Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zavirovany pocitac

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#16 Příspěvek od Rudy »

Všechny nálezy MBAM smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#17 Příspěvek od Rhonwyn »

hotovo
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#18 Příspěvek od Rudy »

Pokud je vše v pořádku, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#19 Příspěvek od Rhonwyn »

moc dekujeme:) Pry uz jim nikde nic nevyskakuje. Jste jednička:)

Muzete se prosim kouknout jeste na log z meho notasu? prijde mi ze mam velke vyuziti procesoru i kdyz jsem jenom na internetu, a jestli se muzete podivat jestli tam taky nemam nejaky binec. dekuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ladinek at 2014-11-06 22:14:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 59 GB (13%) free of 461 GB
Total RAM: 4044 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:14:50, on 6.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySQLNotifier.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ladinek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: outobox - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files (x86)\outobox\outoboxBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd/In ... ct1263.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.15.0.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL55 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update outobox - Unknown owner - C:\Program Files (x86)\outobox\updateoutobox.exe
O23 - Service: Util outobox - Unknown owner - C:\Program Files (x86)\outobox\bin\utiloutobox.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10070 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.5\my.ini" MySQL55
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\TightVNC\tvnserver.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 1032
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
"C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySQLNotifier.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\outobox\updateoutobox.exe"
"C:\Program Files (x86)\outobox\bin\utiloutobox.exe"
taskhost.exe $(Arg0)
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ladinek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30f06672-0e95-41a9-80cb-dee386af99ad}]
outobox - C:\Program Files (x86)\outobox\outoboxBHO.dll [2014-02-27 249624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 2179056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MySQL Notifier"=C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [2013-07-05 762368]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-01 343168]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-12 204136]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-10-27 3835728]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi3"=wdmaud.drv
"aux3"=wdmaud.drv
"midi4"=wdmaud.drv
"aux4"=wdmaud.drv
"midi5"=wdmaud.drv
"aux5"=wdmaud.drv
"midi6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-06 22:08:10 ----D---- C:\Program Files\trend micro
2014-11-06 22:08:09 ----D---- C:\rsit
2014-11-01 23:57:59 ----D---- C:\Users\Ladinek\AppData\Roaming\FFsplit
2014-11-01 23:46:35 ----D---- C:\Program Files\OBS
2014-11-01 23:46:33 ----D---- C:\Program Files (x86)\OBS
2014-11-01 23:36:40 ----D---- C:\Users\Ladinek\AppData\Roaming\SorensonMedia
2014-11-01 23:25:26 ----D---- C:\Program Files (x86)\QuickTime
2014-10-28 08:48:04 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-10-27 21:30:54 ----D---- C:\ProgramData\Kaspersky Lab
2014-10-27 21:22:07 ----A---- C:\TDSSKiller.3.0.0.40_27.10.2014_21.22.07_log.txt
2014-10-25 16:31:37 ----D---- C:\Users\Ladinek\AppData\Roaming\Trove
2014-10-18 22:29:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-10-18 22:28:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-10-18 22:28:52 ----A---- C:\Windows\SYSWOW64\java.exe
2014-10-18 00:02:28 ----D---- C:\ProgramData\GalaxyClient
2014-10-18 00:02:28 ----D---- C:\Program Files (x86)\GalaxyClient
2014-10-14 18:43:21 ----A---- C:\Windows\system32\generaltel.dll
2014-10-14 18:43:21 ----A---- C:\Windows\system32\aepdu.dll
2014-10-14 18:43:21 ----A---- C:\Windows\system32\aeinv.dll
2014-10-14 18:43:06 ----A---- C:\Windows\system32\win32k.sys
2014-10-14 18:43:02 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-14 18:43:02 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\mscories.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\mscorier.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\dfshim.dll
2014-10-14 18:43:01 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-14 18:41:53 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-14 18:41:53 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-14 18:41:53 ----A---- C:\Windows\system32\blackbox.dll
2014-10-14 18:41:51 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-14 18:41:47 ----A---- C:\Windows\system32\wmp.dll
2014-10-14 18:41:44 ----A---- C:\Windows\system32\mf.dll
2014-10-14 18:41:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-14 18:41:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-14 18:41:40 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-14 18:41:39 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-14 18:41:35 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-14 18:41:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-14 18:41:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-14 18:41:34 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-14 18:41:34 ----A---- C:\Windows\system32\ci.dll
