All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Michal
->Temp folder emptied: 53496 bytes
->Temporary Internet Files folder emptied: 38569233 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 352537401 bytes
->Flash cache emptied: 613 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 94684 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 373,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Michal
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02262015_085948
Files moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-02-26 09:03:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 198 GB (42%) free of 477 GB
Total RAM: 4077 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:03:52, on 26.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: SetPointII.lnk = ?
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8385 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {77FF23F9-9FDA-474D-BF0F-6D402040CB07}
taskeng.exe {C3661E37-F27C-431A-8A76-2FB07CF4FC50}
C:\Windows\Explorer.EXE
WLIDSvcM.exe 1904
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000678
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\02262015_085948.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Michal\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-26 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-26 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-28 11905128]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"=C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [2010-03-23 417280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2014-05-28 455512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-01-23 1942720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe /MINIMIZED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2008-11-07 517384]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-19 284440]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-12-09 702768]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-01-19 126712]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-26 09:03:50 ----D---- C:\rsit
2015-02-26 08:59:48 ----D---- C:\_OTM
2015-02-21 01:19:45 ----D---- C:\AdwCleaner
2015-02-20 06:24:45 ----D---- C:\FRST
2015-02-19 05:19:44 ----D---- C:\Dying Light
2015-02-19 00:37:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-19 00:37:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-19 00:37:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-19 00:37:55 ----A---- C:\Windows\system32\jscript9.dll
2015-02-19 00:37:50 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\system32\KBDRU.DLL
2015-02-19 00:37:50 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-02-19 00:37:48 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-19 00:37:48 ----A---- C:\Windows\system32\wdi.dll
2015-02-19 00:37:48 ----A---- C:\Windows\system32\powertracker.dll
2015-02-19 00:37:48 ----A---- C:\Windows\system32\perftrack.dll
2015-02-17 04:11:15 ----A---- C:\Users\Michal\AppData\Roaming\msfleyr.dat
2015-02-17 04:10:00 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2015-02-15 04:11:12 ----SHD---- C:\Config.Msi
2015-02-15 01:17:37 ----D---- C:\Users\Michal\AppData\Roaming\LavasoftStatistics
2015-02-15 01:17:27 ----D---- C:\searchplugins
2015-02-15 01:17:27 ----A---- C:\prefs.js
2015-02-15 01:17:01 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-02-15 01:17:01 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.ini
2015-02-15 01:17:01 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-15 01:16:53 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-02-15 01:16:50 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-02-15 00:54:09 ----A---- C:\Windows\system32\RtNicProp64.dll
2015-02-15 00:54:09 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2015-02-14 00:47:04 ----D---- C:\Windows\system32\appraiser
2015-02-14 00:19:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-02-14 00:19:10 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-02-14 00:19:10 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-02-14 00:19:10 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-02-14 00:19:10 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-02-14 00:19:10 ----A---- C:\Windows\system32\rrinstaller.exe
2015-02-14 00:19:10 ----A---- C:\Windows\system32\mfps.dll
2015-02-14 00:19:10 ----A---- C:\Windows\system32\mfpmp.exe
2015-02-14 00:19:10 ----A---- C:\Windows\system32\mferror.dll
2015-02-14 00:19:10 ----A---- C:\Windows\system32\mf.dll
2015-02-14 00:13:06 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-02-14 00:13:06 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-02-14 00:06:50 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2015-02-14 00:06:49 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2015-02-14 00:06:49 ----A---- C:\Windows\system32\infocardapi.dll
2015-02-14 00:06:49 ----A---- C:\Windows\system32\icardagt.exe
2015-02-14 00:06:45 ----A---- C:\Windows\SYSWOW64\icardres.dll
2015-02-14 00:06:45 ----A---- C:\Windows\system32\icardres.dll
2015-02-14 00:06:29 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2015-02-14 00:06:29 ----A---- C:\Windows\system32\TsWpfWrp.exe
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-14 00:04:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-14 00:04:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-14 00:04:46 ----A---- C:\Windows\system32\iernonce.dll
