Kontrola logu

Zpráva

joshua · #1 Příspěvek od **joshua** » 13 úno 2015 13:54

Dobrý den, prosím o kontrolu logu.
Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by JSM at 2015-02-13 13:20:10
Microsoft Windows 7 Professional
System drive C: has 17 GB (17%) free of 100 GB
Total RAM: 4094 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:20:19, on 13.2.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\DeltaIITray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\JSM.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
O4 - HKLM\..\Run: [H2OWIBU] C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8371 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1792
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\DeltaIITray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

"C:\Users\JSM\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001Core.job - C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001UA.job - C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-05-23 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-15 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-11-13 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-15 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-05-23 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Google Update"=C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2014-11-22 1610664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^JSM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\JSM\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"M-Audio Taskbar Icon"=C:\Windows\system32\DeltaIITray.exe []
"H2OWIBU"=C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2015-02-13 13:20:10 ----D---- C:\rsit
2015-02-13 13:20:10 ----D---- C:\Program Files\trend micro
2015-02-10 17:41:18 ----D---- C:\Users\JSM\AppData\Roaming\AVG
2015-02-10 17:38:53 ----D---- C:\ProgramData\AVG
2015-02-10 17:12:30 ----D---- C:\ProgramData\AVG Security Toolbar
2015-02-10 17:12:04 ----D---- C:\ProgramData\AVG Web TuneUp
2015-02-10 17:11:59 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-02-10 14:56:29 ----D---- C:\Users\JSM\AppData\Roaming\AVG2015
2015-02-10 14:55:16 ----HD---- C:\$AVG
2015-02-10 14:55:16 ----D---- C:\ProgramData\AVG2015
2015-02-10 14:54:33 ----D---- C:\Program Files (x86)\AVG
2015-02-10 14:48:09 ----D---- C:\ProgramData\MFAData