2014-10-14 18:41:33 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-14 18:41:31 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-14 18:41:30 ----A---- C:\Windows\system32\quartz.dll
2014-10-14 18:41:29 ----A---- C:\Windows\system32\winresume.exe
2014-10-14 18:41:29 ----A---- C:\Windows\system32\winload.exe
2014-10-14 18:41:28 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-14 18:41:28 ----A---- C:\Windows\system32\wintrust.dll
2014-10-14 18:41:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-14 18:41:28 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-14 18:41:27 ----A---- C:\Windows\system32\evr.dll
2014-10-14 18:41:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-14 18:41:23 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-14 18:41:23 ----A---- C:\Windows\system32\EncDump.dll
2014-10-14 18:41:23 ----A---- C:\Windows\system32\crypt32.dll
2014-10-14 18:41:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-14 18:41:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-14 18:41:22 ----A---- C:\Windows\system32\cryptui.dll
2014-10-14 18:41:22 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-14 18:41:21 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-14 18:41:21 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-14 18:41:21 ----A---- C:\Windows\system32\mfplat.dll
2014-10-14 18:41:21 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-14 18:41:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-14 18:41:19 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-14 18:41:19 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-14 18:41:19 ----A---- C:\Windows\system32\srcore.dll
2014-10-14 18:41:19 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-14 18:41:17 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-14 18:41:16 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-14 18:41:16 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-14 18:41:16 ----A---- C:\Windows\system32\msscp.dll
2014-10-14 18:41:14 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-14 18:41:13 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-14 18:41:13 ----A---- C:\Windows\system32\rstrui.exe
2014-10-14 18:41:13 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-14 18:41:13 ----A---- C:\Windows\system32\appidapi.dll
2014-10-14 18:41:12 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-14 18:41:12 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-14 18:41:12 ----A---- C:\Windows\system32\audiodg.exe
2014-10-14 18:41:11 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-14 18:41:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-14 18:41:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-14 18:41:09 ----A---- C:\Windows\system32\mfps.dll
2014-10-14 18:41:06 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-14 18:41:04 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 18:41:03 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-14 18:41:02 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-14 18:41:00 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-14 18:40:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-14 18:40:59 ----A---- C:\Windows\system32\srclient.dll
2014-10-14 18:40:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 18:40:55 ----A---- C:\Windows\system32\spwmp.dll
2014-10-14 18:40:54 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-14 18:40:54 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-14 18:40:54 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-14 18:40:50 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-14 18:40:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-14 18:40:50 ----A---- C:\Windows\system32\mferror.dll
2014-10-14 18:40:47 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-14 18:39:44 ----A---- C:\Windows\system32\msi.dll
2014-10-14 18:39:42 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-14 18:39:34 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-14 18:39:34 ----A---- C:\Windows\system32\rastls.dll
2014-10-14 18:39:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-14 18:39:20 ----A---- C:\Windows\system32\mstscax.dll
2014-10-14 18:39:19 ----A---- C:\Windows\system32\mstsc.exe
2014-10-14 18:39:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-14 18:39:18 ----A---- C:\Windows\system32\termsrv.dll
2014-10-14 18:39:16 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\winsta.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-14 18:39:15 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-14 18:39:15 ----A---- C:\Windows\system32\winlogon.exe
2014-10-14 18:39:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-14 18:39:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-14 18:39:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-14 18:39:14 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-14 18:39:14 ----A---- C:\Windows\system32\credssp.dll
2014-10-14 18:38:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-14 18:38:12 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-06 22:14:50 ----D---- C:\Windows\Temp
2014-11-06 22:14:04 ----D---- C:\Windows\Prefetch
