Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
změnila se mi plocha
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: změnila se mi plocha
V OTM? OTM je pouhá utilita k mazání skriptem a žádný troják. Jen některé antiviry ho nemají rádi. AV vypněte, ručím za to, že OTM je neškodný. Na tomto fóru byl mnohokrát vyzkoušen.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: změnila se mi plocha
No věřím vám, vypnul jsem avg firewall všechno a stejně to nejde stáhnout a i když to chci vytáhnout z truhli a spustím tak zase trojan jak se toho zbavit a spustit?
Re: změnila se mi plocha
tak už se mi to povedlo tady je log
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 08:06:05
Microsoft Windows 8
System drive C: has 156 GB (67%) free of 233 GB
Total RAM: 3911 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:06:08, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9599 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-4b10-4d79d6e4b823 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 505162528064
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2072
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3936.0.2089781126\156563300" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3936.2.1165468203\451415351" /prefetch:673131151
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3936.4.793632052\1826678048" /prefetch:673131151
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\mmm\Downloads\RSITx64 (1).exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\mmm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\mmm\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\mmm\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\jakub\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\jakub\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\NotificationUI.exe
2014-11-15 20:35:45 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 08:05:12 ----D---- C:\Windows\Temp
2014-12-06 08:03:20 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:56:40 ----D---- C:\Windows\Prefetch
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 23:01:54 ----D---- C:\Windows\system32\config
2014-12-05 23:01:53 ----D---- C:\Windows\CbsTemp
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----RD---- C:\Windows\System32
2014-11-27 18:37:11 ----D---- C:\Windows\Inf
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 12:44:53 ----D---- C:\Windows\SysWOW64
2014-11-21 11:50:15 ----HD---- C:\Windows\ELAMBKUP
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-20 06:26:23 ----D---- C:\Windows\WinSxS
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 08:06:05
Microsoft Windows 8
System drive C: has 156 GB (67%) free of 233 GB
Total RAM: 3911 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:06:08, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9599 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-4b10-4d79d6e4b823 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 505162528064
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2072
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3936.0.2089781126\156563300" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3936.2.1165468203\451415351" /prefetch:673131151
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3936.4.793632052\1826678048" /prefetch:673131151
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\mmm\Downloads\RSITx64 (1).exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\mmm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\mmm\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\mmm\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\jakub\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\jakub\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\NotificationUI.exe
2014-11-15 20:35:45 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 08:05:12 ----D---- C:\Windows\Temp
2014-12-06 08:03:20 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:56:40 ----D---- C:\Windows\Prefetch
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 23:01:54 ----D---- C:\Windows\system32\config
2014-12-05 23:01:53 ----D---- C:\Windows\CbsTemp
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----RD---- C:\Windows\System32
2014-11-27 18:37:11 ----D---- C:\Windows\Inf
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 12:44:53 ----D---- C:\Windows\SysWOW64
2014-11-21 11:50:15 ----HD---- C:\Windows\ELAMBKUP
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-20 06:26:23 ----D---- C:\Windows\WinSxS
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: změnila se mi plocha
Tak ještě jednou. Znovu spusťte OTM tímto skriptem:
a klikněte na >MoveIt!<. Před skenem vpněte antivir a po něm skenu restartujte PC. Dejte nový log RSIT.:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
:commands
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: změnila se mi plocha
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 12:02:28
Microsoft Windows 8
System drive C: has 156 GB (67%) free of 233 GB
Total RAM: 3911 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:02:33, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9600 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-b2ab-8c59bc31f472 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 559214743840
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2120
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4224.0.1739152679\503127054" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.2.1178383618\328656819" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.4.294427194\591769963" /prefetch:673131151
"C:\Users\mmm\Desktop\RSITx64 (1).exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\mmm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\NotificationUI.exe
2014-11-15 20:35:45 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 12:01:30 ----D---- C:\Windows\Temp
2014-12-06 11:59:48 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 11:58:19 ----D---- C:\Windows\Prefetch
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 23:02:06 ----D---- C:\Windows\CbsTemp
2014-12-05 23:01:54 ----D---- C:\Windows\system32\config
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:53 ----HD---- C:\Windows\ELAMBKUP
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----RD---- C:\Windows\System32
2014-11-27 18:37:11 ----D---- C:\Windows\Inf
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\mmm\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 12:44:53 ----D---- C:\Windows\SysWOW64
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-20 06:26:23 ----D---- C:\Windows\WinSxS
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
Run by mmm at 2014-12-06 12:02:28
Microsoft Windows 8
System drive C: has 156 GB (67%) free of 233 GB
Total RAM: 3911 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:02:33, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9600 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-b2ab-8c59bc31f472 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 559214743840
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2120
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4224.0.1739152679\503127054" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.2.1178383618\328656819" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.4.294427194\591769963" /prefetch:673131151
"C:\Users\mmm\Desktop\RSITx64 (1).exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\mmm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\NotificationUI.exe
2014-11-15 20:35:45 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 12:01:30 ----D---- C:\Windows\Temp
2014-12-06 11:59:48 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 11:58:19 ----D---- C:\Windows\Prefetch
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 23:02:06 ----D---- C:\Windows\CbsTemp
2014-12-05 23:01:54 ----D---- C:\Windows\system32\config
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:53 ----HD---- C:\Windows\ELAMBKUP
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----RD---- C:\Windows\System32
2014-11-27 18:37:11 ----D---- C:\Windows\Inf
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\mmm\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 12:44:53 ----D---- C:\Windows\SysWOW64
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-20 06:26:23 ----D---- C:\Windows\WinSxS
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: změnila se mi plocha
Pořád to tam je. Máte vypnutý antivir? Pokud ano, zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: změnila se mi plocha
ano mám vypnutý antivir, co tam je ? co tam je za problém prosim vás?
A to v tou nouzovém řežimu, mohl byste mi popsat, co přesně mám udělat, jsem docela amater
A to v tou nouzovém řežimu, mohl byste mi popsat, co přesně mám udělat, jsem docela amater
Re: změnila se mi plocha
tak nakonec jsem to spustil v tom nouzovém režimu, posílam nový log
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 13:41:30
Microsoft Windows 8
System drive C: has 155 GB (67%) free of 233 GB
Total RAM: 3911 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:41:35, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\mmm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9661 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-3e18-f14b8372c839 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 435861030976
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2436
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3780.0.301247383\1345014496" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3780.1.1313355267\414831346" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3780.2.14716704\1903337972" /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3780.3.713148304\1576325048" /prefetch:673131151
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Users\jakub\Desktop\RSITx64 (1).exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 23:06:55 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-05 23:06:55 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 13:40:45 ----D---- C:\Windows\Temp
2014-12-06 13:33:32 ----D---- C:\Windows\Inf
2014-12-06 13:30:11 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 13:29:38 ----D---- C:\Windows\Prefetch
2014-12-06 13:03:02 ----D---- C:\Windows\system32\config
2014-12-06 12:55:59 ----RD---- C:\Windows\System32
2014-12-06 12:55:55 ----D---- C:\Windows\WinSxS
2014-12-06 12:54:45 ----D---- C:\Windows\CbsTemp
2014-12-06 12:54:40 ----D---- C:\Windows\SysWOW64
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:53 ----HD---- C:\Windows\ELAMBKUP
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 13:41:30
Microsoft Windows 8
System drive C: has 155 GB (67%) free of 233 GB
Total RAM: 3911 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:41:35, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\mmm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9661 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-3e18-f14b8372c839 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 435861030976
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2436
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3780.0.301247383\1345014496" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3780.1.1313355267\414831346" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3780.2.14716704\1903337972" /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3780.3.713148304\1576325048" /prefetch:673131151
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Users\jakub\Desktop\RSITx64 (1).exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 23:06:55 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-05 23:06:55 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 13:40:45 ----D---- C:\Windows\Temp