======List of files/folders modified in the last 1 month======

2015-02-13 13:20:19 ----D---- C:\Windows\Prefetch
2015-02-13 13:20:10 ----RD---- C:\Program Files
2015-02-13 13:14:01 ----D---- C:\Windows\Temp
2015-02-13 10:43:16 ----D---- C:\Windows\System32
2015-02-13 10:43:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 10:19:15 ----D---- C:\ProgramData\NVIDIA
2015-02-12 16:28:49 ----D---- C:\Windows\system32\config
2015-02-12 16:10:52 ----SHD---- C:\System Volume Information
2015-02-11 07:11:47 ----D---- C:\Windows\SysWOW64
2015-02-11 07:10:57 ----D---- C:\Windows\Tasks
2015-02-11 07:10:56 ----D---- C:\Windows\system32\wfp
2015-02-11 07:10:56 ----D---- C:\Windows\system32\wbem
2015-02-11 07:10:55 ----D---- C:\Program Files\Windows Media Player
2015-02-11 07:10:55 ----D---- C:\Program Files\Internet Explorer
2015-02-11 07:10:52 ----D---- C:\Windows\system32\drivers
2015-02-11 07:10:50 ----D---- C:\Windows
2015-02-11 07:09:42 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-11 07:09:42 ----D---- C:\Windows\system32\DriverStore
2015-02-11 07:09:41 ----D---- C:\Windows\system32\catroot2
2015-02-11 07:09:38 ----D---- C:\Windows\ehome
2015-02-11 07:09:38 ----D---- C:\Program Files\Windows Photo Viewer
2015-02-11 07:09:37 ----D---- C:\WOLF3D
2015-02-11 07:09:37 ----D---- C:\WINTER
2015-02-11 07:09:36 ----D---- C:\Windows\winsxs
2015-02-11 07:08:26 ----D---- C:\Windows\system32\Tasks
2015-02-11 07:08:14 ----D---- C:\Windows\inf
2015-02-11 07:07:59 ----D---- C:\Windows\AppCompat
2015-02-11 07:07:59 ----D---- C:\WACKY
2015-02-11 07:07:43 ----D---- C:\Program Files\Microsoft Security Client
2015-02-11 07:07:42 ----D---- C:\Program Files (x86)\WinRAR
2015-02-11 07:07:41 ----D---- C:\Program Files (x86)\Windows Sidebar
2015-02-11 07:07:21 ----D---- C:\Download
2015-02-11 07:06:12 ----D---- C:\Windows\registration
2015-02-11 07:05:50 ----D---- C:\Windows\Web
2015-02-11 07:05:50 ----D---- C:\Windows\Vss
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\XPSViewer
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\winrm
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\wdi
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\WCN
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\spp
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\Speech
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\slmgr
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\NetworkList
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\MUI
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\Msdtc
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\migwiz
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\migration
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\Macromed
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\InstallShield
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\IME
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\DriverStore
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\drivers
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\Dism
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\config
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\com
2015-02-11 07:05:41 ----D---- C:\Windows\system32\winrm
2015-02-11 07:05:40 ----D---- C:\Windows\system32\WindowsPowerShell
2015-02-11 07:05:40 ----D---- C:\Windows\system32\WinBioPlugIns
2015-02-11 07:05:39 ----D---- C:\Windows\system32\wdi
2015-02-11 07:05:39 ----D---- C:\Windows\system32\WCN
2015-02-11 07:05:38 ----D---- C:\Windows\system32\sysprep
2015-02-11 07:05:37 ----D---- C:\Windows\system32\spp
2015-02-11 07:05:37 ----D---- C:\Windows\system32\spool
2015-02-11 07:05:37 ----D---- C:\Windows\system32\Speech
2015-02-11 07:05:37 ----D---- C:\Windows\system32\SMI
2015-02-11 07:05:37 ----D---- C:\Windows\system32\slmgr
2015-02-11 07:05:35 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2015-02-11 07:05:35 ----D---- C:\Windows\system32\oobe
2015-02-11 07:05:34 ----D---- C:\Windows\system32\NetworkList
2015-02-11 07:05:34 ----D---- C:\Windows\system32\MUI
2015-02-11 07:05:33 ----D---- C:\Windows\system32\Msdtc
2015-02-11 07:05:33 ----D---- C:\Windows\system32\migwiz
2015-02-11 07:05:32 ----SD---- C:\Windows\system32\Microsoft
2015-02-11 07:05:32 ----D---- C:\Windows\system32\migration
2015-02-11 07:05:32 ----D---- C:\Windows\system32\Macromed
2015-02-11 07:05:31 ----D---- C:\Windows\system32\IME
2015-02-11 07:05:28 ----D---- C:\Windows\system32\drivers\UMDF
2015-02-11 07:05:27 ----D---- C:\Windows\system32\Dism
2015-02-11 07:05:26 ----D---- C:\Windows\system32\cs-CZ
2015-02-11 07:05:26 ----D---- C:\Windows\system32\com
2015-02-11 07:05:26 ----D---- C:\Windows\system32\catroot
2015-02-11 07:05:25 ----D---- C:\Windows\system32\Boot
2015-02-11 07:05:25 ----D---- C:\Windows\Speech
2015-02-11 07:05:25 ----D---- C:\Windows\Setup
2015-02-11 07:05:25 ----D---- C:\Windows\servicing
2015-02-11 07:05:24 ----D---- C:\Windows\schemas
2015-02-11 07:05:24 ----D---- C:\Windows\ServiceProfiles
2015-02-11 07:05:24 ----D---- C:\Windows\security
2015-02-11 07:05:24 ----D---- C:\Windows\Resources
2015-02-11 07:05:24 ----D---- C:\Windows\rescache
2015-02-11 07:05:24 ----D---- C:\Windows\PolicyDefinitions
2015-02-11 07:05:24 ----D---- C:\Windows\PLA
2015-02-11 07:05:24 ----D---- C:\Windows\Performance
2015-02-11 07:05:24 ----D---- C:\Windows\Msagent
2015-02-11 07:05:23 ----D---- C:\Windows\Microsoft.NET
2015-02-11 07:05:22 ----SHD---- C:\Windows\Installer
2015-02-11 07:05:22 ----RSD---- C:\Windows\Media
2015-02-11 07:05:21 ----D---- C:\Windows\IME
2015-02-11 07:05:21 ----D---- C:\Windows\Help
2015-02-11 07:05:21 ----D---- C:\Windows\Globalization
2015-02-11 07:05:19 ----RSD---- C:\Windows\assembly
2015-02-11 07:05:19 ----D---- C:\Windows\diagnostics
2015-02-11 07:05:19 ----D---- C:\Windows\Branding
2015-02-11 07:05:19 ----D---- C:\Windows\Boot
2015-02-11 07:05:15 ----D---- C:\Windows\AppPatch
2015-02-11 07:05:14 ----RD---- C:\Users
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Waves Audio
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Sony
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\REAPER
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\QIP
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Publish Providers
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\OpenCandy
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\NetMedia Providers
2015-02-11 07:05:10 ----SD---- C:\Users\JSM\AppData\Roaming\Microsoft
2015-02-11 07:05:10 ----D---- C:\Users\JSM\AppData\Roaming\DAEMON Tools Lite
2015-02-11 07:05:10 ----D---- C:\Users\JSM\AppData\Roaming\Adobe
2015-02-11 07:05:04 ----HD---- C:\ProgramData
2015-02-11 07:05:04 ----D---- C:\ProgramData\Sony
2015-02-11 07:05:04 ----D---- C:\ProgramData\Nero
2015-02-11 07:05:03 ----SD---- C:\ProgramData\Microsoft
2015-02-11 07:05:02 ----D---- C:\ProgramData\KORG
2015-02-11 07:05:02 ----D---- C:\ProgramData\Apple Computer
2015-02-11 07:05:02 ----D---- C:\ProgramData\Apple
2015-02-11 07:05:02 ----D---- C:\ProgramData\Adobe
2015-02-11 07:05:02 ----D---- C:\Program Files\Worms
2015-02-11 07:05:02 ----D---- C:\Program Files\Windows Sidebar
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows NT
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Mail
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Live
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Journal
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Defender
2015-02-11 07:05:01 ----D---- C:\Program Files\Vertigo Sound
2015-02-11 07:05:01 ----D---- C:\Program Files\Steinberg
2015-02-11 07:05:01 ----D---- C:\Program Files\Softube
2015-02-11 07:05:00 ----D---- C:\Program Files\ReVolt
2015-02-11 07:05:00 ----D---- C:\Program Files\Reference Assemblies
2015-02-11 07:05:00 ----D---- C:\Program Files\Recuva
2015-02-11 07:05:00 ----D---- C:\Program Files\REAPER (x64)
2015-02-11 07:05:00 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-11 07:05:00 ----D---- C:\Program Files\MSBuild
2015-02-11 07:04:59 ----RD---- C:\Program Files (x86)
2015-02-11 07:04:59 ----D---- C:\Program Files\M-Audio
2015-02-11 07:04:59 ----D---- C:\Program Files\FabFilter
2015-02-11 07:04:59 ----D---- C:\Program Files\DVD Maker
2015-02-11 07:04:59 ----D---- C:\Program Files\D-Fend
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\VST3
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\System
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Steinberg
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Softube
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Propellerhead Software
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Digidesign
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Avid
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files
2015-02-11 07:04:59 ----D---- C:\Program Files\Acon Digital
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows NT
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Media Player
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Mail
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Live
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Defender
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Winamp
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\WIBUKEY
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Waves
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Wave Arts
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Vstplugins
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Syncrosoft
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Sweet Home 3D
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\StepMania
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Steinberg
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Steam
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sony Setup
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sony
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sonalksis
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\QuickTime
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSPaudioware
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSP_AUDIOWARE
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSP
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Outsim
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Origin
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Oldschool gamesy
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Nomad Factory
2015-02-11 07:04:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Nero
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\MSBuild
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Office
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Java
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\iZotope
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Image-Line
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\IK Multimedia
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\FLStudio4
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\FabFilter
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\Elemental Audio Systems
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DOSBox-0.74
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Common Files
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\CDex_150
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Apple Software Update
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Algorithmix
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 07:04:51 ----D---- C:\NVIDIA
2015-02-11 07:04:49 ----SHD---- C:\$Recycle.Bin
2015-02-10 14:56:01 ----D---- C:\Users\JSM\AppData\Roaming\TuneUp Software
2015-01-27 15:33:07 ----A---- C:\Users\JSM\AppData\Roaming\msregsvv.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [2014-06-23 61112]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-30 283064]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R3 DELTAII;Service for M-Audio Delta Driver (WDM); C:\Windows\system32\DRIVERS\MAudioDelta.sys [2009-07-27 392712]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-24 541760]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-29 1255736]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 13 úno 2015 19:15

