Dobrý den,
při kliknutí na nějaký odkaz v Mozille dochází k občasnému přesměrování na jiné stránky.
Zkoušel jsem různé prográmky k odstranění, i jsem Firefox přeinstaloval, problém stále přetrvává.
Předem děkuji za pomoc!
Rsit log/info:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-12-30 17:01:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 42 GB (42%) free of 100 GB
Total RAM: 3326 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:01:54, on 30.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Petr\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
--
End of file - 6279 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-175700146-1043185978-2423271375-1000Core.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-175700146-1043185978-2423271375-1000UA.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s6licoiq.default-1451428372834
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files\AVG\Av\avgui.exe [2015-11-20 3855272]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AllShareAgent"=C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"StartCCC"=C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [2015-07-15 748744]
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 3280728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files\Raptr\raptrstub.exe [2015-10-01 56080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-30 17:01:52 ----D---- C:\rsit
2015-12-30 17:01:52 ----D---- C:\Program Files\trend micro
2015-12-30 00:23:24 ----D---- C:\Windows\temp
2015-12-30 00:23:23 ----A---- C:\ComboFix.txt
2015-12-30 00:22:36 ----SHD---- C:\$RECYCLE.BIN
2015-12-30 00:11:14 ----A---- C:\Windows\zip.exe
2015-12-30 00:11:14 ----A---- C:\Windows\SWSC.exe
2015-12-30 00:11:14 ----A---- C:\Windows\SWREG.exe
2015-12-30 00:11:14 ----A---- C:\Windows\sed.exe
2015-12-30 00:11:14 ----A---- C:\Windows\PEV.exe
2015-12-30 00:11:14 ----A---- C:\Windows\NIRCMD.exe
2015-12-30 00:11:14 ----A---- C:\Windows\MBR.exe
2015-12-30 00:11:14 ----A---- C:\Windows\grep.exe
2015-12-30 00:10:21 ----AD---- C:\Qoobox
2015-12-30 00:09:59 ----D---- C:\Windows\erdnt
2015-12-29 23:23:11 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-12-29 22:15:22 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-12-29 22:15:19 ----D---- C:\ProgramData\RogueKiller
2015-12-29 22:08:43 ----A---- C:\Windows\system32\bootdelete.exe
2015-12-29 21:57:50 ----D---- C:\ProgramData\HitmanPro
2015-12-29 21:36:55 ----D---- C:\ProgramData\Malwarebytes
2015-12-29 21:30:36 ----D---- C:\AdwCleaner
2015-12-29 12:19:06 ----D---- C:\Program Files\Mozilla Firefox
2015-12-14 23:27:35 ----D---- C:\Users\Petr\AppData\Roaming\R-TT
2015-12-14 23:27:05 ----D---- C:\Program Files\R-Studio
2015-12-14 22:41:47 ----D---- C:\Program Files\Western Digital Corporation
2015-12-14 22:25:53 ----D---- C:\Users\Petr\AppData\Roaming\Binary data
2015-12-13 12:08:05 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2015-12-13 12:01:02 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-12-13 12:00:57 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 month======
2015-12-30 17:01:52 ----RD---- C:\Program Files
2015-12-30 16:59:01 ----D---- C:\Windows\system32\config
2015-12-30 16:51:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-12-30 15:24:52 ----D---- C:\ProgramData\MFAData
2015-12-30 10:23:04 ----D---- C:\Windows\system32\Tasks
2015-12-30 10:00:59 ----D---- C:\Windows\System32
2015-12-30 00:23:25 ----D---- C:\Windows\system32\drivers
2015-12-30 00:23:24 ----D---- C:\Windows
2015-12-30 00:22:31 ----D---- C:\Windows\Tasks
2015-12-30 00:21:26 ----A---- C:\Windows\system.ini
2015-12-30 00:21:16 ----D---- C:\Windows\system32\drivers\etc
2015-12-30 00:17:24 ----D---- C:\Windows\AppPatch
2015-12-30 00:17:21 ----D---- C:\Program Files\Common Files
2015-12-29 23:23:51 ----D---- C:\Windows\inf
2015-12-29 22:15:19 ----D---- C:\ProgramData
2015-12-29 22:08:42 ----D---- C:\Program Files\Partition Magic 9 cz full windows 7
2015-12-29 22:08:36 ----SHD---- C:\System Volume Information
2015-12-29 21:30:40 ----D---- C:\Windows\Prefetch
2015-12-29 20:26:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 12:18:19 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2015-12-28 13:17:53 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-12-23 14:51:00 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-12-23 10:31:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-18 12:28:40 ----SHD---- C:\Windows\Installer
2015-12-14 23:16:14 ----D---- C:\Windows\Logs