2015-02-14 00:04:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-14 00:04:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-14 00:04:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-14 00:04:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-14 00:04:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-14 00:04:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-14 00:04:45 ----A---- C:\Windows\system32\urlmon.dll
2015-02-14 00:04:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-14 00:04:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-14 00:04:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-14 00:04:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-14 00:04:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-14 00:04:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-14 00:04:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-14 00:04:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-14 00:04:44 ----A---- C:\Windows\system32\iesetup.dll
2015-02-14 00:04:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-14 00:04:44 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-14 00:04:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-14 00:04:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-14 00:04:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-14 00:04:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-14 00:04:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-14 00:04:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-14 00:04:43 ----A---- C:\Windows\system32\iertutil.dll
2015-02-14 00:04:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-14 00:04:42 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-14 00:04:42 ----A---- C:\Windows\system32\ieui.dll
2015-02-14 00:04:42 ----A---- C:\Windows\system32\ieframe.dll
2015-02-14 00:04:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-14 00:04:41 ----A---- C:\Windows\system32\vbscript.dll
2015-02-14 00:04:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-14 00:04:40 ----A---- C:\Windows\system32\wininet.dll
2015-02-14 00:04:40 ----A---- C:\Windows\system32\msrating.dll
2015-02-14 00:04:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-14 00:04:39 ----A---- C:\Windows\system32\mshtml.dll
2015-02-14 00:04:05 ----A---- C:\Windows\SYSWOW64\winsta.dll
2015-02-14 00:04:05 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-14 00:04:05 ----A---- C:\Windows\system32\winsta.dll
2015-02-14 00:04:05 ----A---- C:\Windows\system32\winlogon.exe
2015-02-14 00:04:05 ----A---- C:\Windows\system32\rdpcorekmts.dll
2015-02-14 00:04:05 ----A---- C:\Windows\system32\mstsc.exe
2015-02-14 00:04:05 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2015-02-14 00:04:04 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2015-02-14 00:03:52 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-14 00:03:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-14 00:03:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-14 00:03:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-14 00:03:51 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-14 00:03:51 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-14 00:03:51 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-14 00:03:51 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-14 00:03:51 ----A---- C:\Windows\system32\sspicli.dll
2015-02-14 00:03:51 ----A---- C:\Windows\system32\secur32.dll
2015-02-14 00:03:51 ----A---- C:\Windows\system32\msobjs.dll
2015-02-14 00:03:51 ----A---- C:\Windows\system32\msaudite.dll
2015-02-14 00:03:51 ----A---- C:\Windows\system32\lsass.exe
2015-02-14 00:03:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-14 00:03:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-14 00:03:51 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-14 00:03:51 ----A---- C:\Windows\system32\auditpol.exe
2015-02-14 00:03:51 ----A---- C:\Windows\system32\adtschema.dll
2015-02-14 00:03:35 ----A---- C:\Windows\system32\termsrv.dll
2015-02-14 00:03:09 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-14 00:03:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-14 00:03:09 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-14 00:03:09 ----A---- C:\Windows\system32\wintrust.dll
2015-02-14 00:03:09 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-14 00:03:09 ----A---- C:\Windows\system32\crypt32.dll
2015-02-14 00:02:56 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-02-14 00:02:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-02-14 00:02:56 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-02-14 00:02:56 ----A---- C:\Windows\system32\msihnd.dll
2015-02-14 00:02:56 ----A---- C:\Windows\system32\msi.dll
2015-02-14 00:02:56 ----A---- C:\Windows\system32\consent.exe
2015-02-14 00:02:56 ----A---- C:\Windows\system32\authui.dll
2015-02-14 00:02:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-02-14 00:02:12 ----A---- C:\Windows\system32\shell32.dll
2015-02-14 00:02:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-02-14 00:02:10 ----A---- C:\Windows\system32\tzres.dll
2015-02-14 00:02:00 ----A---- C:\Windows\system32\invagent.dll
2015-02-14 00:02:00 ----A---- C:\Windows\system32\generaltel.dll