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

joshua · #3 Příspěvek od **joshua** » 14 úno 2015 10:05

Rudy píše:Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Ok.

---

# AdwCleaner v3.022 - Report created 23/03/2014 at 12:52:07
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : JSM - STUDIO
# Running from : C:\Users\JSM\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found C:\Users\JSM\AppData\Local\Temp\OpenCandy
Folder Found C:\Users\JSM\AppData\Roaming\dvdvideosoftiehelpers
Folder Found C:\Users\JSM\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16839

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie

-\\ Google Chrome v

[ File : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2597 octets] - [23/03/2014 12:52:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2657 octets] ##########
# AdwCleaner v4.110 - Logfile created 14/02/2015 at 09:54:30
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Professional (x64)
# Username : JSM - STUDIO
# Running from : C:\Users\JSM\Desktop\adwcleaner_4.110.exe
# Option : Scan

***** [ Services ] *****

Service Found : {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

***** [ Files / Folders ] *****

File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Found : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Found : C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found : C:\Program Files (x86)\FLV Player
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\Users\JSM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Folder Found : C:\Users\JSM\AppData\Roaming\OpenCandy

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7600.16839

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qip.ru/ie

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7361 bytes] - [23/03/2014 12:52:07]
AdwCleaner[S0].txt - [2615 bytes] - [23/03/2014 12:56:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7479 bytes] ##########

#4 Příspěvek od **Rudy** » 14 úno 2015 11:28

Nedokončil jste mazání (neklikl na >clean<). Zkuste zopakovat ten postup.

joshua · #5 Příspěvek od **joshua** » 15 úno 2015 00:20

Rudy píše:Nedokončil jste mazání (neklikl na >clean<). Zkuste zopakovat ten postup.

# AdwCleaner v3.022 - Report created 23/03/2014 at 12:56:31
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : JSM - STUDIO
# Running from : C:\Users\JSM\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\JSM\AppData\Local\Temp\OpenCandy
Folder Deleted : C:\Users\JSM\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\JSM\AppData\Roaming\OpenCandy
File Deleted : C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16839

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Google Chrome v

[ File : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2741 octets] - [23/03/2014 12:52:07]
AdwCleaner[S0].txt - [2475 octets] - [23/03/2014 12:56:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2535 octets] ##########
# AdwCleaner v4.110 - Logfile created 15/02/2015 at 00:18:06
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Professional (x64)
# Username : JSM - STUDIO
# Running from : C:\Users\JSM\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\FLV Player
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\JSM\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\JSM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
File Deleted : C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
File Deleted : C:\Users\JSM\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\JSM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7600.16839

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7574 bytes] - [23/03/2014 12:52:07]
AdwCleaner[R1].txt - [4892 bytes] - [15/02/2015 00:15:41]
AdwCleaner[S0].txt - [7097 bytes] - [23/03/2014 12:56:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7156 bytes] ##########

#6 Příspěvek od **Rudy** » 15 úno 2015 11:30

Teď je to v pořádku. Dejte nový log RSIT.