2014-11-06 22:08:10 ----RD---- C:\Program Files
2014-11-06 17:55:49 ----SHD---- C:\System Volume Information
2014-11-06 15:52:37 ----D---- C:\Users\Ladinek\AppData\Roaming\vlc
2014-11-06 14:59:22 ----D---- C:\Users\Ladinek\AppData\Roaming\uTorrent
2014-11-06 14:39:11 ----D---- C:\Windows\system32\config
2014-11-06 00:48:52 ----D---- C:\Windows\System32
2014-11-06 00:48:52 ----D---- C:\Windows\inf
2014-11-06 00:48:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-06 00:41:58 ----D---- C:\Windows
2014-11-06 00:34:27 ----D---- C:\Users\Ladinek\AppData\Roaming\TeamViewer
2014-11-06 00:34:27 ----D---- C:\Program Files (x86)\Steam
2014-11-05 20:12:17 ----D---- C:\Windows\system32\Tasks
2014-11-05 11:16:29 ----D---- C:\Windows\Logs
2014-11-03 21:38:46 ----SHD---- C:\Windows\Installer
2014-11-02 00:04:12 ----RD---- C:\Program Files (x86)
2014-11-01 23:57:47 ----HD---- C:\Windows\msdownld.tmp
2014-11-01 23:57:45 ----D---- C:\Windows\SYSWOW64\directx
2014-11-01 23:40:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 23:40:47 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-01 23:40:47 ----D---- C:\Windows\SysWOW64
2014-11-01 23:39:13 ----D---- C:\Program Files\CCleaner
2014-11-01 23:30:49 ----D---- C:\Windows\winsxs
2014-11-01 23:25:50 ----D---- C:\Program Files\Internet Explorer
2014-10-30 23:01:13 ----D---- C:\Windows\system32\NDF
2014-10-29 18:25:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 21:57:28 ----D---- C:\Windows\system32\drivers
2014-10-27 21:30:54 ----HD---- C:\ProgramData
2014-10-26 15:23:53 ----D---- C:\Users\Ladinek\AppData\Roaming\Seznam.cz
2014-10-26 15:23:35 ----D---- C:\Program Files (x86)\Seznam.cz
2014-10-25 09:51:43 ----RSD---- C:\Windows\assembly
2014-10-22 18:32:47 ----D---- C:\Program Files (x86)\Adobe
2014-10-20 21:57:37 ----D---- C:\Program Files (x86)\Google
2014-10-20 21:56:49 ----D---- C:\Windows\Tasks
2014-10-20 21:49:36 ----D---- C:\Program Files (x86)\MyFreeCams
2014-10-18 22:29:17 ----D---- C:\ProgramData\Oracle
2014-10-18 22:29:11 ----D---- C:\Program Files (x86)\Common Files
2014-10-18 22:28:51 ----D---- C:\Program Files (x86)\Java
2014-10-18 22:06:59 ----D---- C:\Users\Ladinek\AppData\Roaming\Adobe
2014-10-18 21:44:27 ----D---- C:\ProgramData\Skype
2014-10-18 21:42:23 ----D---- C:\Program Files (x86)\OpenVPN Technologies
2014-10-18 21:41:56 ----D---- C:\Program Files\OpenVPN
2014-10-18 21:39:04 ----D---- C:\Program Files (x86)\DTK Software
2014-10-18 21:36:59 ----D---- C:\Users\Ladinek\AppData\Roaming\DAEMON Tools Lite
2014-10-18 21:35:46 ----D---- C:\Windows\Minidump
2014-10-18 21:35:46 ----D---- C:\Windows\debug
2014-10-18 00:12:31 ----D---- C:\ProgramData\Package Cache
2014-10-18 00:02:36 ----D---- C:\GOG Games
2014-10-15 17:27:42 ----D---- C:\Windows\rescache
2014-10-15 16:58:32 ----D---- C:\Windows\Microsoft.NET
2014-10-15 14:13:51 ----D---- C:\Windows\system32\catroot2
2014-10-15 14:04:43 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 14:04:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 14:04:43 ----D---- C:\Program Files\Windows Media Player
2014-10-15 14:04:43 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 14:04:42 ----D---- C:\Windows\system32\Dism
2014-10-15 14:04:41 ----D---- C:\Windows\system32\en-US
2014-10-15 14:04:41 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 14:04:39 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 14:04:39 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 14:04:39 ----D---- C:\Windows\system32\Boot
2014-10-14 21:26:28 ----D---- C:\Windows\system32\MRT
2014-10-14 21:20:26 ----A---- C:\Windows\system32\MRT.exe
2014-10-14 18:38:38 ----D---- C:\Windows\system32\catroot
2014-10-12 18:20:01 ----D---- C:\Games
2014-10-11 09:01:47 ----D---- C:\Users\Ladinek\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-30 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-30 9981952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-30 310272]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-07-01 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2013-07-25 79592]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2013-07-25 86376]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\Windows\system32\DRIVERS\ptun0901.sys [2014-03-10 40664]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-02-22 160256]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-30 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-10-27 2529616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 MySQL55;MySQL55; C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\ProgramData\MySQL\MySQL Server 5.5\my.ini MySQL55 []
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 2179056]
R2 Update outobox;Update outobox; C:\Program Files (x86)\outobox\updateoutobox.exe [2014-11-06 525544]
R2 Util outobox;Util outobox; C:\Program Files (x86)\outobox\bin\utiloutobox.exe [2014-11-06 525544]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-29 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-08-09 279024]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-11-21 131912]
S3 GalaxyService;GalaxyService; C:\Program Files (x86)\GalaxyClient\GalaxyService.exe [2014-09-18 2191648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-16 119408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#20 Příspěvek od Rudy »

