612672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-02-16 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-01-15 96768]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-03-24 179648]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-10-05 2511464]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys [2010-08-02 31744]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-02-16 240640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-08-12 2428088]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 74036d6ac0a9485.exe;74036d6ac0a9485.exe; C:\Users\Sylva\AppData\Local\197f6067d7dc3defd0276d916ec69be7\74036d6ac0a9485.exe []
S2 a1d98c6ce829d82.exe;a1d98c6ce829d82.exe; C:\Users\Sylva\AppData\Local\25f1b30be79c03e6453be5e7d8d8fcdd\a1d98c6ce829d82.exe []
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe []
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe []
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe []
S2 cb32ee736293399.exe;cb32ee736293399.exe; C:\Users\Sylva\AppData\Local\96504deb1005a2eb231907d2e8ddd0b2\cb32ee736293399.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-03-27 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe []
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\Skype\Toolbars
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
:services
74036d6ac0a9485.exe
a1d98c6ce829d82.exe
cb32ee736293399.exe
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
All processes killed
========== FILES ==========
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21A88CB9-84D2-4020-A2D1-B25A21034884}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
========== SERVICES/DRIVERS ==========
Service 74036d6ac0a9485.exe stopped successfully!
Service 74036d6ac0a9485.exe deleted successfully!
Service a1d98c6ce829d82.exe stopped successfully!
Service a1d98c6ce829d82.exe deleted successfully!
Service cb32ee736293399.exe stopped successfully!
Service cb32ee736293399.exe deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Sylva
->Temp folder emptied: 34656716 bytes
->Temporary Internet Files folder emptied: 232751840 bytes
->Java cache emptied: 280518 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 6952476 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 4665 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 856663 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 166002940 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 7231502770 bytes
Total Files Cleaned = 7 318,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Sylva
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 09302014_170252
Files moved on Reboot...
C:\Users\Sylva\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sylva\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\officeclicktorun.exe_c2ruidll(20140930170006750).log not found!
File C:\Windows\temp\officeclicktorun.exe_streamserver(20140930170006750).log not found!
C:\Windows\temp\SYLVA-PC-20140930-1700.log moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
========== FILES ==========
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3667430092-2908953777-461473442-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21A88CB9-84D2-4020-A2D1-B25A21034884}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
========== SERVICES/DRIVERS ==========
Service 74036d6ac0a9485.exe stopped successfully!
Service 74036d6ac0a9485.exe deleted successfully!
Service a1d98c6ce829d82.exe stopped successfully!
Service a1d98c6ce829d82.exe deleted successfully!
Service cb32ee736293399.exe stopped successfully!
Service cb32ee736293399.exe deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Sylva
->Temp folder emptied: 34656716 bytes
->Temporary Internet Files folder emptied: 232751840 bytes
->Java cache emptied: 280518 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 6952476 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 4665 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 856663 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 166002940 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 7231502770 bytes
Total Files Cleaned = 7 318,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Sylva
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 09302014_170252
Files moved on Reboot...
C:\Users\Sylva\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sylva\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\officeclicktorun.exe_c2ruidll(20140930170006750).log not found!
File C:\Windows\temp\officeclicktorun.exe_streamserver(20140930170006750).log not found!
C:\Windows\temp\SYLVA-PC-20140930-1700.log moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Nyní jsem bez přístupu k počítači - dostanu se k němu až v pondělí. Můžete mi poté, prosím, pomoct a teď neuzavírat téma? děkuji
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vzdálené zařízení nebo prostředek nepřijíma připojení
Uzavírat určitě nebudu a pokud mne něco nepřejede, budu tu i příští týden. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?