2015-12-13 12:08:24 ----D---- C:\Windows\system32\DriverStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2015-08-20 231344]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-08-14 308656]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-11-06 193968]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-08-10 36784]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-11-06 149936]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-11-06 255920]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-10-08 231856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-07-16 19503104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-07-16 532480]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2015-07-15 78848]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [2014-04-09 27648]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-13 26168]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-13 40504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-05-31 13528]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-05-31 26328]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-10 629760]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-03-11 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-07-16 214528]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 276992]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [2015-11-20 3857272]
R2 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2015-11-12 862632]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\Av\avgwdsvcx.exe [2015-11-20 579776]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [2014-04-09 688240]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1082200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-10 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AvgAMPS;AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [2015-11-20 615584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-10 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-24 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2015-12-30 17:01:58
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A66F61F6400000020210007A3130D000800000020030080A3140D07EFFFFF0028030000D8310C00EFFFFF07EFFFFF0000350C00503B680000000000000000000000000000000055AA
======Uninstall list======
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Flash Player 20 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_267_ActiveX.exe -maintain activex
Adobe Flash Player 20 NPAPI-->C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824161310}
Aegisub 3.2.0-->"C:\Program Files\Aegisub\unins000.exe"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD Accelerated Video Transcoding-->MsiExec.exe /X{D427123D-6FED-3FF4-8490-49BAD3970C11}
AMD Catalyst Install Manager-->msiexec /q/x{6649FF3E-5231-B481-3376-8108FDF1EAD3} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{9BB76948-12B0-97E4-1954-DF52AAA4EFF9}
AMD Wireless Display v3.0-->MsiExec.exe /I{2CC34925-D47D-BD10-AA1E-FAA76F3B5D82}
AMD Wireless Display v3.0-->MsiExec.exe /I{720D9F9E-469C-ABCC-19CA-12504A2E1513}
AMD Wireless Display v3.0-->MsiExec.exe /I{7941CEA2-7F1E-89F6-EA85-D885D44371F3}
AMD Wireless Display v3.0-->MsiExec.exe /I{7B6DB690-4552-9EDC-40F3-4F73B2B98EB1}
AMD Wireless Display v3.0-->MsiExec.exe /I{CA17AC98-DA1B-A84D-0921-AD1B1C3DF2CF}
Ashampoo Burning Studio FREE v.1.14.5-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio FREE\unins000.exe"
AVG 2016-->MsiExec.exe /I{9BE0C316-14A0-452C-8C83-C0C2709917F6}
AVG Protection-->C:\Program Files\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=av
AVG-->MsiExec.exe /I{C0459475-48BD-4473-9239-B89F25601E7A}
Catalyst Control Center - Branding-->MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Diablo II-->C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat
FMW 1-->MsiExec.exe /I{D6A5F418-3672-4E7E-A2E8-4734467C6037}
Google Drive-->MsiExec.exe /X{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Juniper Networks Network Connect 7.4.0-->"C:\Program Files\Juniper Networks\Network Connect 7.4.0\uninstall.exe"
Juniper Networks, Inc. Setup Client Activex Control-->C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005-->"C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Mobi File Reader-->"C:\Program Files\Mobi File Reader\unins000.exe"
Mozilla Firefox 43.0.3 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Partition Magic 9 cz full windows 7 version for Windows-->"C:\Program Files\Partition Magic 9 cz full windows 7\unins000.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Polipo 1.0.4.1-->"C:\Program Files\Vidalia Bundle\Uninstall.exe"
Raptr-->"C:\Program Files\Raptr\uninstall.exe"
Roller Coaster Tycoon 2-->C:\PROGRA~1\ATARI-~1\ROLLER~1\UNWISE.EXE C:\PROGRA~1\ATARI-~1\ROLLER~1\INSTALL.LOG
RollerCoaster Tycoon 2 Mini Game-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DD12044-424B-4650-A526-5CA3317EEB52}\Setup.exe" -l0x9
Samsung AllShare-->"C:\Program Files\InstallShield Installation Information\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}\setup.exe" -runfromtemp -l0x0405 -removeonly
Samsung AllShare-->MsiExec.exe /I{DF47ACA3-7C78-4C08-8007-AC682563C9F1}
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1531A92E-2552-384F-B942-06A5D18DFA13}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {CBD8D84A-257A-3A60-9819-5DF166F9CD25}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {4DC3F78D-5CCF-37B9-9A05-EDDC456F4F20}