Spusťte tuto utlitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#21 Příspěvek od Rhonwyn »

# AdwCleaner v3.311 - Report created 06/11/2014 at 22:23:30
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ladinek - LADINEK-NOTAS
# Running from : C:\Users\Ladinek\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update outobox
[#] Service Deleted : Util outobox

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\outobox
File Deleted : C:\Windows\System32\drivers\wStLibG64.sys

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1EB0A0B0-CABB-495C-A85A-7C8F891799C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\outobox
Key Deleted : HKLM\SOFTWARE\outobox
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\outobox

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Google Chrome v38.0.2125.111

[ File : C:\Users\Ladinek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3098 octets] - [06/11/2014 22:22:32]
AdwCleaner[S0].txt - [2907 octets] - [06/11/2014 22:23:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2967 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#22 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#23 Příspěvek od Rhonwyn »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ladinek at 2014-11-06 23:39:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 59 GB (13%) free of 461 GB
Total RAM: 4044 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:39:47, on 6.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySQLNotifier.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\trend micro\Ladinek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd/In ... ct1263.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.15.0.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL55 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9705 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.5\my.ini" MySQL55
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\TightVNC\tvnserver.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 1020
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
"C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySQLNotifier.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ladinek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 2179056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MySQL Notifier"=C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [2013-07-05 762368]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-01 343168]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-12 204136]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-10-27 3835728]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi3"=wdmaud.drv
"aux3"=wdmaud.drv
"midi4"=wdmaud.drv
"aux4"=wdmaud.drv
"midi5"=wdmaud.drv
"aux5"=wdmaud.drv
"midi6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-06 22:23:11 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-11-06 22:22:25 ----D---- C:\AdwCleaner
2014-11-06 22:08:10 ----D---- C:\Program Files\trend micro
2014-11-06 22:08:09 ----D---- C:\rsit
2014-11-01 23:57:59 ----D---- C:\Users\Ladinek\AppData\Roaming\FFsplit
2014-11-01 23:46:35 ----D---- C:\Program Files\OBS
2014-11-01 23:46:33 ----D---- C:\Program Files (x86)\OBS
2014-11-01 23:36:40 ----D---- C:\Users\Ladinek\AppData\Roaming\SorensonMedia
2014-11-01 23:25:26 ----D---- C:\Program Files (x86)\QuickTime
2014-10-28 08:48:04 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-10-27 21:30:54 ----D---- C:\ProgramData\Kaspersky Lab
2014-10-27 21:22:07 ----A---- C:\TDSSKiller.3.0.0.40_27.10.2014_21.22.07_log.txt
2014-10-25 16:31:37 ----D---- C:\Users\Ladinek\AppData\Roaming\Trove
2014-10-18 22:29:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-10-18 22:28:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-10-18 22:28:52 ----A---- C:\Windows\SYSWOW64\java.exe
2014-10-18 00:02:28 ----D---- C:\ProgramData\GalaxyClient
2014-10-18 00:02:28 ----D---- C:\Program Files (x86)\GalaxyClient
2014-10-14 18:43:21 ----A---- C:\Windows\system32\generaltel.dll
2014-10-14 18:43:21 ----A---- C:\Windows\system32\aepdu.dll
2014-10-14 18:43:21 ----A---- C:\Windows\system32\aeinv.dll
2014-10-14 18:43:06 ----A---- C:\Windows\system32\win32k.sys
2014-10-14 18:43:02 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-14 18:43:02 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\mscories.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\mscorier.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\dfshim.dll
2014-10-14 18:43:01 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-14 18:41:53 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-14 18:41:53 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-14 18:41:53 ----A---- C:\Windows\system32\blackbox.dll
2014-10-14 18:41:51 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-14 18:41:47 ----A---- C:\Windows\system32\wmp.dll
2014-10-14 18:41:44 ----A---- C:\Windows\system32\mf.dll
2014-10-14 18:41:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-14 18:41:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-14 18:41:40 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-14 18:41:39 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-14 18:41:35 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-14 18:41:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-14 18:41:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-14 18:41:34 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-14 18:41:34 ----A---- C:\Windows\system32\ci.dll
2014-10-14 18:41:33 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-14 18:41:31 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-14 18:41:30 ----A---- C:\Windows\system32\quartz.dll
2014-10-14 18:41:29 ----A---- C:\Windows\system32\winresume.exe
2014-10-14 18:41:29 ----A---- C:\Windows\system32\winload.exe
2014-10-14 18:41:28 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-14 18:41:28 ----A---- C:\Windows\system32\wintrust.dll
2014-10-14 18:41:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-14 18:41:28 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-14 18:41:27 ----A---- C:\Windows\system32\evr.dll
2014-10-14 18:41:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-14 18:41:23 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-14 18:41:23 ----A---- C:\Windows\system32\EncDump.dll
2014-10-14 18:41:23 ----A---- C:\Windows\system32\crypt32.dll
2014-10-14 18:41:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-14 18:41:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-14 18:41:22 ----A---- C:\Windows\system32\cryptui.dll
2014-10-14 18:41:22 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-14 18:41:21 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-14 18:41:21 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-14 18:41:21 ----A---- C:\Windows\system32\mfplat.dll
2014-10-14 18:41:21 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-14 18:41:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-14 18:41:19 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-14 18:41:19 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-14 18:41:19 ----A---- C:\Windows\system32\srcore.dll
2014-10-14 18:41:19 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-14 18:41:17 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-14 18:41:16 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-14 18:41:16 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-14 18:41:16 ----A---- C:\Windows\system32\msscp.dll
2014-10-14 18:41:14 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-14 18:41:13 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-14 18:41:13 ----A---- C:\Windows\system32\rstrui.exe
2014-10-14 18:41:13 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-14 18:41:13 ----A---- C:\Windows\system32\appidapi.dll
2014-10-14 18:41:12 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-14 18:41:12 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-14 18:41:12 ----A---- C:\Windows\system32\audiodg.exe