2015-02-14 00:02:00 ----A---- C:\Windows\system32\devinv.dll
2015-02-14 00:02:00 ----A---- C:\Windows\system32\appraiser.dll
2015-02-14 00:02:00 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-14 00:02:00 ----A---- C:\Windows\system32\aepic.dll
2015-02-14 00:02:00 ----A---- C:\Windows\system32\aeinv.dll
2015-02-14 00:01:59 ----A---- C:\Windows\system32\aepdu.dll
2015-02-14 00:01:45 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-14 00:01:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-14 00:01:45 ----A---- C:\Windows\system32\schannel.dll
2015-02-14 00:01:45 ----A---- C:\Windows\system32\kerberos.dll
2015-02-14 00:01:44 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-14 00:01:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-14 00:01:44 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-14 00:01:44 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-14 00:01:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-14 00:01:44 ----A---- C:\Windows\system32\wdigest.dll
2015-02-14 00:01:44 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-14 00:01:44 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-14 00:01:44 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-14 00:01:44 ----A---- C:\Windows\system32\credssp.dll
2015-02-14 00:01:29 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-02-14 00:01:29 ----A---- C:\Windows\system32\pku2u.dll
2015-02-14 00:01:12 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-02-14 00:01:12 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-02-14 00:01:12 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-02-14 00:01:12 ----A---- C:\Windows\system32\EncDump.dll
2015-02-14 00:01:12 ----A---- C:\Windows\system32\audiosrv.dll
2015-02-14 00:01:12 ----A---- C:\Windows\system32\AudioSes.dll
2015-02-14 00:01:12 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-02-14 00:01:12 ----A---- C:\Windows\system32\AudioEng.dll
2015-02-14 00:01:10 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-02-14 00:01:10 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-02-14 00:00:55 ----A---- C:\Windows\SYSWOW64\mscories.dll
2015-02-14 00:00:55 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2015-02-14 00:00:55 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2015-02-14 00:00:55 ----A---- C:\Windows\system32\mscories.dll
2015-02-14 00:00:55 ----A---- C:\Windows\system32\mscorier.dll
2015-02-14 00:00:55 ----A---- C:\Windows\system32\dfshim.dll
2015-02-14 00:00:53 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-14 00:00:53 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-14 00:00:53 ----A---- C:\Windows\system32\mstscax.dll
2015-02-14 00:00:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-14 00:00:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-14 00:00:38 ----A---- C:\Windows\system32\IMJP10K.DLL
2015-02-14 00:00:37 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2015-02-14 00:00:34 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-02-14 00:00:31 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-14 00:00:31 ----A---- C:\Windows\system32\scesrv.dll
2015-02-14 00:00:26 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-02-14 00:00:26 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-02-14 00:00:26 ----A---- C:\Windows\system32\msxml3r.dll
2015-02-14 00:00:26 ----A---- C:\Windows\system32\msxml3.dll
2015-02-14 00:00:23 ----A---- C:\Windows\system32\profsvc.dll
2015-02-14 00:00:21 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-02-14 00:00:21 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-02-14 00:00:21 ----A---- C:\Windows\system32\nlasvc.dll
2015-02-14 00:00:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-02-14 00:00:20 ----A---- C:\Windows\system32\qdvd.dll
2015-02-14 00:00:20 ----A---- C:\Windows\system32\packager.dll
2015-02-14 00:00:19 ----A---- C:\Windows\SYSWOW64\packager.dll
2015-02-14 00:00:17 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-02-14 00:00:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-14 00:00:16 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-14 00:00:15 ----A---- C:\Windows\system32\d3d10warp.dll
2015-02-14 00:00:14 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-02-14 00:00:12 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-14 00:00:10 ----A---- C:\Windows\SYSWOW64\rastls.dll
2015-02-14 00:00:10 ----A---- C:\Windows\system32\rastls.dll
2015-02-14 00:00:09 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-02-14 00:00:09 ----A---- C:\Windows\system32\charmap.exe
2015-02-14 00:00:09 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2015-02-14 00:00:08 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-02-14 00:00:08 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-02-14 00:00:08 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-02-14 00:00:08 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-02-14 00:00:08 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-02-14 00:00:08 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-02-14 00:00:08 ----A---- C:\Windows\system32\WsmSvc.dll
2015-02-14 00:00:08 ----A---- C:\Windows\system32\WsmAuto.dll
2015-02-14 00:00:08 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-14 00:00:08 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-02-13 23:55:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-13 23:55:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-13 23:55:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-13 23:55:34 ----A---- C:\Windows\system32\srcore.dll
2015-02-13 23:55:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-13 23:55:33 ----A---- C:\Windows\system32\srclient.dll
2015-02-13 23:55:33 ----A---- C:\Windows\system32\rstrui.exe
2015-02-13 23:55:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-02-13 23:55:18 ----A---- C:\Windows\system32\gdi32.dll
2015-02-13 23:51:54 ----A---- C:\Windows\system32\win32k.sys
2015-02-13 23:51:19 ----A---- C:\Windows\system32\rpcrt4.dll
2015-02-13 23:51:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-02-13 16:05:47 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-02-13 16:05:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-02-13 16:05:38 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-02-13 16:05:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-02-13 16:05:37 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-10 18:27:20 ----D---- C:\Program Files\trend micro
2015-02-10 14:30:06 ----D---- C:\Program Files (x86)\Steam
2015-02-08 16:16:49 ----D---- C:\Users\Michal\AppData\Roaming\The Creative Assembly
2015-02-08 15:46:52 ----D---- C:\Program Files (x86)\Total War Shogun 2
2015-02-05 15:15:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
======List of files/folders modified in the last 1 month======
2015-02-26 09:03:51 ----D---- C:\Windows\Temp
2015-02-26 09:00:13 ----D---- C:\Windows\system32\config
2015-02-26 05:03:47 ----D---- C:\Windows\System32
2015-02-26 05:03:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-26 05:03:46 ----D---- C:\Windows\inf
2015-02-25 13:28:46 ----HD---- C:\ProgramData
2015-02-25 13:28:46 ----D---- C:\Windows\system32\Tasks
2015-02-25 10:22:08 ----D---- C:\Windows\winsxs
2015-02-25 10:21:05 ----D---- C:\Windows\SysWOW64
2015-02-25 08:24:34 ----SHD---- C:\System Volume Information
2015-02-24 14:13:21 ----D---- C:\Program Files (x86)\Opera
2015-02-21 01:21:27 ----RD---- C:\Program Files (x86)
2015-02-20 06:26:08 ----D---- C:\Windows
2015-02-19 20:33:34 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2015-02-19 19:23:14 ----D---- C:\Windows\system32\drivers
2015-02-19 19:23:14 ----D---- C:\Windows\PLA
2015-02-19 19:22:25 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-19 19:22:25 ----D---- C:\Windows\system32\en-US
2015-02-19 19:22:24 ----RSD---- C:\Windows\Fonts
2015-02-19 19:22:24 ----D---- C:\Windows\tracing
2015-02-19 19:05:30 ----D---- C:\Windows\debug
2015-02-18 08:16:12 ----D---- C:\Windows\Prefetch
2015-02-16 00:15:35 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2015-02-15 18:57:20 ----SHD---- C:\Windows\Installer
2015-02-15 18:57:20 ----RD---- C:\Program Files
2015-02-15 18:57:18 ----D---- C:\Program Files\Common Files
2015-02-15 00:54:45 ----D---- C:\Windows\system32\DriverStore
2015-02-15 00:54:08 ----D---- C:\Program Files (x86)\Realtek
2015-02-15 00:45:18 ----D---- C:\Windows\Tasks
2015-02-14 07:20:23 ----D---- C:\Windows\rescache
2015-02-14 02:03:15 ----D---- C:\Windows\Microsoft.NET
2015-02-14 01:49:57 ----RSD---- C:\Windows\assembly
2015-02-14 00:52:06 ----D---- C:\Windows\system32\catroot2
2015-02-14 00:47:04 ----SD---- C:\Windows\system32\CompatTel
2015-02-14 00:47:04 ----D---- C:\Windows\ehome
2015-02-14 00:47:04 ----D---- C:\Windows\AppCompat
2015-02-14 00:47:03 ----SD---- C:\ProgramData\Microsoft
2015-02-14 00:47:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-14 00:47:03 ----D---- C:\Windows\system32\cs-CZ
2015-02-14 00:46:55 ----D---- C:\Program Files\Internet Explorer
2015-02-14 00:46:52 ----D---- C:\Windows\PolicyDefinitions
2015-02-14 00:46:51 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-14 00:35:18 ----D---- C:\Windows\system32\catroot
2015-02-14 00:31:18 ----D---- C:\ProgramData\Package Cache
2015-02-14 00:23:16 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-14 00:12:58 ----D---- C:\Windows\system32\MRT
2015-02-13 19:31:04 ----D---- C:\Windows\Logs
2015-02-10 01:30:35 ----D---- C:\Program Files (x86)\Avira
2015-02-08 14:54:09 ----RD---- C:\Users
2015-02-07 12:18:32 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2015-02-05 16:15:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-29 17:49:32 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-10 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-10-14 131608]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-07-02 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-05 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-10-14 119272]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2010-01-14 32544]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
R3 athr;Extensible Wireless LAN device driver for Windows 7; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-27 1550848]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-28 2905832]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-19 943832]
S1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys []
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-02-19 129752]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2010-01-14 29472]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-07-24 38632]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-11-02 42184]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-12-09 431920]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-12-09 431920]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-01-19 182520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-19 13592]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-01-14 76888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-10-10 175136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2015-02-26 09:03:54
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AE1E5145800008020210007DF130C000800000020030000DF140C07FEFFFF002803000030353A000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
-->MsiExec /X{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 16 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -maintain plugin
Adobe Flash Player 16 PPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe -maintain pepperplugin
Adobe Reader XI (11.0.07) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
AMD Accelerated Video Transcoding-->MsiExec.exe /X{8F2415FA-72F2-F029-0450-4EB2FAE484C5}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{F2A7CE36-57BF-5C86-952D-90DBF3746D82} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{1AFC919D-751B-A5D7-B17D-7C0067A65D2E}
AMD Media Foundation Decoders-->MsiExec.exe /X{E5D0E3BF-EE4E-A050-BC6B-59BF0D1E9D89}
AMD Steady Video Plug-In -->MsiExec.exe /X{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}
AMD Wireless Display v3.0-->MsiExec.exe /X{15C339CD-5C22-1B4F-8F72-19597C95E00A}
AMD Wireless Display v3.0-->MsiExec.exe /X{426582A8-202F-D13C-8BD5-F00551BAFC93}
AMD Wireless Display v3.0-->MsiExec.exe /X{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}
Asmedia ASM104x USB 3.0 Host Controller Driver-->MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Avira-->"C:\ProgramData\Package Cache\{142be4a8-895b-4ed9-b1ff-11c76357e3df}\Avira.OE.Setup.Bundle.exe" /uninstall
Avira-->"C:\ProgramData\Package Cache\{bd538030-07d4-4999-a525-7fafa2483f56}\Avira.OE.Setup.Bundle.exe" /uninstall
Avira-->MsiExec.exe /I{462A1E00-58EA-4D63-96F4-3EFAEC9A5BCA}
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang= --uid=battle.net --displayname="Battle.net"
Borderlands The Pre-Sequel verze v1.0.2014-->"C:\Program Files (x86)\Borderlands The Pre-Sequel\unins000.exe"
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47}
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
CursorFX-->"C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.exe" REMOVE=TRUE MODIFY=FALSE
CursorFX-->C:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}\CursorFX_setup.exe
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}
Game Dev Tycoon verze 1.5.11-->"C:\Program Files (x86)\Game Dev Tycoon\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Handset WinDriver 1.02.03.00-->C:\Program Files (x86)\Handset WinDriver\uninst.exe
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Java 7 Update 45 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417045FF}
Java 7 Update 65-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217040FF}
League of Legends-->msiexec.exe /x {79BF4901-1EC4-4726-B3C2-A7859706C6E7}
League of Legends-->MsiExec.exe /X{79BF4901-1EC4-4726-B3C2-A7859706C6E7}
Logitech SetPoint 5.20-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9}
Malwarebytes Anti-Malware verze 2.0.4.1028-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}
Microsoft IntelliType Pro 8.2-->msiexec.exe /I {8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}
Microsoft IntelliType Pro 8.2-->MsiExec.exe /X{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106-->"C:\ProgramData\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NVIDIA PhysX-->MsiExec.exe /X{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}
Opera Stable 27.0.1689.76-->"C:\Program Files (x86)\Opera\Launcher.exe" /uninstall
PunkBuster Services-->C:\Program Files (x86)\EA Games\Battlefield Play4Free\pbsvc_p4f.exe -u
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek Ethernet Diagnostic Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}\setup.exe" -runfromtemp -l0x0005 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Samsung_MonSetup-->C:\Program Files (x86)\InstallShield Installation Information\{8EA79DBF-D637-448A-89D6-410A087A4493}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Skype™ 7.0-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Star Wars: The Old Republic-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
The Binding of Isaac Rebirth 1.0-->C:\Games\The Binding of Isaac Rebirth\Uninstall.exe
TP-LINK Wireless Client Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{71BF8787-A67D-4CBC-9155-22927199F4BB}\setup.exe" -runfromtemp -l0x0009 -removeonly
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
User's Guides-->MsiExec.exe /I{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.11 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1 localhost
::1 localhost
======System event log======
Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby WUAUCLT byl změněn na: Zastaveno
Record Number: 285442
Source Name: Service Control Manager
Time Written: 20150119045802.068803-000
Event Type: Informace
User:
Computer Name: Michal-PC
Event Code: 7034
Message: Služba WUAUCLT byla neočekávaně ukončena. Tento stav nastal již 102krát.