joshua · #7 Příspěvek od **joshua** » 15 úno 2015 16:50

Rudy píše:Teď je to v pořádku. Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by JSM at 2015-02-15 16:49:49
Microsoft Windows 7 Professional
System drive C: has 19 GB (19%) free of 100 GB
Total RAM: 4094 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:54, on 15.2.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\DeltaIITray.exe
C:\Program Files\trend micro\JSM.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
O4 - HKLM\..\Run: [H2OWIBU] C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7552 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"taskhost.exe"
WLIDSvcM.exe 1980
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\System32\DeltaIITray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\JSM\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001Core.job - C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001UA.job - C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-05-23 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-15 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-15 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-05-23 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Google Update"=C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2014-11-22 1610664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^JSM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\JSM\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"M-Audio Taskbar Icon"=C:\Windows\system32\DeltaIITray.exe []
"H2OWIBU"=C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2015-02-13 13:20:10 ----D---- C:\rsit
2015-02-13 13:20:10 ----D---- C:\Program Files\trend micro
2015-02-10 17:41:18 ----D---- C:\Users\JSM\AppData\Roaming\AVG
2015-02-10 17:38:53 ----D---- C:\ProgramData\AVG
2015-02-10 17:12:04 ----D---- C:\ProgramData\AVG Web TuneUp
2015-02-10 17:11:59 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-02-10 14:56:29 ----D---- C:\Users\JSM\AppData\Roaming\AVG2015
2015-02-10 14:55:16 ----HD---- C:\$AVG
2015-02-10 14:55:16 ----D---- C:\ProgramData\AVG2015
2015-02-10 14:54:33 ----D---- C:\Program Files (x86)\AVG
2015-02-10 14:48:09 ----D---- C:\ProgramData\MFAData