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {00BE0B8D-C610-34AA-ABD1-EE023DA39E5D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1863F765-CBE8-3EB3-B434-CA6B6DF2561E}
Security Update for Microsoft .NET Framework 4.5.1 (KB3023224)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {3DDE5FB2-7F31-38AB-9407-F5698AD72FE8}
Security Update for Microsoft .NET Framework 4.5.1 (KB3035490)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {3DFE50DE-BA81-369E-B149-CC3B8AB09405}
Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {C7D8B9A9-9C79-3278-A33E-C621DA724830}
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A33F3451-9AD4-46C0-9CDB-AA38071CDAB5}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2837610) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BBF521D0-8A73-4B87-8AF5-1D26CFF6303F}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {56BB0BAB-7C3C-40C1-8F70-1AAE6A5FE45F}
Security Update for Microsoft Office 2007 suites (KB3054888) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {63F8EA0A-DB47-4896-AF49-9D1F81D4997F}
Security Update for Microsoft Office 2007 suites (KB3054890) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BAA41D34-C953-47F5-9430-87E74D9DF0A7}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E6432A6E-6494-4CE5-A64B-601D5495F200}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C79D9A1A-32DB-4B96-BC3C-772000D6FAB1}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2986254) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2EE92094-C692-4E9F-9034-DBC586621C99}
Security Update for Microsoft Office Excel 2007 (KB3054992) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0385F9E8-5593-4E2E-915E-916960B2FEA3}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C069DBBB-0547-4405-B9C8-38123FCD9CE0}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB3055051) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7759139C-222D-443A-87D3-0A22925A584D}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB3055052) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {424ADE6E-3852-4C0C-B32A-92701D358032}
SketchUp 2015-->MsiExec.exe /X{D640B9A3-D937-47E2-9BFA-A593DFA8AF21}
Skype™ 6.18-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
Sony Mobile Update Engine-->C:\Program Files\Sony Mobile\Update Engine\uninst.exe
Sony PC Companion 2.10.275-->"C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Subtitle Workshop 2.51-->"C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
TeamViewer 9-->C:\Program Files\TeamViewer\Version9\uninstall.exe
The Witcher Enhanced Edition Director's Cut-->"C:\GOG Games\The Witcher Enhanced Edition Director's Cut\unins000.exe"
Tor 0.2.1.30-->"C:\Program Files\Vidalia Bundle\Uninstall.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3055023) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EE216216-FA20-4871-B8F9-388B34D2D55F}
Vidalia 0.2.12-->"C:\Program Files\Vidalia Bundle\Uninstall.exe"
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
VLC media player 2.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VOB to AVI 1.0-->"C:\Program Files\VOB to AVI\unins000.exe"
Vypínač na dobrou noc verze 2.0-->"C:\Program Files\Vypínač na dobrou noc\unins000.exe"
======System event log======
Computer Name: Petr-PC
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 28. července 2014 v 3:00):
- Aktualizace zabezpečení systému Windows 7 (KB2912390)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 platformy x86 (KB2901126)
- Kumulativní aktualizace zabezpečení pro aplikaci Internet Explorer 11 pro systém Windows 7 (KB2929437)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 x86 (KB2898869)
- Aktualizace systému Windows 7 (KB2515325)
- Aktualizace systému Windows 7 (KB2929755)
- Aktualizace systému Windows 7 (KB2732487)
- Aktualizace zabezpečení systému Windows 7 (KB2532531)
- Aktualizace systému Windows 7 (KB2913152)
Record Number: 2680
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20140727190344.030271-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Petr-PC
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 28. července 2014 v 3:00):
- Aktualizace zabezpečení systému Windows 7 (KB2912390)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 platformy x86 (KB2901126)
- Kumulativní aktualizace zabezpečení pro aplikaci Internet Explorer 11 pro systém Windows 7 (KB2929437)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 x86 (KB2898869)
- Aktualizace systému Windows 7 (KB2515325)
- Aktualizace systému Windows 7 (KB2929755)
- Aktualizace zabezpečení systému Windows 7 (KB2532531)
- Aktualizace systému Windows 7 (KB2913152)
Record Number: 2679
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20140727190344.030271-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Petr-PC
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 28. července 2014 v 3:00):
- Aktualizace zabezpečení systému Windows 7 (KB2912390)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 platformy x86 (KB2901126)
- Kumulativní aktualizace zabezpečení pro aplikaci Internet Explorer 11 pro systém Windows 7 (KB2929437)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 x86 (KB2898869)