2014-10-14 18:41:11 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-14 18:41:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-14 18:41:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-14 18:41:09 ----A---- C:\Windows\system32\mfps.dll
2014-10-14 18:41:06 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-14 18:41:04 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 18:41:03 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-14 18:41:02 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-14 18:41:00 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-14 18:40:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-14 18:40:59 ----A---- C:\Windows\system32\srclient.dll
2014-10-14 18:40:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 18:40:55 ----A---- C:\Windows\system32\spwmp.dll
2014-10-14 18:40:54 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-14 18:40:54 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-14 18:40:54 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-14 18:40:50 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-14 18:40:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-14 18:40:50 ----A---- C:\Windows\system32\mferror.dll
2014-10-14 18:40:47 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-14 18:39:44 ----A---- C:\Windows\system32\msi.dll
2014-10-14 18:39:42 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-14 18:39:34 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-14 18:39:34 ----A---- C:\Windows\system32\rastls.dll
2014-10-14 18:39:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-14 18:39:20 ----A---- C:\Windows\system32\mstscax.dll
2014-10-14 18:39:19 ----A---- C:\Windows\system32\mstsc.exe
2014-10-14 18:39:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-14 18:39:18 ----A---- C:\Windows\system32\termsrv.dll
2014-10-14 18:39:16 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\winsta.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-14 18:39:15 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-14 18:39:15 ----A---- C:\Windows\system32\winlogon.exe
2014-10-14 18:39:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-14 18:39:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-14 18:39:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-14 18:39:14 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-14 18:39:14 ----A---- C:\Windows\system32\credssp.dll
2014-10-14 18:38:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-14 18:38:12 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-06 23:39:47 ----D---- C:\Windows\Temp
2014-11-06 22:28:22 ----D---- C:\Windows\system32\config
2014-11-06 22:24:14 ----D---- C:\Windows
2014-11-06 22:23:40 ----D---- C:\Windows\Prefetch
2014-11-06 22:23:32 ----RD---- C:\Program Files (x86)
2014-11-06 22:23:32 ----D---- C:\Windows\system32\drivers
2014-11-06 22:23:11 ----D---- C:\Windows\SysWOW64
2014-11-06 22:08:10 ----RD---- C:\Program Files
2014-11-06 17:55:49 ----SHD---- C:\System Volume Information
2014-11-06 15:52:37 ----D---- C:\Users\Ladinek\AppData\Roaming\vlc
2014-11-06 14:59:22 ----D---- C:\Users\Ladinek\AppData\Roaming\uTorrent
2014-11-06 00:48:52 ----D---- C:\Windows\System32
2014-11-06 00:48:52 ----D---- C:\Windows\inf
2014-11-06 00:48:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-06 00:34:27 ----D---- C:\Users\Ladinek\AppData\Roaming\TeamViewer
2014-11-06 00:34:27 ----D---- C:\Program Files (x86)\Steam
2014-11-05 20:12:17 ----D---- C:\Windows\system32\Tasks
2014-11-05 11:16:29 ----D---- C:\Windows\Logs
2014-11-03 21:38:46 ----SHD---- C:\Windows\Installer
2014-11-01 23:57:47 ----HD---- C:\Windows\msdownld.tmp
2014-11-01 23:57:45 ----D---- C:\Windows\SYSWOW64\directx
2014-11-01 23:40:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 23:40:47 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-01 23:39:13 ----D---- C:\Program Files\CCleaner
2014-11-01 23:30:49 ----D---- C:\Windows\winsxs
2014-11-01 23:25:50 ----D---- C:\Program Files\Internet Explorer
2014-10-30 23:01:13 ----D---- C:\Windows\system32\NDF
2014-10-29 18:25:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 21:30:54 ----HD---- C:\ProgramData
2014-10-26 15:23:53 ----D---- C:\Users\Ladinek\AppData\Roaming\Seznam.cz
2014-10-26 15:23:35 ----D---- C:\Program Files (x86)\Seznam.cz
2014-10-25 09:51:43 ----RSD---- C:\Windows\assembly
2014-10-22 18:32:47 ----D---- C:\Program Files (x86)\Adobe
2014-10-20 21:57:37 ----D---- C:\Program Files (x86)\Google
2014-10-20 21:56:49 ----D---- C:\Windows\Tasks
2014-10-20 21:49:36 ----D---- C:\Program Files (x86)\MyFreeCams
2014-10-18 22:29:17 ----D---- C:\ProgramData\Oracle
2014-10-18 22:29:11 ----D---- C:\Program Files (x86)\Common Files
2014-10-18 22:28:51 ----D---- C:\Program Files (x86)\Java
2014-10-18 22:06:59 ----D---- C:\Users\Ladinek\AppData\Roaming\Adobe
2014-10-18 21:44:27 ----D---- C:\ProgramData\Skype
2014-10-18 21:42:23 ----D---- C:\Program Files (x86)\OpenVPN Technologies
2014-10-18 21:41:56 ----D---- C:\Program Files\OpenVPN
2014-10-18 21:39:04 ----D---- C:\Program Files (x86)\DTK Software
2014-10-18 21:36:59 ----D---- C:\Users\Ladinek\AppData\Roaming\DAEMON Tools Lite
2014-10-18 21:35:46 ----D---- C:\Windows\Minidump
2014-10-18 21:35:46 ----D---- C:\Windows\debug
2014-10-18 00:12:31 ----D---- C:\ProgramData\Package Cache
2014-10-18 00:02:36 ----D---- C:\GOG Games
2014-10-15 17:27:42 ----D---- C:\Windows\rescache
2014-10-15 16:58:32 ----D---- C:\Windows\Microsoft.NET
2014-10-15 14:13:51 ----D---- C:\Windows\system32\catroot2
2014-10-15 14:04:43 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 14:04:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 14:04:43 ----D---- C:\Program Files\Windows Media Player
2014-10-15 14:04:43 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 14:04:42 ----D---- C:\Windows\system32\Dism
2014-10-15 14:04:41 ----D---- C:\Windows\system32\en-US
2014-10-15 14:04:41 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 14:04:39 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 14:04:39 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 14:04:39 ----D---- C:\Windows\system32\Boot
2014-10-14 21:26:28 ----D---- C:\Windows\system32\MRT
2014-10-14 21:20:26 ----A---- C:\Windows\system32\MRT.exe
2014-10-14 18:38:38 ----D---- C:\Windows\system32\catroot
2014-10-12 18:20:01 ----D---- C:\Games
2014-10-11 09:01:47 ----D---- C:\Users\Ladinek\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-30 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-30 9981952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-30 310272]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-07-01 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2013-07-25 79592]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2013-07-25 86376]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\Windows\system32\DRIVERS\ptun0901.sys [2014-03-10 40664]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-02-22 160256]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-30 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-10-27 2529616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 MySQL55;MySQL55; C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\ProgramData\MySQL\MySQL Server 5.5\my.ini MySQL55 []
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 2179056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-29 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-08-09 279024]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-11-21 131912]
S3 GalaxyService;GalaxyService; C:\Program Files (x86)\GalaxyClient\GalaxyService.exe [2014-09-18 2191648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-16 119408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#24 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#25 Příspěvek od Rhonwyn »