2014-12-06 13:33:32 ----D---- C:\Windows\Inf
2014-12-06 13:30:11 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 13:29:38 ----D---- C:\Windows\Prefetch
2014-12-06 13:03:02 ----D---- C:\Windows\system32\config
2014-12-06 12:55:59 ----RD---- C:\Windows\System32
2014-12-06 12:55:55 ----D---- C:\Windows\WinSxS
2014-12-06 12:54:45 ----D---- C:\Windows\CbsTemp
2014-12-06 12:54:40 ----D---- C:\Windows\SysWOW64
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:53 ----HD---- C:\Windows\ELAMBKUP
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: změnila se mi plocha
Jsou to klíče od ASK toolbaru, které je třeba smazat. Zkuste to tímto skriptem:
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] /64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] /64
:commands
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: změnila se mi plocha
posílám nový log
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 20:19:18
Microsoft Windows 8
System drive C: has 155 GB (66%) free of 233 GB
Total RAM: 3911 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:52, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9661 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-ea84-21310803cc0d /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 46688101392
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2068
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\msiexec.exe /V
"C:\Users\jakub\Desktop\RSITx64 (1).exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="780.0.1082687998\1448743690" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="780.1.1249571901\111457645" /prefetch:673131151
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="780.2.1813455329\1899693343" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="780.4.812382178\819990444" /prefetch:673131151
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 23:06:55 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-05 23:06:55 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\mmm\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\mmm\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\mmm\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\mmm\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 20:19:52 ----D---- C:\Windows\Prefetch
2014-12-06 20:19:18 ----D---- C:\Windows\Temp
2014-12-06 20:17:23 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 13:33:32 ----D---- C:\Windows\Inf
2014-12-06 13:03:02 ----D---- C:\Windows\system32\config
2014-12-06 12:56:01 ----D---- C:\Windows\CbsTemp
2014-12-06 12:55:59 ----RD---- C:\Windows\System32
2014-12-06 12:55:55 ----D---- C:\Windows\WinSxS
2014-12-06 12:54:40 ----D---- C:\Windows\SysWOW64
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:53 ----HD---- C:\Windows\ELAMBKUP
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\mmm\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-06 20:19:18
Microsoft Windows 8
System drive C: has 155 GB (66%) free of 233 GB
Total RAM: 3911 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:52, on 6. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9661 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-ea84-21310803cc0d /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 46688101392
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2068
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\msiexec.exe /V
"C:\Users\jakub\Desktop\RSITx64 (1).exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="780.0.1082687998\1448743690" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="780.1.1249571901\111457645" /prefetch:673131151
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="780.2.1813455329\1899693343" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="780.4.812382178\819990444" /prefetch:673131151
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 08:01:30 ----D---- C:\_OTM
2014-12-05 23:06:55 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-05 23:06:55 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\mmm\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\mmm\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\mmm\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\mmm\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka
======List of files/folders modified in the last 1 month======
2014-12-06 20:19:52 ----D---- C:\Windows\Prefetch
2014-12-06 20:19:18 ----D---- C:\Windows\Temp
2014-12-06 20:17:23 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-06 13:33:32 ----D---- C:\Windows\Inf
2014-12-06 13:03:02 ----D---- C:\Windows\system32\config
2014-12-06 12:56:01 ----D---- C:\Windows\CbsTemp
2014-12-06 12:55:59 ----RD---- C:\Windows\System32
2014-12-06 12:55:55 ----D---- C:\Windows\WinSxS
2014-12-06 12:54:40 ----D---- C:\Windows\SysWOW64
2014-12-06 08:01:31 ----D---- C:\Windows\Tasks
2014-12-06 07:51:13 ----RD---- C:\Program Files (x86)
2014-12-06 07:51:13 ----D---- C:\ProgramData\Norton
2014-12-06 07:51:10 ----SHD---- C:\System Volume Information
2014-12-05 22:54:49 ----D---- C:\Windows\system32\Drivers
2014-12-05 22:22:53 ----HD---- C:\Windows\ELAMBKUP
2014-12-05 22:22:52 ----RD---- C:\Program Files
2014-12-05 22:22:52 ----D---- C:\Program Files\Common Files
2014-12-05 22:22:51 ----D---- C:\Windows\system32\Tasks
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\mmm\AppData\Roaming\Microsoft
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: změnila se mi plocha
Už je to fuč. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: změnila se mi plocha
tak děkuji, udělla jsem to, co jste řekl, ale tapeta je pořád stejná, snad se to už nebude měnit.
A žádný další vir tam teda není?
A žádný další vir tam teda není?
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: změnila se mi plocha
Pokud s PC chová normálně, je čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?