- Aktualizace systému Windows 7 (KB2515325)
- Aktualizace systému Windows 7 (KB2929755)
- Aktualizace systému Windows 7 (KB2913152)
Record Number: 2678
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20140727190344.030271-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Petr-PC
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 28. července 2014 v 3:00):
- Aktualizace zabezpečení systému Windows 7 (KB2912390)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 platformy x86 (KB2901126)
- Kumulativní aktualizace zabezpečení pro aplikaci Internet Explorer 11 pro systém Windows 7 (KB2929437)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 x86 (KB2898869)
- Aktualizace systému Windows 7 (KB2515325)
- Aktualizace systému Windows 7 (KB2929755)
Record Number: 2677
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20140727190338.351861-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Petr-PC
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 28. července 2014 v 3:00):
- Aktualizace zabezpečení systému Windows 7 (KB2912390)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 platformy x86 (KB2901126)
- Kumulativní aktualizace zabezpečení pro aplikaci Internet Explorer 11 pro systém Windows 7 (KB2929437)
- Aktualizace zabezpečení pro rozhraní Microsoft .NET Framework 4.5.1 v systémech Windows 7, Windows Vista a Windows Server 2008 x86 (KB2898869)
- Aktualizace systému Windows 7 (KB2515325)
Record Number: 2676
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20140727190338.351861-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: 37L4247F27-08
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDeviceProblemCode
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: x86
P2: USB\UNKNOWN
P3: {36fc9e60-c465-11cf-8056-444553540000}
P4: 0000002B
P5: unknown
P6: unknown
P7: unknown
P8:
P9:
P10:
Připojené soubory:
C:\Windows\Temp\DMIDED9.tmp.log.xml
C:\Windows\Temp\LOGDEF9.tmp
C:\Windows\inf\usb.inf
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_a796cc5babf24d790d38cfc7dd844dad2e847e4_cab_0634df17
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: b53df7cc-0b7c-11e4-86b2-bc843623d576
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20140714173138.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-08
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20140714173136.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-08
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20140714173134.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-08
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140714173132.326486-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247F27-08
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20140714173132.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: 37L4247F27-08
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-08$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140714173116.414459-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-08
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-08$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140714173116.414459-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-08
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x250ba
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140714173116.289658-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-08
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140714173115.431657-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-08
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140714173115.384857-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\AMD\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Firefox - občasné nechtěné přesměrování po kliknutí na odkaz
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
Dobrý večer,
bohužel nebylo nic nalezeno.
AVG mi navíc tento program odstranil jako nebezpečný, ale to bylo až po testu.
bohužel nebylo nic nalezeno.
AVG mi navíc tento program odstranil jako nebezpečný, ale to bylo až po testu.
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
# AdwCleaner v5.027 - Logfile created 30/12/2015 at 19:38:35
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [677 bytes] ##########
Po vyhledání viry.cz googlem a následném přechodu na stránku se mi objevila jiná stránka. Viz. Příloha
Po pokusu o zavření stránky vyskočí tabulka že stránka žádá o potvrzení o ukončení.
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [677 bytes] ##########
Po vyhledání viry.cz googlem a následném přechodu na stránku se mi objevila jiná stránka. Viz. Příloha
Po pokusu o zavření stránky vyskočí tabulka že stránka žádá o potvrzení o ukončení.
- Přílohy
-
- OtherSite.png (201.56 KiB) Zobrazeno 1371 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Co mělo zanmenat to dnešní spuštění ComboFix? Vy jste nečetl pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3)? Mám chuť se vám na to vykašlat.