======List of files/folders modified in the last 1 month======

2015-02-15 16:49:31 ----D---- C:\Windows\Temp
2015-02-15 16:47:55 ----D---- C:\ProgramData\NVIDIA
2015-02-15 13:41:38 ----SHD---- C:\System Volume Information
2015-02-15 00:18:32 ----D---- C:\Windows\Prefetch
2015-02-15 00:18:12 ----D---- C:\AdwCleaner
2015-02-15 00:18:11 ----RD---- C:\Program Files (x86)
2015-02-15 00:18:11 ----HD---- C:\ProgramData
2015-02-15 00:18:11 ----D---- C:\Windows\system32\drivers
2015-02-15 00:18:11 ----D---- C:\Program Files (x86)\Common Files
2015-02-13 20:24:28 ----D---- C:\Windows\System32
2015-02-13 20:24:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 13:20:10 ----RD---- C:\Program Files
2015-02-12 16:28:49 ----D---- C:\Windows\system32\config
2015-02-11 07:11:47 ----D---- C:\Windows\SysWOW64
2015-02-11 07:10:57 ----D---- C:\Windows\Tasks
2015-02-11 07:10:56 ----D---- C:\Windows\system32\wfp
2015-02-11 07:10:56 ----D---- C:\Windows\system32\wbem
2015-02-11 07:10:55 ----D---- C:\Program Files\Windows Media Player
2015-02-11 07:10:55 ----D---- C:\Program Files\Internet Explorer
2015-02-11 07:10:50 ----D---- C:\Windows
2015-02-11 07:09:42 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-11 07:09:42 ----D---- C:\Windows\system32\DriverStore
2015-02-11 07:09:41 ----D---- C:\Windows\system32\catroot2
2015-02-11 07:09:38 ----D---- C:\Windows\ehome
2015-02-11 07:09:38 ----D---- C:\Program Files\Windows Photo Viewer
2015-02-11 07:09:37 ----D---- C:\WOLF3D
2015-02-11 07:09:37 ----D---- C:\WINTER
2015-02-11 07:09:36 ----D---- C:\Windows\winsxs
2015-02-11 07:08:26 ----D---- C:\Windows\system32\Tasks
2015-02-11 07:08:14 ----D---- C:\Windows\inf
2015-02-11 07:07:59 ----D---- C:\Windows\AppCompat
2015-02-11 07:07:59 ----D---- C:\WACKY
2015-02-11 07:07:43 ----D---- C:\Program Files\Microsoft Security Client
2015-02-11 07:07:42 ----D---- C:\Program Files (x86)\WinRAR
2015-02-11 07:07:41 ----D---- C:\Program Files (x86)\Windows Sidebar
2015-02-11 07:07:21 ----D---- C:\Download
2015-02-11 07:06:12 ----D---- C:\Windows\registration
2015-02-11 07:05:50 ----D---- C:\Windows\Web
2015-02-11 07:05:50 ----D---- C:\Windows\Vss
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\XPSViewer
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\winrm
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\wdi
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\WCN
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\spp
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\Speech
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\slmgr
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\NetworkList
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\MUI
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\Msdtc
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\migwiz
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\migration
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\Macromed
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\InstallShield
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\IME
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\DriverStore
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\drivers
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\Dism
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\config
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\com
2015-02-11 07:05:41 ----D---- C:\Windows\system32\winrm
2015-02-11 07:05:40 ----D---- C:\Windows\system32\WindowsPowerShell
2015-02-11 07:05:40 ----D---- C:\Windows\system32\WinBioPlugIns
2015-02-11 07:05:39 ----D---- C:\Windows\system32\wdi
2015-02-11 07:05:39 ----D---- C:\Windows\system32\WCN
2015-02-11 07:05:38 ----D---- C:\Windows\system32\sysprep
2015-02-11 07:05:37 ----D---- C:\Windows\system32\spp
2015-02-11 07:05:37 ----D---- C:\Windows\system32\spool
2015-02-11 07:05:37 ----D---- C:\Windows\system32\Speech
2015-02-11 07:05:37 ----D---- C:\Windows\system32\SMI
2015-02-11 07:05:37 ----D---- C:\Windows\system32\slmgr
2015-02-11 07:05:35 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2015-02-11 07:05:35 ----D---- C:\Windows\system32\oobe
2015-02-11 07:05:34 ----D---- C:\Windows\system32\NetworkList
2015-02-11 07:05:34 ----D---- C:\Windows\system32\MUI
2015-02-11 07:05:33 ----D---- C:\Windows\system32\Msdtc
2015-02-11 07:05:33 ----D---- C:\Windows\system32\migwiz
2015-02-11 07:05:32 ----SD---- C:\Windows\system32\Microsoft
2015-02-11 07:05:32 ----D---- C:\Windows\system32\migration
2015-02-11 07:05:32 ----D---- C:\Windows\system32\Macromed
2015-02-11 07:05:31 ----D---- C:\Windows\system32\IME
2015-02-11 07:05:28 ----D---- C:\Windows\system32\drivers\UMDF
2015-02-11 07:05:27 ----D---- C:\Windows\system32\Dism
2015-02-11 07:05:26 ----D---- C:\Windows\system32\cs-CZ
2015-02-11 07:05:26 ----D---- C:\Windows\system32\com
2015-02-11 07:05:26 ----D---- C:\Windows\system32\catroot
2015-02-11 07:05:25 ----D---- C:\Windows\system32\Boot
2015-02-11 07:05:25 ----D---- C:\Windows\Speech
2015-02-11 07:05:25 ----D---- C:\Windows\Setup
2015-02-11 07:05:25 ----D---- C:\Windows\servicing
2015-02-11 07:05:24 ----D---- C:\Windows\schemas
2015-02-11 07:05:24 ----D---- C:\Windows\ServiceProfiles
2015-02-11 07:05:24 ----D---- C:\Windows\security
2015-02-11 07:05:24 ----D---- C:\Windows\Resources
2015-02-11 07:05:24 ----D---- C:\Windows\rescache
2015-02-11 07:05:24 ----D---- C:\Windows\PolicyDefinitions
2015-02-11 07:05:24 ----D---- C:\Windows\PLA
2015-02-11 07:05:24 ----D---- C:\Windows\Performance
2015-02-11 07:05:24 ----D---- C:\Windows\Msagent
2015-02-11 07:05:23 ----D---- C:\Windows\Microsoft.NET
2015-02-11 07:05:22 ----SHD---- C:\Windows\Installer
2015-02-11 07:05:22 ----RSD---- C:\Windows\Media
2015-02-11 07:05:21 ----D---- C:\Windows\IME
2015-02-11 07:05:21 ----D---- C:\Windows\Help
2015-02-11 07:05:21 ----D---- C:\Windows\Globalization
2015-02-11 07:05:19 ----RSD---- C:\Windows\assembly
2015-02-11 07:05:19 ----D---- C:\Windows\diagnostics
2015-02-11 07:05:19 ----D---- C:\Windows\Branding
2015-02-11 07:05:19 ----D---- C:\Windows\Boot
2015-02-11 07:05:15 ----D---- C:\Windows\AppPatch
2015-02-11 07:05:14 ----RD---- C:\Users
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Waves Audio
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Sony
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\REAPER
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\QIP
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Publish Providers
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\NetMedia Providers
2015-02-11 07:05:10 ----SD---- C:\Users\JSM\AppData\Roaming\Microsoft
2015-02-11 07:05:10 ----D---- C:\Users\JSM\AppData\Roaming\DAEMON Tools Lite
2015-02-11 07:05:10 ----D---- C:\Users\JSM\AppData\Roaming\Adobe
2015-02-11 07:05:04 ----D---- C:\ProgramData\Sony
2015-02-11 07:05:04 ----D---- C:\ProgramData\Nero
2015-02-11 07:05:03 ----SD---- C:\ProgramData\Microsoft
2015-02-11 07:05:02 ----D---- C:\ProgramData\KORG
2015-02-11 07:05:02 ----D---- C:\ProgramData\Apple Computer
2015-02-11 07:05:02 ----D---- C:\ProgramData\Apple
2015-02-11 07:05:02 ----D---- C:\ProgramData\Adobe
2015-02-11 07:05:02 ----D---- C:\Program Files\Worms
2015-02-11 07:05:02 ----D---- C:\Program Files\Windows Sidebar
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows NT
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Mail
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Live
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Journal
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Defender
2015-02-11 07:05:01 ----D---- C:\Program Files\Vertigo Sound
2015-02-11 07:05:01 ----D---- C:\Program Files\Steinberg
2015-02-11 07:05:01 ----D---- C:\Program Files\Softube
2015-02-11 07:05:00 ----D---- C:\Program Files\ReVolt
2015-02-11 07:05:00 ----D---- C:\Program Files\Reference Assemblies
2015-02-11 07:05:00 ----D---- C:\Program Files\Recuva
2015-02-11 07:05:00 ----D---- C:\Program Files\REAPER (x64)
2015-02-11 07:05:00 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-11 07:05:00 ----D---- C:\Program Files\MSBuild
2015-02-11 07:04:59 ----D---- C:\Program Files\M-Audio
2015-02-11 07:04:59 ----D---- C:\Program Files\FabFilter
2015-02-11 07:04:59 ----D---- C:\Program Files\DVD Maker
2015-02-11 07:04:59 ----D---- C:\Program Files\D-Fend
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\VST3
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\System
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Steinberg
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Softube
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Propellerhead Software
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Digidesign
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Avid
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files
2015-02-11 07:04:59 ----D---- C:\Program Files\Acon Digital
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows NT
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Media Player
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Mail
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Live
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Defender
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Winamp
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\WIBUKEY
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Waves
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Wave Arts
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Vstplugins
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Syncrosoft
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Sweet Home 3D
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\StepMania
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Steinberg
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Steam
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sony Setup
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sony
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sonalksis
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\QuickTime
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSPaudioware
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSP_AUDIOWARE
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSP
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Outsim
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Origin
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Oldschool gamesy
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Nomad Factory
2015-02-11 07:04:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Nero
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\MSBuild
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Office
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Java
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\iZotope
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Image-Line
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\IK Multimedia
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\FLStudio4
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\FabFilter
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\Elemental Audio Systems
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DOSBox-0.74
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\CDex_150
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Apple Software Update
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Algorithmix
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 07:04:51 ----D---- C:\NVIDIA
2015-02-11 07:04:49 ----SHD---- C:\$Recycle.Bin
2015-02-10 14:56:01 ----D---- C:\Users\JSM\AppData\Roaming\TuneUp Software
2015-01-27 15:33:07 ----A---- C:\Users\JSM\AppData\Roaming\msregsvv.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-30 283064]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R3 DELTAII;Service for M-Audio Delta Driver (WDM); C:\Windows\system32\DRIVERS\MAudioDelta.sys [2009-07-27 392712]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-24 541760]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-29 1255736]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 15 úno 2015 17:48