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ladinek
->Temp folder emptied: 38148396 bytes
->Temporary Internet Files folder emptied: 544199 bytes
->Java cache emptied: 313786 bytes
->Google Chrome cache emptied: 368015518 bytes
->Flash cache emptied: 506 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15076 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40068 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36140595 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 423,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Ladinek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11082014_201151

Files moved on Reboot...
C:\Users\Ladinek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#26 Příspěvek od Rhonwyn »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ladinek at 2014-11-08 20:15:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 53 GB (11%) free of 461 GB
Total RAM: 4044 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:24, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySQLNotifier.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\trend micro\Ladinek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd/In ... ct1263.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.15.0.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL55 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9532 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.5\my.ini" MySQL55
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TightVNC\tvnserver.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
taskeng.exe {397DB7EC-9476-44D4-AB74-470CD01629FB}
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2072
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
"C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySQLNotifier.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
taskeng.exe {7D8CC9C0-3BFD-45F2-914E-476ECCCAE0AE}
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Ladinek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 2179056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MySQL Notifier"=C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [2013-07-05 762368]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-01 343168]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-12 204136]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-10-27 3835728]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi3"=wdmaud.drv
"aux3"=wdmaud.drv
"midi4"=wdmaud.drv
"aux4"=wdmaud.drv
"midi5"=wdmaud.drv
"aux5"=wdmaud.drv
"midi6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-08 20:11:51 ----D---- C:\_OTM
2014-11-06 22:23:11 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-11-06 22:22:25 ----D---- C:\AdwCleaner
2014-11-06 22:08:10 ----D---- C:\Program Files\trend micro
2014-11-06 22:08:09 ----D---- C:\rsit
2014-11-01 23:57:59 ----D---- C:\Users\Ladinek\AppData\Roaming\FFsplit
2014-11-01 23:46:35 ----D---- C:\Program Files\OBS
2014-11-01 23:46:33 ----D---- C:\Program Files (x86)\OBS
2014-11-01 23:36:40 ----D---- C:\Users\Ladinek\AppData\Roaming\SorensonMedia
2014-11-01 23:25:26 ----D---- C:\Program Files (x86)\QuickTime
2014-10-28 08:48:04 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-10-27 21:30:54 ----D---- C:\ProgramData\Kaspersky Lab
2014-10-27 21:22:07 ----A---- C:\TDSSKiller.3.0.0.40_27.10.2014_21.22.07_log.txt
2014-10-25 16:31:37 ----D---- C:\Users\Ladinek\AppData\Roaming\Trove
2014-10-18 22:29:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-10-18 22:28:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-10-18 22:28:52 ----A---- C:\Windows\SYSWOW64\java.exe
2014-10-18 00:02:28 ----D---- C:\ProgramData\GalaxyClient
2014-10-18 00:02:28 ----D---- C:\Program Files (x86)\GalaxyClient
2014-10-14 18:43:21 ----A---- C:\Windows\system32\generaltel.dll
2014-10-14 18:43:21 ----A---- C:\Windows\system32\aepdu.dll
2014-10-14 18:43:21 ----A---- C:\Windows\system32\aeinv.dll
2014-10-14 18:43:06 ----A---- C:\Windows\system32\win32k.sys
2014-10-14 18:43:02 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-14 18:43:02 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\mscories.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\mscorier.dll
2014-10-14 18:43:02 ----A---- C:\Windows\system32\dfshim.dll
2014-10-14 18:43:01 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-14 18:41:53 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-14 18:41:53 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-14 18:41:53 ----A---- C:\Windows\system32\blackbox.dll
2014-10-14 18:41:51 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-14 18:41:47 ----A---- C:\Windows\system32\wmp.dll
2014-10-14 18:41:44 ----A---- C:\Windows\system32\mf.dll
2014-10-14 18:41:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-14 18:41:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-14 18:41:40 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-14 18:41:39 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-14 18:41:35 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-14 18:41:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-14 18:41:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-14 18:41:34 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-14 18:41:34 ----A---- C:\Windows\system32\ci.dll