Record Number: 285441
Source Name: Service Control Manager
Time Written: 20150119045702.082372-000
Event Type: Chyba
User:
Computer Name: Michal-PC
Event Code: 7024
Message: Služba WUAUCLT ukončena s chybou Systém nemůže nalézt uvedenou cestu., specifickou pro službu.
Record Number: 285440
Source Name: Service Control Manager
Time Written: 20150119045702.081372-000
Event Type: Chyba
User:
Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby WUAUCLT byl změněn na: Zastaveno
Record Number: 285439
Source Name: Service Control Manager
Time Written: 20150119045702.081372-000
Event Type: Informace
User:
Computer Name: Michal-PC
Event Code: 7034
Message: Služba WUAUCLT byla neočekávaně ukončena. Tento stav nastal již 101krát.
Record Number: 285438
Source Name: Service Control Manager
Time Written: 20150119045602.065939-000
Event Type: Chyba
User:
=====Application event log=====
Computer Name: Michal-PC
Event Code: 1010
Message:
Record Number: 185432
Source Name: nssm
Time Written: 20150121153010.000000-000
Event Type: Chyba
User:
Computer Name: Michal-PC
Event Code: 1040
Message:
Record Number: 185431
Source Name: nssm
Time Written: 20150121153010.000000-000
Event Type: Informace
User:
Computer Name: Michal-PC
Event Code: 1012
Message:
Record Number: 185430
Source Name: nssm
Time Written: 20150121152910.000000-000
Event Type: Informace
User:
Computer Name: Michal-PC
Event Code: 1010
Message:
Record Number: 185429
Source Name: nssm
Time Written: 20150121152910.000000-000
Event Type: Chyba
User:
Computer Name: Michal-PC
Event Code: 1040
Message:
Record Number: 185428
Source Name: nssm
Time Written: 20150121152910.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Michal-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 16051
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140721135738.454415-000
Event Type: Úspěšný audit
User:
Computer Name: Michal-PC
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 16050
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140721135738.454415-000
Event Type: Úspěšný audit
User:
Computer Name: Michal-PC
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 16049
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140721135703.492237-000
Event Type: Úspěšný audit
User:
Computer Name: Michal-PC
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:
Předmět:
ID zabezpečení: S-1-5-21-3622263592-3081926274-2433498376-1000
Název účtu: Michal
Doména účtu: Michal-PC
ID přihlášení: 0x2abb3
Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 16048
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140721135700.715432-000
Event Type: Úspěšný audit
User:
Computer Name: Michal-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-3622263592-3081926274-2433498376-1000
Název účtu: Michal
Název domény: Michal-PC
ID přihlášení: 0x2ab8d
Record Number: 16047
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140721135413.287637-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
RE:Nelze se pripojit na server
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: RE:Nelze se pripojit na server
ale mozna to je na spravne ceste, neudalo se ted neco podstatneho? protoze na chvili se slo pripojit na ten server, ale pak zas nic :/
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RE:Nelze se pripojit na server
Tak byly smazány soubory Temp. Ještě zkuste přes prohlížeč odstranit cookies.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?