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001UA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

joshua · #9 Příspěvek od **joshua** » 15 úno 2015 17:56

Rudy píše:Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-948969860-2307381655-165583245-1001UA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Ok.
Logfile of random's system information tool 1.10 (written by random/random)
Run by JSM at 2015-02-15 17:56:15
Microsoft Windows 7 Professional
System drive C: has 20 GB (20%) free of 100 GB
Total RAM: 4094 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:20, on 15.2.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\DeltaIITray.exe
C:\Program Files\trend micro\JSM.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
O4 - HKLM\..\Run: [H2OWIBU] C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7552 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1472
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\System32\DeltaIITray.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\JSM\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-05-23 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-15 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-15 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-05-23 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Google Update"=C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\JSM\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2014-11-22 1610664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^JSM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\JSM\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"M-Audio Taskbar Icon"=C:\Windows\system32\DeltaIITray.exe []
"H2OWIBU"=C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2015-02-15 17:51:22 ----D---- C:\_OTM
2015-02-13 13:20:10 ----D---- C:\rsit
2015-02-13 13:20:10 ----D---- C:\Program Files\trend micro
2015-02-10 17:41:18 ----D---- C:\Users\JSM\AppData\Roaming\AVG
2015-02-10 17:38:53 ----D---- C:\ProgramData\AVG
2015-02-10 17:12:04 ----D---- C:\ProgramData\AVG Web TuneUp
2015-02-10 17:11:59 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-02-10 14:56:29 ----D---- C:\Users\JSM\AppData\Roaming\AVG2015
2015-02-10 14:55:16 ----HD---- C:\$AVG
2015-02-10 14:55:16 ----D---- C:\ProgramData\AVG2015
2015-02-10 14:54:33 ----D---- C:\Program Files (x86)\AVG
2015-02-10 14:48:09 ----D---- C:\ProgramData\MFAData