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-175700146-1043185978-2423271375-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-175700146-1043185978-2423271375-1000UA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Co mělo zanmenat to dnešní spuštění ComboFix? Vy jste nečetl pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3)? Mám chuť se vám na to vykašlat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
Combofix jsem pustil ze zvědavosti.
Oceňuji, že mi pomáháte a upřímně řečeno jsem trochu v úžasu nad Vaší rychlou reakcí mezi svátky. To všechno zadarmo.
Pokud máte chuť se na to vykašlat, nic Vám v tom samozřejmě nebrání.
Zlobit se nebudu.
(Zdá se, že k přesměrování již nedochází.)
Zde je log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-12-30 20:51:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 41 GB (41%) free of 100 GB
Total RAM: 3326 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:50, on 30.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Petr\Desktop\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
--
End of file - 6263 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s6licoiq.default-1451428372834
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files\AVG\Av\avgui.exe [2015-11-20 3855272]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AllShareAgent"=C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"StartCCC"=C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [2015-07-15 748744]
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 3280728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files\Raptr\raptrstub.exe [2015-10-01 56080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-30 20:38:22 ----D---- C:\_OTM
2015-12-30 19:57:28 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-12-30 19:56:38 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-12-30 19:56:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-12-30 19:56:38 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-12-30 19:56:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-12-30 17:01:52 ----D---- C:\rsit
2015-12-30 17:01:52 ----D---- C:\Program Files\trend micro
2015-12-30 00:23:24 ----D---- C:\Windows\temp
2015-12-30 00:23:23 ----A---- C:\ComboFix.txt
2015-12-30 00:22:36 ----SHD---- C:\$RECYCLE.BIN
2015-12-30 00:11:14 ----A---- C:\Windows\zip.exe
2015-12-30 00:11:14 ----A---- C:\Windows\SWSC.exe
2015-12-30 00:11:14 ----A---- C:\Windows\SWREG.exe
2015-12-30 00:11:14 ----A---- C:\Windows\sed.exe
2015-12-30 00:11:14 ----A---- C:\Windows\PEV.exe
2015-12-30 00:11:14 ----A---- C:\Windows\NIRCMD.exe
2015-12-30 00:11:14 ----A---- C:\Windows\MBR.exe
2015-12-30 00:11:14 ----A---- C:\Windows\grep.exe
2015-12-30 00:10:21 ----AD---- C:\Qoobox
2015-12-30 00:09:59 ----D---- C:\Windows\erdnt
2015-12-29 23:23:11 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-12-29 22:15:22 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-12-29 22:15:19 ----D---- C:\ProgramData\RogueKiller
2015-12-29 22:08:43 ----A---- C:\Windows\system32\bootdelete.exe
2015-12-29 21:57:50 ----D---- C:\ProgramData\HitmanPro
2015-12-29 21:36:55 ----D---- C:\ProgramData\Malwarebytes
2015-12-29 21:30:36 ----D---- C:\AdwCleaner
2015-12-29 12:19:06 ----D---- C:\Program Files\Mozilla Firefox
2015-12-14 23:27:35 ----D---- C:\Users\Petr\AppData\Roaming\R-TT
2015-12-14 23:27:05 ----D---- C:\Program Files\R-Studio
2015-12-14 22:41:47 ----D---- C:\Program Files\Western Digital Corporation
2015-12-14 22:25:53 ----D---- C:\Users\Petr\AppData\Roaming\Binary data
2015-12-13 12:08:05 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2015-12-13 12:01:02 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-12-13 12:00:57 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 month======
2015-12-30 20:51:41 ----D---- C:\Windows\Prefetch
2015-12-30 20:49:25 ----D---- C:\Windows\system32\config
2015-12-30 20:44:14 ----D---- C:\Windows\Tasks
2015-12-30 19:57:28 ----D---- C:\Windows\system32\drivers
2015-12-30 19:56:38 ----RD---- C:\Program Files
2015-12-30 16:51:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-12-30 15:24:52 ----D---- C:\ProgramData\MFAData
2015-12-30 10:23:04 ----D---- C:\Windows\system32\Tasks
2015-12-30 10:00:59 ----D---- C:\Windows\System32
2015-12-30 00:23:24 ----D---- C:\Windows
2015-12-30 00:21:26 ----A---- C:\Windows\system.ini
2015-12-30 00:21:16 ----D---- C:\Windows\system32\drivers\etc
2015-12-30 00:17:24 ----D---- C:\Windows\AppPatch
2015-12-30 00:17:21 ----D---- C:\Program Files\Common Files
2015-12-29 23:23:51 ----D---- C:\Windows\inf
2015-12-29 22:15:19 ----D---- C:\ProgramData
2015-12-29 22:08:42 ----D---- C:\Program Files\Partition Magic 9 cz full windows 7
2015-12-29 22:08:36 ----SHD---- C:\System Volume Information
2015-12-29 20:26:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 12:18:19 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2015-12-28 13:17:53 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-12-23 14:51:00 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-12-23 10:31:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-18 12:28:40 ----SHD---- C:\Windows\Installer
2015-12-14 23:16:14 ----D---- C:\Windows\Logs
2015-12-13 12:08:24 ----D---- C:\Windows\system32\DriverStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2015-08-20 231344]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-08-14 308656]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-11-06 193968]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-08-10 36784]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-11-06 149936]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-11-06 255920]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-10-08 231856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-07-16 19503104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-07-16 532480]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2015-07-15 78848]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [2014-04-09 27648]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-13 26168]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-13 40504]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-12-30 170200]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 51928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-05-31 13528]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-05-31 26328]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-10 629760]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-03-11 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-07-16 214528]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 276992]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [2015-11-20 3857272]
R2 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2015-11-12 862632]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\Av\avgwdsvcx.exe [2015-11-20 579776]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [2014-04-09 688240]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1082200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-10 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AvgAMPS;AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [2015-11-20 615584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-10 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-24 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Oceňuji, že mi pomáháte a upřímně řečeno jsem trochu v úžasu nad Vaší rychlou reakcí mezi svátky. To všechno zadarmo.
Pokud máte chuť se na to vykašlat, nic Vám v tom samozřejmě nebrání.
Zlobit se nebudu.
(Zdá se, že k přesměrování již nedochází.)
Zde je log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-12-30 20:51:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 41 GB (41%) free of 100 GB
Total RAM: 3326 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:50, on 30.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Petr\Desktop\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
--
End of file - 6263 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\s6licoiq.default-1451428372834
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files\AVG\Av\avgui.exe [2015-11-20 3855272]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AllShareAgent"=C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"StartCCC"=C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [2015-07-15 748744]
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 3280728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files\Raptr\raptrstub.exe [2015-10-01 56080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-30 20:38:22 ----D---- C:\_OTM
2015-12-30 19:57:28 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-12-30 19:56:38 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-12-30 19:56:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-12-30 19:56:38 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-12-30 19:56:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-12-30 17:01:52 ----D---- C:\rsit
2015-12-30 17:01:52 ----D---- C:\Program Files\trend micro
2015-12-30 00:23:24 ----D---- C:\Windows\temp
2015-12-30 00:23:23 ----A---- C:\ComboFix.txt
2015-12-30 00:22:36 ----SHD---- C:\$RECYCLE.BIN
2015-12-30 00:11:14 ----A---- C:\Windows\zip.exe
2015-12-30 00:11:14 ----A---- C:\Windows\SWSC.exe
2015-12-30 00:11:14 ----A---- C:\Windows\SWREG.exe
2015-12-30 00:11:14 ----A---- C:\Windows\sed.exe
2015-12-30 00:11:14 ----A---- C:\Windows\PEV.exe
2015-12-30 00:11:14 ----A---- C:\Windows\NIRCMD.exe
2015-12-30 00:11:14 ----A---- C:\Windows\MBR.exe
2015-12-30 00:11:14 ----A---- C:\Windows\grep.exe
2015-12-30 00:10:21 ----AD---- C:\Qoobox
2015-12-30 00:09:59 ----D---- C:\Windows\erdnt
2015-12-29 23:23:11 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-12-29 22:15:22 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-12-29 22:15:19 ----D---- C:\ProgramData\RogueKiller
2015-12-29 22:08:43 ----A---- C:\Windows\system32\bootdelete.exe
2015-12-29 21:57:50 ----D---- C:\ProgramData\HitmanPro
2015-12-29 21:36:55 ----D---- C:\ProgramData\Malwarebytes
2015-12-29 21:30:36 ----D---- C:\AdwCleaner
2015-12-29 12:19:06 ----D---- C:\Program Files\Mozilla Firefox
2015-12-14 23:27:35 ----D---- C:\Users\Petr\AppData\Roaming\R-TT
2015-12-14 23:27:05 ----D---- C:\Program Files\R-Studio
2015-12-14 22:41:47 ----D---- C:\Program Files\Western Digital Corporation
2015-12-14 22:25:53 ----D---- C:\Users\Petr\AppData\Roaming\Binary data
2015-12-13 12:08:05 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2015-12-13 12:01:02 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-12-13 12:00:57 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 month======
2015-12-30 20:51:41 ----D---- C:\Windows\Prefetch
2015-12-30 20:49:25 ----D---- C:\Windows\system32\config
2015-12-30 20:44:14 ----D---- C:\Windows\Tasks
2015-12-30 19:57:28 ----D---- C:\Windows\system32\drivers
2015-12-30 19:56:38 ----RD---- C:\Program Files
2015-12-30 16:51:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-12-30 15:24:52 ----D---- C:\ProgramData\MFAData
2015-12-30 10:23:04 ----D---- C:\Windows\system32\Tasks
2015-12-30 10:00:59 ----D---- C:\Windows\System32
2015-12-30 00:23:24 ----D---- C:\Windows
2015-12-30 00:21:26 ----A---- C:\Windows\system.ini
2015-12-30 00:21:16 ----D---- C:\Windows\system32\drivers\etc
2015-12-30 00:17:24 ----D---- C:\Windows\AppPatch
2015-12-30 00:17:21 ----D---- C:\Program Files\Common Files
2015-12-29 23:23:51 ----D---- C:\Windows\inf
2015-12-29 22:15:19 ----D---- C:\ProgramData
2015-12-29 22:08:42 ----D---- C:\Program Files\Partition Magic 9 cz full windows 7
2015-12-29 22:08:36 ----SHD---- C:\System Volume Information
2015-12-29 20:26:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 12:18:19 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2015-12-28 13:17:53 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-12-23 14:51:00 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-12-23 10:31:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-18 12:28:40 ----SHD---- C:\Windows\Installer
2015-12-14 23:16:14 ----D---- C:\Windows\Logs
2015-12-13 12:08:24 ----D---- C:\Windows\system32\DriverStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2015-08-20 231344]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-08-14 308656]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-11-06 193968]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-08-10 36784]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-11-06 149936]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-11-06 255920]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-10-08 231856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-07-16 19503104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-07-16 532480]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2015-07-15 78848]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [2014-04-09 27648]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-13 26168]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-13 40504]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-12-30 170200]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 51928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2015-05-31 13528]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2015-05-31 26328]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-10 629760]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-03-11 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-07-16 214528]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 276992]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [2015-11-20 3857272]
R2 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2015-11-12 862632]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\Av\avgwdsvcx.exe [2015-11-20 579776]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [2014-04-09 688240]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1082200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-10 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AvgAMPS;AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [2015-11-20 615584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-10 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-24 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Již žádný problém?
Jde o to, že laik si Combofixem může nabořit systém, nebo nějakou aplikaci. Navíc smaže všechny stopy po šmejdech. Známe i jiné prostředky, než CF. Sice ho používáme, ale jen ve zcela specifických případech.
Jde o to, že laik si Combofixem může nabořit systém, nebo nějakou aplikaci. Navíc smaže všechny stopy po šmejdech. Známe i jiné prostředky, než CF. Sice ho používáme, ale jen ve zcela specifických případech.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
Děkuji moc za pomoc! Je to pryč.
Příště, rovnou vyhledám Vaši pomoc.
Udělal jsem s Vámi skvělou zkušenost.
Jste profík.
Díky a šťastný Nový rok!
PetrS
Příště, rovnou vyhledám Vaši pomoc.
Udělal jsem s Vámi skvělou zkušenost.
Jste profík.
Díky a šťastný Nový rok!
PetrS
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Firefox - občasné nechtěné přesměrování po kliknutí na o
To jsem rád. Nemáte zač a šťastný a veselý!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?