2014-10-14 18:41:33 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-14 18:41:31 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-14 18:41:30 ----A---- C:\Windows\system32\quartz.dll
2014-10-14 18:41:29 ----A---- C:\Windows\system32\winresume.exe
2014-10-14 18:41:29 ----A---- C:\Windows\system32\winload.exe
2014-10-14 18:41:28 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-14 18:41:28 ----A---- C:\Windows\system32\wintrust.dll
2014-10-14 18:41:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-14 18:41:28 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-14 18:41:27 ----A---- C:\Windows\system32\evr.dll
2014-10-14 18:41:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-14 18:41:23 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-14 18:41:23 ----A---- C:\Windows\system32\EncDump.dll
2014-10-14 18:41:23 ----A---- C:\Windows\system32\crypt32.dll
2014-10-14 18:41:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-14 18:41:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-14 18:41:22 ----A---- C:\Windows\system32\cryptui.dll
2014-10-14 18:41:22 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-14 18:41:21 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-14 18:41:21 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-14 18:41:21 ----A---- C:\Windows\system32\mfplat.dll
2014-10-14 18:41:21 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-14 18:41:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-14 18:41:19 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-14 18:41:19 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-14 18:41:19 ----A---- C:\Windows\system32\srcore.dll
2014-10-14 18:41:19 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-14 18:41:17 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-14 18:41:16 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-14 18:41:16 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-14 18:41:16 ----A---- C:\Windows\system32\msscp.dll
2014-10-14 18:41:14 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-14 18:41:13 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-14 18:41:13 ----A---- C:\Windows\system32\rstrui.exe
2014-10-14 18:41:13 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-14 18:41:13 ----A---- C:\Windows\system32\appidapi.dll
2014-10-14 18:41:12 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-14 18:41:12 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-14 18:41:12 ----A---- C:\Windows\system32\audiodg.exe
2014-10-14 18:41:11 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-14 18:41:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-14 18:41:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-14 18:41:09 ----A---- C:\Windows\system32\mfps.dll
2014-10-14 18:41:06 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-14 18:41:04 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 18:41:03 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-14 18:41:02 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-14 18:41:00 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-14 18:40:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-14 18:40:59 ----A---- C:\Windows\system32\srclient.dll
2014-10-14 18:40:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 18:40:55 ----A---- C:\Windows\system32\spwmp.dll
2014-10-14 18:40:54 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-14 18:40:54 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-14 18:40:54 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-14 18:40:50 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-14 18:40:50 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-14 18:40:50 ----A---- C:\Windows\system32\mferror.dll
2014-10-14 18:40:47 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-14 18:39:44 ----A---- C:\Windows\system32\msi.dll
2014-10-14 18:39:42 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-14 18:39:34 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-14 18:39:34 ----A---- C:\Windows\system32\rastls.dll
2014-10-14 18:39:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-14 18:39:20 ----A---- C:\Windows\system32\mstscax.dll
2014-10-14 18:39:19 ----A---- C:\Windows\system32\mstsc.exe
2014-10-14 18:39:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-14 18:39:18 ----A---- C:\Windows\system32\termsrv.dll
2014-10-14 18:39:16 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\winsta.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-14 18:39:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-14 18:39:15 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-14 18:39:15 ----A---- C:\Windows\system32\winlogon.exe
2014-10-14 18:39:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-14 18:39:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-14 18:39:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-14 18:39:14 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-14 18:39:14 ----A---- C:\Windows\system32\credssp.dll
2014-10-14 18:38:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-14 18:38:12 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-08 20:15:24 ----D---- C:\Windows\Prefetch
2014-11-08 20:13:08 ----D---- C:\Windows\Temp
2014-11-08 20:12:22 ----D---- C:\Windows\system32\config
2014-11-08 20:12:13 ----D---- C:\Windows
2014-11-08 20:11:51 ----D---- C:\Windows\Tasks
2014-11-08 20:06:32 ----D---- C:\Users\Ladinek\AppData\Roaming\uTorrent
2014-11-08 18:12:21 ----D---- C:\Users\Ladinek\AppData\Roaming\vlc
2014-11-07 18:51:23 ----D---- C:\Program Files (x86)\Steam
2014-11-07 18:20:08 ----D---- C:\Windows\System32
2014-11-07 18:20:08 ----D---- C:\Windows\inf
2014-11-07 18:20:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-07 14:45:13 ----SHD---- C:\System Volume Information
2014-11-06 22:23:32 ----RD---- C:\Program Files (x86)
2014-11-06 22:23:32 ----D---- C:\Windows\system32\drivers
2014-11-06 22:23:11 ----D---- C:\Windows\SysWOW64
2014-11-06 22:08:10 ----RD---- C:\Program Files
2014-11-06 00:34:27 ----D---- C:\Users\Ladinek\AppData\Roaming\TeamViewer
2014-11-05 20:12:17 ----D---- C:\Windows\system32\Tasks
2014-11-05 11:16:29 ----D---- C:\Windows\Logs
2014-11-03 21:38:46 ----SHD---- C:\Windows\Installer
2014-11-01 23:57:45 ----D---- C:\Windows\SYSWOW64\directx
2014-11-01 23:40:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-01 23:40:47 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-01 23:39:13 ----D---- C:\Program Files\CCleaner
2014-11-01 23:30:49 ----D---- C:\Windows\winsxs
2014-11-01 23:25:50 ----D---- C:\Program Files\Internet Explorer
2014-10-30 23:01:13 ----D---- C:\Windows\system32\NDF
2014-10-29 18:25:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 21:30:54 ----HD---- C:\ProgramData
2014-10-26 15:23:53 ----D---- C:\Users\Ladinek\AppData\Roaming\Seznam.cz
2014-10-26 15:23:35 ----D---- C:\Program Files (x86)\Seznam.cz
2014-10-25 09:51:43 ----RSD---- C:\Windows\assembly
2014-10-22 18:32:47 ----D---- C:\Program Files (x86)\Adobe
2014-10-20 21:57:37 ----D---- C:\Program Files (x86)\Google
2014-10-20 21:49:36 ----D---- C:\Program Files (x86)\MyFreeCams
2014-10-18 22:29:17 ----D---- C:\ProgramData\Oracle
2014-10-18 22:29:11 ----D---- C:\Program Files (x86)\Common Files
2014-10-18 22:28:51 ----D---- C:\Program Files (x86)\Java
2014-10-18 22:06:59 ----D---- C:\Users\Ladinek\AppData\Roaming\Adobe
2014-10-18 21:44:27 ----D---- C:\ProgramData\Skype
2014-10-18 21:42:23 ----D---- C:\Program Files (x86)\OpenVPN Technologies
2014-10-18 21:41:56 ----D---- C:\Program Files\OpenVPN
2014-10-18 21:39:04 ----D---- C:\Program Files (x86)\DTK Software
2014-10-18 21:36:59 ----D---- C:\Users\Ladinek\AppData\Roaming\DAEMON Tools Lite
2014-10-18 21:35:46 ----D---- C:\Windows\Minidump
2014-10-18 21:35:46 ----D---- C:\Windows\debug
2014-10-18 00:12:31 ----D---- C:\ProgramData\Package Cache
2014-10-18 00:02:36 ----D---- C:\GOG Games
2014-10-15 17:27:42 ----D---- C:\Windows\rescache
2014-10-15 16:58:32 ----D---- C:\Windows\Microsoft.NET
2014-10-15 14:13:51 ----D---- C:\Windows\system32\catroot2
2014-10-15 14:04:43 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 14:04:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 14:04:43 ----D---- C:\Program Files\Windows Media Player
2014-10-15 14:04:43 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 14:04:42 ----D---- C:\Windows\system32\Dism
2014-10-15 14:04:41 ----D---- C:\Windows\system32\en-US
2014-10-15 14:04:41 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 14:04:39 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 14:04:39 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 14:04:39 ----D---- C:\Windows\system32\Boot
2014-10-14 21:26:28 ----D---- C:\Windows\system32\MRT
2014-10-14 21:20:26 ----A---- C:\Windows\system32\MRT.exe
2014-10-14 18:38:38 ----D---- C:\Windows\system32\catroot
2014-10-12 18:20:01 ----D---- C:\Games
2014-10-11 09:01:47 ----D---- C:\Users\Ladinek\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-30 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-30 9981952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-30 310272]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-07-01 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2013-07-25 79592]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2013-07-25 86376]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\Windows\system32\DRIVERS\ptun0901.sys [2014-03-10 40664]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-02-22 160256]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-30 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-08-28 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-10-27 2529616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 MySQL55;MySQL55; C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\ProgramData\MySQL\MySQL Server 5.5\my.ini MySQL55 []
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2013-07-19 2179056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-29 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-08-09 279024]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-11-21 131912]
S3 GalaxyService;GalaxyService; C:\Program Files (x86)\GalaxyClient\GalaxyService.exe [2014-09-18 2191648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-16 119408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#27 Příspěvek od Rudy »

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Rhonwyn
Návštěvník
Návštěvník
Příspěvky: 207
Registrován: 05 črc 2012 08:33
Bydliště: Brno

Re: zavirovany pocitac

#28 Příspěvek od Rhonwyn »

dekuji za pomoc :happy:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119547
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zavirovany pocitac

#29 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“