======List of files/folders modified in the last 1 month======

2015-02-15 17:56:17 ----D---- C:\Windows\Temp
2015-02-15 17:53:27 ----D---- C:\ProgramData\NVIDIA
2015-02-15 17:52:14 ----D---- C:\Windows
2015-02-15 17:51:22 ----D---- C:\Windows\Tasks
2015-02-15 13:41:38 ----SHD---- C:\System Volume Information
2015-02-15 00:18:32 ----D---- C:\Windows\Prefetch
2015-02-15 00:18:12 ----D---- C:\AdwCleaner
2015-02-15 00:18:11 ----RD---- C:\Program Files (x86)
2015-02-15 00:18:11 ----HD---- C:\ProgramData
2015-02-15 00:18:11 ----D---- C:\Windows\system32\drivers
2015-02-15 00:18:11 ----D---- C:\Program Files (x86)\Common Files
2015-02-13 20:24:28 ----D---- C:\Windows\System32
2015-02-13 20:24:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-13 13:20:10 ----RD---- C:\Program Files
2015-02-12 16:28:49 ----D---- C:\Windows\system32\config
2015-02-11 07:11:47 ----D---- C:\Windows\SysWOW64
2015-02-11 07:10:56 ----D---- C:\Windows\system32\wfp
2015-02-11 07:10:56 ----D---- C:\Windows\system32\wbem
2015-02-11 07:10:55 ----D---- C:\Program Files\Windows Media Player
2015-02-11 07:10:55 ----D---- C:\Program Files\Internet Explorer
2015-02-11 07:09:42 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-11 07:09:42 ----D---- C:\Windows\system32\DriverStore
2015-02-11 07:09:41 ----D---- C:\Windows\system32\catroot2
2015-02-11 07:09:38 ----D---- C:\Windows\ehome
2015-02-11 07:09:38 ----D---- C:\Program Files\Windows Photo Viewer
2015-02-11 07:09:37 ----D---- C:\WOLF3D
2015-02-11 07:09:37 ----D---- C:\WINTER
2015-02-11 07:09:36 ----D---- C:\Windows\winsxs
2015-02-11 07:08:26 ----D---- C:\Windows\system32\Tasks
2015-02-11 07:08:14 ----D---- C:\Windows\inf
2015-02-11 07:07:59 ----D---- C:\Windows\AppCompat
2015-02-11 07:07:59 ----D---- C:\WACKY
2015-02-11 07:07:43 ----D---- C:\Program Files\Microsoft Security Client
2015-02-11 07:07:42 ----D---- C:\Program Files (x86)\WinRAR
2015-02-11 07:07:41 ----D---- C:\Program Files (x86)\Windows Sidebar
2015-02-11 07:07:21 ----D---- C:\Download
2015-02-11 07:06:12 ----D---- C:\Windows\registration
2015-02-11 07:05:50 ----D---- C:\Windows\Web
2015-02-11 07:05:50 ----D---- C:\Windows\Vss
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\XPSViewer
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\winrm
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\wdi
2015-02-11 07:05:50 ----D---- C:\Windows\SYSWOW64\WCN
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\spp
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\Speech
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\slmgr
2015-02-11 07:05:49 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\NetworkList
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\MUI
2015-02-11 07:05:48 ----D---- C:\Windows\SYSWOW64\Msdtc
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\migwiz
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\migration
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\Macromed
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\InstallShield
2015-02-11 07:05:47 ----D---- C:\Windows\SYSWOW64\IME
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\DriverStore
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\drivers
2015-02-11 07:05:46 ----D---- C:\Windows\SYSWOW64\Dism
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\config
2015-02-11 07:05:45 ----D---- C:\Windows\SYSWOW64\com
2015-02-11 07:05:41 ----D---- C:\Windows\system32\winrm
2015-02-11 07:05:40 ----D---- C:\Windows\system32\WindowsPowerShell
2015-02-11 07:05:40 ----D---- C:\Windows\system32\WinBioPlugIns
2015-02-11 07:05:39 ----D---- C:\Windows\system32\wdi
2015-02-11 07:05:39 ----D---- C:\Windows\system32\WCN
2015-02-11 07:05:38 ----D---- C:\Windows\system32\sysprep
2015-02-11 07:05:37 ----D---- C:\Windows\system32\spp
2015-02-11 07:05:37 ----D---- C:\Windows\system32\spool
2015-02-11 07:05:37 ----D---- C:\Windows\system32\Speech
2015-02-11 07:05:37 ----D---- C:\Windows\system32\SMI
2015-02-11 07:05:37 ----D---- C:\Windows\system32\slmgr
2015-02-11 07:05:35 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2015-02-11 07:05:35 ----D---- C:\Windows\system32\oobe
2015-02-11 07:05:34 ----D---- C:\Windows\system32\NetworkList
2015-02-11 07:05:34 ----D---- C:\Windows\system32\MUI
2015-02-11 07:05:33 ----D---- C:\Windows\system32\Msdtc
2015-02-11 07:05:33 ----D---- C:\Windows\system32\migwiz
2015-02-11 07:05:32 ----SD---- C:\Windows\system32\Microsoft
2015-02-11 07:05:32 ----D---- C:\Windows\system32\migration
2015-02-11 07:05:32 ----D---- C:\Windows\system32\Macromed
2015-02-11 07:05:31 ----D---- C:\Windows\system32\IME
2015-02-11 07:05:28 ----D---- C:\Windows\system32\drivers\UMDF
2015-02-11 07:05:27 ----D---- C:\Windows\system32\Dism
2015-02-11 07:05:26 ----D---- C:\Windows\system32\cs-CZ
2015-02-11 07:05:26 ----D---- C:\Windows\system32\com
2015-02-11 07:05:26 ----D---- C:\Windows\system32\catroot
2015-02-11 07:05:25 ----D---- C:\Windows\system32\Boot
2015-02-11 07:05:25 ----D---- C:\Windows\Speech
2015-02-11 07:05:25 ----D---- C:\Windows\Setup
2015-02-11 07:05:25 ----D---- C:\Windows\servicing
2015-02-11 07:05:24 ----D---- C:\Windows\schemas
2015-02-11 07:05:24 ----D---- C:\Windows\ServiceProfiles
2015-02-11 07:05:24 ----D---- C:\Windows\security
2015-02-11 07:05:24 ----D---- C:\Windows\Resources
2015-02-11 07:05:24 ----D---- C:\Windows\rescache
2015-02-11 07:05:24 ----D---- C:\Windows\PolicyDefinitions
2015-02-11 07:05:24 ----D---- C:\Windows\PLA
2015-02-11 07:05:24 ----D---- C:\Windows\Performance
2015-02-11 07:05:24 ----D---- C:\Windows\Msagent
2015-02-11 07:05:23 ----D---- C:\Windows\Microsoft.NET
2015-02-11 07:05:22 ----SHD---- C:\Windows\Installer
2015-02-11 07:05:22 ----RSD---- C:\Windows\Media
2015-02-11 07:05:21 ----D---- C:\Windows\IME
2015-02-11 07:05:21 ----D---- C:\Windows\Help
2015-02-11 07:05:21 ----D---- C:\Windows\Globalization
2015-02-11 07:05:19 ----RSD---- C:\Windows\assembly
2015-02-11 07:05:19 ----D---- C:\Windows\diagnostics
2015-02-11 07:05:19 ----D---- C:\Windows\Branding
2015-02-11 07:05:19 ----D---- C:\Windows\Boot
2015-02-11 07:05:15 ----D---- C:\Windows\AppPatch
2015-02-11 07:05:14 ----RD---- C:\Users
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Waves Audio
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Sony
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\REAPER
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\QIP
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\Publish Providers
2015-02-11 07:05:11 ----D---- C:\Users\JSM\AppData\Roaming\NetMedia Providers
2015-02-11 07:05:10 ----SD---- C:\Users\JSM\AppData\Roaming\Microsoft
2015-02-11 07:05:10 ----D---- C:\Users\JSM\AppData\Roaming\DAEMON Tools Lite
2015-02-11 07:05:10 ----D---- C:\Users\JSM\AppData\Roaming\Adobe
2015-02-11 07:05:04 ----D---- C:\ProgramData\Sony
2015-02-11 07:05:04 ----D---- C:\ProgramData\Nero
2015-02-11 07:05:03 ----SD---- C:\ProgramData\Microsoft
2015-02-11 07:05:02 ----D---- C:\ProgramData\KORG
2015-02-11 07:05:02 ----D---- C:\ProgramData\Apple Computer
2015-02-11 07:05:02 ----D---- C:\ProgramData\Apple
2015-02-11 07:05:02 ----D---- C:\ProgramData\Adobe
2015-02-11 07:05:02 ----D---- C:\Program Files\Worms
2015-02-11 07:05:02 ----D---- C:\Program Files\Windows Sidebar
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows NT
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Mail
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Live
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Journal
2015-02-11 07:05:01 ----D---- C:\Program Files\Windows Defender
2015-02-11 07:05:01 ----D---- C:\Program Files\Vertigo Sound
2015-02-11 07:05:01 ----D---- C:\Program Files\Steinberg
2015-02-11 07:05:01 ----D---- C:\Program Files\Softube
2015-02-11 07:05:00 ----D---- C:\Program Files\ReVolt
2015-02-11 07:05:00 ----D---- C:\Program Files\Reference Assemblies
2015-02-11 07:05:00 ----D---- C:\Program Files\Recuva
2015-02-11 07:05:00 ----D---- C:\Program Files\REAPER (x64)
2015-02-11 07:05:00 ----D---- C:\Program Files\NVIDIA Corporation
2015-02-11 07:05:00 ----D---- C:\Program Files\MSBuild
2015-02-11 07:04:59 ----D---- C:\Program Files\M-Audio
2015-02-11 07:04:59 ----D---- C:\Program Files\FabFilter
2015-02-11 07:04:59 ----D---- C:\Program Files\DVD Maker
2015-02-11 07:04:59 ----D---- C:\Program Files\D-Fend
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\VST3
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\System
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Steinberg
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Softube
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Propellerhead Software
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Digidesign
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files\Avid
2015-02-11 07:04:59 ----D---- C:\Program Files\Common Files
2015-02-11 07:04:59 ----D---- C:\Program Files\Acon Digital
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows NT
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Media Player
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Mail
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Live
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Windows Defender
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Winamp
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\WIBUKEY
2015-02-11 07:04:58 ----D---- C:\Program Files (x86)\Waves
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Wave Arts
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Vstplugins
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Syncrosoft
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\Sweet Home 3D
2015-02-11 07:04:56 ----D---- C:\Program Files (x86)\StepMania
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Steinberg
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Steam
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sony Setup
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sony
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Sonalksis
2015-02-11 07:04:55 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\QuickTime
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSPaudioware
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSP_AUDIOWARE
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\PSP
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Outsim
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Origin
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Oldschool gamesy
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-02-11 07:04:54 ----D---- C:\Program Files (x86)\Nomad Factory
2015-02-11 07:04:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Nero
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\MSBuild
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Microsoft Office
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Java
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\iZotope
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 07:04:53 ----D---- C:\Program Files (x86)\Image-Line
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\IK Multimedia
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\FLStudio4
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\FabFilter
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\Elemental Audio Systems
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DVDVideoSoft
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DOSBox-0.74
2015-02-11 07:04:52 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\CDex_150
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Apple Software Update
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Algorithmix
2015-02-11 07:04:51 ----D---- C:\Program Files (x86)\Adobe
2015-02-11 07:04:51 ----D---- C:\NVIDIA
2015-02-11 07:04:49 ----SHD---- C:\$Recycle.Bin
2015-02-10 14:56:01 ----D---- C:\Users\JSM\AppData\Roaming\TuneUp Software
2015-01-27 15:33:07 ----A---- C:\Users\JSM\AppData\Roaming\msregsvv.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-30 283064]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R3 DELTAII;Service for M-Audio Delta Driver (WDM); C:\Windows\system32\DRIVERS\MAudioDelta.sys [2009-07-27 392712]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-24 541760]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-29 1255736]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 15 úno 2015 18:03

Dvouklikem na soubor C:\Program Files\trend micro\JSM.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

joshua · #11 Příspěvek od **joshua** » 15 úno 2015 18:40

Rudy píše:Dvouklikem na soubor C:\Program Files\trend micro\JSM.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Udělal jsem to. Děkuji za radu.

#12 Příspěvek od **Rudy** » 15 úno 2015 19:17

Nemáte zač!

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu