VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka

https://forum.viry.cz:443/viewtopic.php?t=133402

Stránka 1 z 2

Preventivka

Napsal: 14 říj 2013 19:50
od ziliph
Zdravím páni a dámy...môžte sa mi na to preventívne pozrieť..vďaka

Logfile of random's system information tool 1.09 (written by random/random)
Run by Žilka Filip at 2013-10-14 20:46:11
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 76 GB (51%) free of 150 GB
Total RAM: 3838 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:21, on 14. 10. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Žilka Filip.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update qualitink - qualitink - C:\Program Files (x86)\qualitink\updatequalitink.exe
O23 - Service: Util qualitink - qualitink - C:\Program Files (x86)\qualitink\bin\utilqualitink.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 9346 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\qualitink\updatequalitink.exe"
"C:\Program Files (x86)\qualitink\bin\utilqualitink.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="152.0.1989989880\2005003138" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.634.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="152.3.108261453\2140560789" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="152.5.538500352\1341202735" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="152.7.1663777330\1616731294" --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="152.9.236561117\1188826646" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="152.10.17217436\43082048" /prefetch:673131151
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="152.11.1489188603\300632273" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Žilka Filip\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-06 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-06 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-08-09 4030008]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-13 206208]
"Acer ePower Management"=C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2010-02-26 818720]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19876456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Žilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_B85787955A3A24DB2F1ED99A6B250C88]
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe [2013-07-03 846288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Žilka Filip\AppData\Roaming\ICQM\icq.exe -CU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoWebCamera]
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-01-14 1541472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-14 20:46:11 ----D---- C:\rsit
2013-10-14 20:46:11 ----D---- C:\Program Files\trend micro
2013-10-14 19:03:52 ----SHD---- C:\Config.Msi
2013-10-14 17:41:30 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Malwarebytes
2013-10-14 17:40:57 ----D---- C:\ProgramData\Malwarebytes
2013-10-14 17:40:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-14 17:40:49 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-12 07:55:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-12 07:55:34 ----A---- C:\Windows\system32\ieui.dll
2013-10-12 07:55:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-12 07:55:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-12 07:55:31 ----A---- C:\Windows\system32\iesetup.dll
2013-10-12 07:55:31 ----A---- C:\Windows\system32\iernonce.dll
2013-10-12 07:55:30 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-12 07:55:30 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-12 07:55:30 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 07:55:30 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-12 07:55:29 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-12 07:55:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-12 07:55:27 ----A---- C:\Windows\system32\iertutil.dll
2013-10-12 07:55:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-12 07:55:25 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-12 07:55:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-12 07:55:24 ----A---- C:\Windows\system32\jscript.dll
2013-10-12 07:55:22 ----A---- C:\Windows\system32\jscript9.dll
2013-10-12 07:55:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-12 07:55:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-12 07:55:17 ----A---- C:\Windows\system32\urlmon.dll
2013-10-12 07:55:15 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-12 07:55:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-12 07:55:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-12 07:55:12 ----A---- C:\Windows\system32\wininet.dll
2013-10-12 07:55:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-12 07:55:06 ----A---- C:\Windows\system32\ieframe.dll
2013-10-12 07:55:01 ----A---- C:\Windows\system32\mshtml.dll
2013-10-12 07:54:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-12 07:34:04 ----D---- C:\Program Files (x86)\qualitink
2013-10-12 07:33:36 ----D---- C:\Program Files (x86)\HDPlayer
2013-10-10 11:44:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 11:44:07 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 11:44:00 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 11:44:00 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 11:44:00 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 11:44:00 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 11:44:00 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 11:43:59 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 11:43:59 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 11:43:59 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 11:43:59 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 11:43:59 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 11:43:58 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 11:43:55 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-10 11:43:55 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 11:43:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 11:43:50 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 11:43:47 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 11:43:31 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:43:31 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:43:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 11:43:26 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-08 19:28:45 ----D---- C:\Program Files (x86)\Ivar
2013-10-08 18:31:51 ----D---- C:\Program Files\Common Files\DESIGNER
2013-10-08 18:26:59 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-10-08 18:26:01 ----D---- C:\Program Files\Microsoft Analysis Services
2013-10-08 18:26:01 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-10-08 18:25:51 ----D---- C:\Program Files (x86)\Microsoft Office
2013-10-08 18:24:33 ----RHD---- C:\MSOCache
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.zwvc10.dll
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc9.dll
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc8.dll
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc7.dll
2013-10-01 20:10:52 ----A---- C:\Windows\system32\AstraDataSelect140.x64.vc9.dll
2013-10-01 20:10:52 ----A---- C:\Windows\system32\AstraDataSelect140.x64.vc8.dll
2013-10-01 20:10:52 ----A---- C:\Windows\system32\AstraDataSelect140.x64.vc10.dll
2013-10-01 20:10:51 ----A---- C:\Windows\unins002.exe
2013-10-01 20:10:51 ----A---- C:\Windows\unins002.dat
2013-10-01 20:10:51 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc10.dll
2013-10-01 20:10:51 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.dll
2013-10-01 19:56:09 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2013-10-01 19:56:09 ----A---- C:\Windows\SYSWOW64\msvci70.dll
2013-10-01 19:56:09 ----A---- C:\Windows\SYSWOW64\mfc70.dll
2013-10-01 19:55:00 ----D---- C:\Program Files (x86)\MSECache
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.zwvc10.dll
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.vc9.dll
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.vc8.dll
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.vc7.dll
2013-10-01 19:55:00 ----A---- C:\Windows\system32\AstraData120.x64.vc9.dll
2013-10-01 19:55:00 ----A---- C:\Windows\system32\AstraData120.x64.vc8.dll
2013-10-01 19:55:00 ----A---- C:\Windows\system32\AstraData120.x64.vc10.dll
2013-10-01 19:54:59 ----A---- C:\Windows\unins001.exe
2013-10-01 19:54:59 ----A---- C:\Windows\unins001.dat
2013-10-01 19:54:59 ----A---- C:\Windows\SYSWOW64\AstraData120.vc10.dll
2013-10-01 19:54:59 ----A---- C:\Windows\SYSWOW64\AstraData120.dll
2013-10-01 19:54:58 ----A---- C:\Windows\SYSWOW64\BCGCBResSKY.dll
2013-10-01 19:54:58 ----A---- C:\Windows\SYSWOW64\BCGCBResCSY.dll
2013-10-01 19:54:58 ----A---- C:\Windows\SYSWOW64\BCGCB474.dll
2013-10-01 19:54:58 ----A---- C:\Windows\system32\AstraSec125.x64.vc9.dll
2013-10-01 19:54:58 ----A---- C:\Windows\system32\AstraSec125.x64.vc8.dll
2013-10-01 19:54:58 ----A---- C:\Windows\system32\AstraSec125.x64.vc10.dll
2013-10-01 19:54:58 ----A---- C:\Windows\prevod.pif
2013-10-01 19:54:58 ----A---- C:\Windows\prevod.exe
2013-10-01 19:54:57 ----A---- C:\Windows\unins000.exe
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.zwvc10.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc9.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc8.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc7.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc10.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.dll
2013-10-01 19:54:56 ----A---- C:\Windows\unins000.dat
2013-09-25 15:57:47 ----D---- C:\Users\Žilka Filip\AppData\Roaming\PC Suite
2013-09-25 15:57:47 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Nokia
2013-09-25 15:57:46 ----D---- C:\ProgramData\PC Suite
2013-09-25 15:51:25 ----A---- C:\Windows\system32\nmwcdclsX64.dll
2013-09-25 15:50:06 ----D---- C:\ProgramData\Installations
2013-09-25 11:21:17 ----D---- C:\Program Files\Bricsys
2013-09-24 17:45:33 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Bricsys
2013-09-16 07:54:13 ----D---- C:\Windows\Minidump

======List of files/folders modified in the last 1 month======

2013-10-14 20:46:12 ----D---- C:\Windows\Temp
2013-10-14 20:46:11 ----RD---- C:\Program Files
2013-10-14 20:42:17 ----D---- C:\Windows\system32\config
2013-10-14 20:39:44 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Skype
2013-10-14 20:36:37 ----D---- C:\Windows\AutoKMS
2013-10-14 19:13:42 ----SHD---- C:\Windows\Installer
2013-10-14 19:13:21 ----D---- C:\ProgramData\Microsoft Help
2013-10-14 19:03:06 ----A---- C:\Windows\win.ini
2013-10-14 19:03:05 ----D---- C:\Program Files\Common Files\System
2013-10-14 18:56:03 ----SHD---- C:\System Volume Information
2013-10-14 18:51:57 ----RD---- C:\Program Files (x86)\Skype
2013-10-14 17:40:57 ----HD---- C:\ProgramData
2013-10-14 17:40:50 ----D---- C:\Windows\system32\drivers
2013-10-14 17:40:49 ----RD---- C:\Program Files (x86)
2013-10-14 17:34:19 ----D---- C:\Users\Žilka Filip\AppData\Roaming\vlc
2013-10-14 13:50:13 ----RSD---- C:\Windows\assembly
2013-10-14 13:50:13 ----D---- C:\Windows\Microsoft.NET
2013-10-14 08:02:25 ----D---- C:\Users\Žilka Filip\AppData\Roaming\DC++
2013-10-13 07:58:25 ----D---- C:\Windows\System32
2013-10-13 07:35:04 ----D---- C:\Windows\winsxs
2013-10-13 07:34:51 ----D---- C:\Windows\Panther
2013-10-13 07:32:40 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-13 07:32:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-13 07:29:23 ----D---- C:\Windows\SysWOW64
2013-10-13 07:29:19 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-13 07:29:15 ----D---- C:\Program Files\Internet Explorer
2013-10-13 07:28:46 ----D---- C:\Windows\system32\DriverStore
2013-10-12 07:56:28 ----D---- C:\Windows\system32\catroot
2013-10-12 07:56:26 ----D---- C:\Windows\system32\catroot2
2013-10-12 07:44:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-12 07:43:42 ----D---- C:\Windows\inf
2013-10-12 07:43:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-11 07:00:39 ----D---- C:\Windows\system32\MRT
2013-10-11 07:00:38 ----D---- C:\Windows\debug
2013-10-11 07:00:32 ----A---- C:\Windows\system32\MRT.exe
2013-10-08 18:32:10 ----RSD---- C:\Windows\Fonts
2013-10-08 18:31:54 ----D---- C:\Windows\ShellNew
2013-10-08 18:31:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-08 18:31:51 ----D---- C:\Program Files\Common Files
2013-10-08 18:30:40 ----D---- C:\Program Files (x86)\MSBuild
2013-10-08 18:30:11 ----D---- C:\Program Files\Microsoft Office
2013-10-08 18:30:10 ----SD---- C:\ProgramData\Microsoft
2013-10-07 09:34:21 ----D---- C:\Windows\system32\Tasks
2013-10-06 10:48:59 ----D---- C:\Users\Žilka Filip\AppData\Roaming\uTorrent
2013-10-01 20:10:51 ----D---- C:\Windows
2013-09-26 14:53:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-26 14:50:00 ----D---- C:\Program Files (x86)\Ski Region Simulator 2012
2013-09-26 14:45:44 ----DC---- C:\Windows\system32\DRVSTORE
2013-09-26 14:35:25 ----D---- C:\Program Files (x86)\Common Files
2013-09-26 14:08:51 ----D---- C:\Users\Žilka Filip\AppData\Roaming\CodeBlocks
2013-09-26 14:02:59 ----D---- C:\Users\Žilka Filip\AppData\Roaming\DAEMON Tools Lite
2013-09-25 15:59:05 ----D---- C:\Windows\system32\drivers\UMDF
2013-09-25 15:53:15 ----D---- C:\Program Files\DIFX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-31 283200]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 17024]
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys [2006-08-05 9728]
S3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2006-10-19 296448]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2006-10-19 1513472]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SysTool;SysTool Overclocking Utility; C:\Windows\system32\DRIVERS\SysTool64.sys [2005-12-30 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2006-10-19 731648]
S3 WinUsb;WinUSB Driver for STLink; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 RsFx0105;RsFx0105 Driver; C:\Windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-30 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-08-09 974944]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-02-26 841248]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-09-22 58345832]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984]
R2 Update qualitink;Update qualitink; C:\Program Files (x86)\qualitink\updatequalitink.exe [2013-10-05 65312]
R2 Util qualitink;Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [2013-10-13 65312]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [2006-08-05 410624]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-23 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14 256904]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336]

-----------------EOF-----------------

Re: Preventivka

Napsal: 14 říj 2013 19:56
od vyosek
Zdravim :)

:arrow: Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

:arrow: Predpokladam, ze ten ESET jak ma byt = zakoupena licence

:arrow: A co ty cracknute Office??

:arrow: Nase bezpecnostni forum se distancuje od softwareoveho piratstvi :evil:

Re: Preventivka

Napsal: 14 říj 2013 20:01
od ziliph
info.txt logfile of random's system information tool 1.09 2013-10-14 20:46:24

======Uninstall list======

-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.04)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AB0000000001}
AMD USB Filter Driver-->MsiExec.exe /X{82809116-D1EE-443C-AE31-F19E709DDF7A}
Apple Application Support-->MsiExec.exe /I{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}
Apple Mobile Device Support-->MsiExec.exe /I{2F72F540-1F60-4266-9506-952B21D6640D}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASTRA 92 - Astra 2.6.5.7.7-->"C:\Users\Public\Documents\Astra 92\Astra\unins001.exe"
ASTRA 92 - Astra DemoData 2.6-->"C:\Users\Public\Documents\Astra 92\Astra\Dokumenty - Archiv\unins000.exe"
ASTRA 92 - Data 2009.3-->"C:\Users\Public\Documents\Astra 92\Data\unins001.exe"
ASTRA 92 - ElProCAD IC 1.0-->"C:\Users\Public\Documents\Astra 92\Astra\Module\EPC\unins001.exe"
ASTRA 92 - ElProCAD LTx 1.3-->"C:\Users\Public\Documents\Astra 92\Astra\Module\EPC\unins002.exe"
ASTRA 92 - ElProCADx 2.8-->"C:\Users\Public\Documents\Astra 92\Astra\Module\EPC\unins000.exe"
ASTRA 92 - ProCAD IC 1.0.1-->"C:\Users\Public\Documents\Astra 92\Astra\All\unins001.exe"
ASTRA 92 - ProCADx 1.0.0.5-->"C:\Users\Public\Documents\Astra 92\Astra\All\unins000.exe"
ASTRA 92 - Verox 1.8.8.2.1-->"C:\Users\Public\Documents\Astra 92\Verox\unins000.exe"
ASTRA 92 - Wvtz 4.0.0.1.1-->"C:\Users\Public\Documents\Astra 92\Wvtz\unins000.exe"
ASTRA 92 - XProCAD IC 2.3-->"C:\Users\Public\Documents\Astra 92\Astra\unins006.exe"
ASTRA 92 - XProCADx 2.1-->"C:\Users\Public\Documents\Astra 92\Astra\Module\IPC\unins000.exe"
ASTRA MS Software - Astra 2.6.5.10-->"C:\Users\Public\Documents\Astra 92\Astra\unins000.exe"
ASTRA MS Software - CommonLibs 1.2.0.6-->"C:\Windows\unins000.exe"
ASTRA MS Software - Data 2012.4-->"C:\Users\Public\Documents\Astra 92\Data\unins000.exe"
ASTRA MS Software - DataObjects 1.2.3.0.3-4.0sp8-->"C:\Windows\unins001.exe"
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
BricsCAD V13.2.10 (x64) en_US-->MsiExec.exe /X{7AE3D988-AE80-43CE-85FE-6C6FBEC3441B}
Catalyst Control Center - Branding-->MsiExec.exe /I{8B999A44-8314-493B-877E-A1DA5B54D9B8}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Crystal Reports for Visual Studio-->MsiExec.exe /I{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DataEx verze 1.0-->"C:\Windows\unins002.exe"
DC++ 0.802-->"C:\Program Files (x86)\DC++\uninstall.exe"
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{B08FF316-E3AA-4C84-91A6-9C24D6153B21}" "1029" "0"
Dotfuscator Software Services - Community Edition-->MsiExec.exe /X{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}
EAGLE 6.3.0-->cmd.exe /c start "EAGLE Uninstaller" /min "C:\Program Files (x86)\EAGLE-6.3.0\bin\uninstall.bat" C:\Program Files (x86)\EAGLE-6.3.0\bin
Free YouTube to MP3 Converter version 3.12.9.725-->C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
Gateway Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x001b -removeonly
Google Zem-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {3EE9D984-E7A6-30B9-8FF5-A1FE2242440A} /qb+ REBOOTPROMPT=""
iTunes-->MsiExec.exe /I{0225AD21-F3E2-4916-BFF3-65D3F9052582}
Java 7 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
LogixPro-500 PLC Simulator-->"C:\Program Files (x86)\TheLearningPit\LogixPro\unins000.exe"
Malwarebytes Anti-Malware version 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
MATLAB R2009b-->C:\Program Files\MATLAB\R2009b\uninstall\uninstall.exe C:\Program Files\MATLAB\R2009b\
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft Access database engine 2010 (English)-->MsiExec.exe /I{90140000-00D1-0409-1000-0000000FF1CE}
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools-->MsiExec.exe /X{40416836-56CC-4C0E-A6AF-5C34BADCE483}
Microsoft ASP.NET MVC 2-->MsiExec.exe /X{1803A630-3C38-4D2B-9B9A-0CB37243539C}
Microsoft Help Viewer 1.0-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
Microsoft Help Viewer 1.0-->MsiExec.exe /X{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{70A3169E-288F-454F-A08D-20DF66639B50}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{0242505C-4E90-407F-9299-B5B275F50D86}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{715203B3-AD16-41A4-B13C-E1065EAB8963}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{15D45352-C443-406A-9DF2-EF4A750A40CF}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{4B8654FE-410D-462C-9B3C-09D031BF4534}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" "1029" "0"
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Silverlight 3 SDK-->MsiExec.exe /X{2012098D-EEE9-4769-8DD3-B038050854D4}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\SetupARP.exe"
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{5340A3B5-3853-4745-BED2-DD9FF5371331}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FA7394B8-CE65-4F9E-AC99-F372AD365424}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{FBD367D1-642F-47CF-B79B-9BE48FB34007}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{DF167CE3-60E7-44EA-99EC-2507C51F37AE}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}
Microsoft SQL Server 2008 R2 Data-Tier Application Framework-->MsiExec.exe /I{0DDCEC37-369C-484B-B16D-B4413FD42FB9}
Microsoft SQL Server 2008 R2 Data-Tier Application Project-->MsiExec.exe /I{E5AE9031-79A5-4627-9641-BEFA82819B08}
Microsoft SQL Server 2008 R2 Management Objects (x64)-->MsiExec.exe /I{DA67488A-2689-4F10-B90F-D2F6977509D6}
Microsoft SQL Server 2008 R2 Management Objects-->MsiExec.exe /I{4E968D9C-21A7-4915-B698-F7AEB913541D}
Microsoft SQL Server 2008 R2 Transact-SQL Language Service-->MsiExec.exe /I{78C3657E-742C-40B1-9F53-E5A921D40F17}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}
Microsoft SQL Server 2008 Setup Support Files -->MsiExec.exe /X{6292D514-17A4-403F-98F9-E150F10C043D}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server Compact 3.5 SP2 x64 ENU-->MsiExec.exe /I{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
Microsoft SQL Server Database Publishing Wizard 1.4-->MsiExec.exe /I{ACE28263-76A4-4BF5-B6F4-8BD719595969}
Microsoft SQL Server System CLR Types (x64)-->MsiExec.exe /I{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{2A2F3AE8-246A-4252-BB26-1BEB45627074}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{0826F9E4-787E-481D-83E0-BC6A57B056D5}
Microsoft Sync Framework Runtime v1.0 SP1 (x64)-->MsiExec.exe /I{8438EC02-B8A9-462D-AC72-1B521349C001}
Microsoft Sync Framework SDK v1.0 SP1-->MsiExec.exe /I{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}
Microsoft Sync Framework Services v1.0 SP1 (x64)-->MsiExec.exe /I{034106B5-54B7-467F-B477-5B7DBB492624}
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)-->MsiExec.exe /I{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}
Microsoft Team Foundation Server 2010 Object Model - ENU-->MsiExec.exe /I{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}
Microsoft Team Foundation Server 2010 Object Model - ENU-->MsiExec.exe /X{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974-->MsiExec.exe /X{B7E38540-E355-3503-AFD7-635B2F2F76E1}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319-->MsiExec.exe /X{F5079164-1DB9-3BDA-853B-F78AF67CE071}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319-->MsiExec.exe /X{94D70749-4281-39AC-AD90-B56A0E0A402E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319-->MsiExec.exe /X{6A86554B-8928-30E4-A53C-D7337689134D}
Microsoft Visual F# 2.0 Runtime-->MsiExec.exe /X{729A3000-BC8A-3B74-BA5D-5068FE12D70C}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-->MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Microsoft Visual Studio 2010 Office Developer Tools (x64)-->MsiExec.exe /X{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}
Microsoft Visual Studio 2010 Professional - ENU-->C:\Program Files (x86)\Microsoft Visual Studio 10.0\Microsoft Visual Studio 2010 Professional - ENU\setup.exe
Microsoft Visual Studio 2010 SharePoint Developer Tools-->MsiExec.exe /X{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{B143BE44-8723-315E-9413-011C55873C0E}
Microsoft Visual Studio Macro Tools-->msiexec.exe /uninstall {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
Microsoft Visual Studio Macro Tools-->MsiExec.exe /X{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
Need for Speed Underground 2-->C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\EAUninstall.exe
NHL® 09-->MsiExec.exe /X{F2B5A2A7-2DF9-4361-8BD5-362714528B51}
PROFYLAX-->"C:\Program Files (x86)\Ivar\Profylax\unins000.exe"
qualitink 1.0.0-->C:\Program Files (x86)\qualitink\qualitinkuninstall.exe
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {880A0A36-244B-3C7A-8D6B-56E694CE7883} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{8E99BFFF-3DFD-4FEF-AF09-FB6BFA486BBE}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{922AB926-89A0-45D2-8588-3FAA755E1516}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{28399A49-DAB3-4392-BDE6-40060D616A3D}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{0F6C4F72-6084-437B-9B35-F59B09E3C1B0}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{297E6E47-5F6E-4DD8-B880-75944B5C1C7C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{2B4B504B-6620-4FFD-94CB-3D640AB3FCD2}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{A2F2E3C4-887C-4A3B-B73A-576984420D12}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{9DAE52D2-834F-4743-ABF7-DEBAB9A932E5}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{43ADD46C-BD44-49BB-AB04-E1A42F2DD7AB}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{8A1AE697-FB15-4C7D-A002-E2F0B1BEE737}" "1029" "0"
Security Update for Microsoft Outlook 2010 (KB2794707) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{5B5259F8-78A7-4B84-AFDC-DA9F34A5EE10}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{35586368-06B9-44C6-A43E-8AE6039B9B7F}" "1029" "0"
Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{FA3E8ADD-F1A5-4960-B9F9-A76B73E9889A}" "1029" "0"
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2251489)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {F606AC5F-4A30-3D7F-BC43-1200864BD9E5} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)-->C:\Windows\SysWOW64\msiexec.exe /package {D6B15AE6-B052-363E-B6BB-C4714CBA6509} /uninstall {6C94CAE9-95B3-3A0D-B7E8-BCA0E6A5ACB0} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)-->C:\Windows\SysWOW64\msiexec.exe /package {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3} /uninstall {CA6C4E8E-CE86-4C78-B4BC-1E083E8E613A} /qb+ REBOOTPROMPT=""
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB2546951\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 6.6-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}" "1029" "0"
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{57CEB66B-DD29-4883-92A2-671331657B52}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1029" "0"
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}" "1029" "0"
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{AA6D5594-6D8A-4E53-A929-33E8FA9AA4C4}" "1029" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}" "1029" "0"
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{79C725A1-3964-421C-A528-78C1C083C7C7}" "1029" "0"
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{EBD18DE5-BC84-4B57-9A30-097044871F9A}" "1029" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{2B00A738-659A-4E52-9391-D334FA0E64CB}" "1029" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{2D507B6C-B472-447F-B61F-8EF54D9893A5}" "1029" "0"
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}" "1029" "0"
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F216169C-2B40-429B-8370-B5BA06EC5423}" "1029" "0"
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{F216169C-2B40-429B-8370-B5BA06EC5423}" "1029" "0"
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{B6AD7E27-012A-4B63-82BA-AF62893E5435}" "1029" "0"
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}" "1029" "0"
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{07DC9C6C-E916-4F42-8677-716930ED0393}" "1029" "0"
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-1000-0000000FF1CE}" "{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}" "1029" "0"
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}" "1029" "0"
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{14F6B53A-6703-40EA-9566-0A09E62866E5}" "1029" "0"
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{14F6B53A-6703-40EA-9566-0A09E62866E5}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{58C6A6DF-1367-4D06-A002-5498B4182EEB}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{1C381677-BE03-49CC-AFCA-242AA6094621}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{1C381677-BE03-49CC-AFCA-242AA6094621}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{C0BDCFB8-AD84-46A9-8F49-60A7A5EDFF93}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{37389B1A-BDF2-49D7-AF0D-B6B793863502}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{7861C766-2AA2-4A50-AB75-A57D451CEA76}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{6360575E-DA5C-459E-A615-0FD18FD37C97}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{762C2438-9257-42BC-BD3D-6D02EC138D18}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1029" "0"
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{DF33B92A-5381-4F03-AB54-2D67086B357E}" "1029" "0"
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{C2A7C90F-4A60-4D22-BE27-A608AF80DCE3}" "1029" "0"
Video Web Camera-->"C:\Program Files (x86)\InstallShield Installation Information\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}\setup.exe" -runfromtemp -l0x0009
Visual Studio 2010 Prerequisites - English-->MsiExec.exe /X{662014D2-0450-37ED-ABAE-157C88127BEB}
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
VLC media player 2.0.4-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Web Deployment Tool-->MsiExec.exe /I{0F37D969-1260-419E-B308-EF7D29ABDE20}
WinRAR 4.10 beta 3 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: ŽilkaFilip-PC
Event Code: 1014
Message: Name resolution for the name wpad.kn.vutbr.cz timed out after none of the configured DNS servers responded.
Record Number: 4988
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130109141039.522344-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: ŽilkaFilip-PC
Event Code: 43029
Message: Display is not active
Record Number: 4985
Source Name: atikmdag
Time Written: 20130109141038.521287-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 43029
Message: Display is not active
Record Number: 4959
Source Name: atikmdag
Time Written: 20130109123730.887308-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 43029
Message: Display is not active
Record Number: 4917
Source Name: atikmdag
Time Written: 20130109070139.971255-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 43029
Message: Display is not active
Record Number: 4906
Source Name: atikmdag
Time Written: 20130109070116.254329-000
Event Type: Error
User:

=====Application event log=====

Computer Name: ŽilkaFilip-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 8255
Source Name: Microsoft-Windows-WMI
Time Written: 20130124140514.000000-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 1014
Message: Acquisition of End User License failed. hr=0xC004C020
Sku Id=9abf5984-9c16-46f2-ad1e-7fe15931a8dd
Record Number: 8182
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20130123212215.000000-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 8200
Message: License acquisition failure details.
hr=0xC004C020
Record Number: 8181
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20130123212215.000000-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 1014
Message: Acquisition of End User License failed. hr=0xC004C020
Sku Id=9abf5984-9c16-46f2-ad1e-7fe15931a8dd
Record Number: 8176
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20130123212205.000000-000
Event Type: Error
User:

Computer Name: ŽilkaFilip-PC
Event Code: 8200
Message: License acquisition failure details.
hr=0xC004C020
Record Number: 8175
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20130123212205.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-25$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121221121326.249251-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-25$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121221121326.233651-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x32f40
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121221121325.874851-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121221121323.503647-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121221121323.285246-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\programy\OpenOcd\bin;C:\programy\GnuArm\bin;C:\programy\GnuTools\bin;C:\Program Files\MATLAB\R2009b\runtime\win64;C:\Program Files\MATLAB\R2009b\bin;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"VS100COMNTOOLS"=C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\Tools\
"asl.log"=Destination=file

-----------------EOF-----------------


trial, nuž, sorry

Re: Preventivka

Napsal: 14 říj 2013 20:13
od vyosek
Jo a ted tu o karkulce s trialem :evil:

Trial mozna, ale trial seriove cislo splasene buh vi kde co :?: ESET je tam vice jak 30 dni (= doba, po kterou je mozne pouzivat zkusebni verzi). Obcas je dobre cist licencni podminky a ne jen tupe klikat...

Takze, pokud chcete pomoci, odinstalujte nelegalni Microsoft Office a nelegalni ESET.

Nainstalujte free zabezpeceni a pripadne free office(Libre Office, Open Office...)

Pak dejte novy log z RSIT a ja si rozmyslim, jestli pomuzu...

Re: Preventivka

Napsal: 14 říj 2013 20:15
od ziliph
ok :) zatím aj tak vďaka

Re: Preventivka

Napsal: 14 říj 2013 20:18
od vyosek
Prozatim neni zac, pockam si na novy log...

Z free bezpecnostniho SW doporucuji Avast Free nebo BitDefender Free

Re: Preventivka

Napsal: 14 říj 2013 21:00
od ziliph
oukej vedúci... zbavil som sa toho čo by som používať nemal..čo sa týka nejakej náhrady officu to preštudujem zajtra čo sa javí ako najlepšia alternatíva

log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Žilka Filip at 2013-10-14 21:57:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 80 GB (54%) free of 150 GB
Total RAM: 3838 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:11, on 14. 10. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Žilka Filip.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update qualitink - qualitink - C:\Program Files (x86)\qualitink\updatequalitink.exe
O23 - Service: Util qualitink - qualitink - C:\Program Files (x86)\qualitink\bin\utilqualitink.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 8546 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" https://program.avast.com/api/?action=2 ... =0&p_wnf=0
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1416.0.1861089082\428558750" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.634.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1416.2.602712441\1546255957" /prefetch:673131151
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1416.4.2085874447\917594394" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1416.5.1519841494\1826728698" /prefetch:673131151
"C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1416.6.1295244343\151302632" --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files\AVAST Software\Avast\setup\avast01.setup" /downloadpkgs /noreboot /updatevps /verysilent /session "0" /limitcpu
"C:\Program Files (x86)\qualitink\bin\utilqualitink.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Žilka Filip\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-06 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-06 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-13 206208]
"Acer ePower Management"=C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2010-02-26 818720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19876456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Žilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_B85787955A3A24DB2F1ED99A6B250C88]
C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe [2013-07-03 846288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Žilka Filip\AppData\Roaming\ICQM\icq.exe -CU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoWebCamera]
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-01-14 1541472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-14 21:48:53 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-10-14 21:48:53 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-10-14 21:48:51 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-10-14 21:48:50 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-10-14 21:48:49 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-10-14 21:48:48 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-10-14 21:48:46 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-10-14 21:48:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-10-14 21:48:37 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-14 21:47:54 ----A---- C:\Windows\avastSS.scr
2013-10-14 21:47:30 ----D---- C:\Program Files\AVAST Software
2013-10-14 21:46:51 ----D---- C:\ProgramData\AVAST Software
2013-10-14 20:46:11 ----D---- C:\rsit
2013-10-14 20:46:11 ----D---- C:\Program Files\trend micro
2013-10-14 19:03:52 ----SHD---- C:\Config.Msi
2013-10-14 17:41:30 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Malwarebytes
2013-10-14 17:40:57 ----D---- C:\ProgramData\Malwarebytes
2013-10-14 17:40:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-14 17:40:49 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-12 07:55:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-12 07:55:34 ----A---- C:\Windows\system32\ieui.dll
2013-10-12 07:55:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-12 07:55:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-12 07:55:31 ----A---- C:\Windows\system32\iesetup.dll
2013-10-12 07:55:31 ----A---- C:\Windows\system32\iernonce.dll
2013-10-12 07:55:30 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-12 07:55:30 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-12 07:55:30 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 07:55:30 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-12 07:55:29 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-12 07:55:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-12 07:55:27 ----A---- C:\Windows\system32\iertutil.dll
2013-10-12 07:55:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-12 07:55:25 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-12 07:55:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-12 07:55:24 ----A---- C:\Windows\system32\jscript.dll
2013-10-12 07:55:22 ----A---- C:\Windows\system32\jscript9.dll
2013-10-12 07:55:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-12 07:55:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-12 07:55:17 ----A---- C:\Windows\system32\urlmon.dll
2013-10-12 07:55:15 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-12 07:55:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-12 07:55:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-12 07:55:12 ----A---- C:\Windows\system32\wininet.dll
2013-10-12 07:55:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-12 07:55:06 ----A---- C:\Windows\system32\ieframe.dll
2013-10-12 07:55:01 ----A---- C:\Windows\system32\mshtml.dll
2013-10-12 07:54:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-12 07:34:04 ----D---- C:\Program Files (x86)\qualitink
2013-10-12 07:33:36 ----D---- C:\Program Files (x86)\HDPlayer
2013-10-10 11:44:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 11:44:07 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 11:44:00 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 11:44:00 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 11:44:00 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 11:44:00 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 11:44:00 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 11:43:59 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 11:43:59 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 11:43:59 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 11:43:59 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 11:43:59 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 11:43:58 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 11:43:55 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-10 11:43:55 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 11:43:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 11:43:50 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 11:43:47 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 11:43:31 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:43:31 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:43:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 11:43:26 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-10 11:43:25 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-08 19:28:45 ----D---- C:\Program Files (x86)\Ivar
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.zwvc10.dll
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc9.dll
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc8.dll
2013-10-01 20:10:52 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc7.dll
2013-10-01 20:10:52 ----A---- C:\Windows\system32\AstraDataSelect140.x64.vc9.dll
2013-10-01 20:10:52 ----A---- C:\Windows\system32\AstraDataSelect140.x64.vc8.dll
2013-10-01 20:10:52 ----A---- C:\Windows\system32\AstraDataSelect140.x64.vc10.dll
2013-10-01 20:10:51 ----A---- C:\Windows\unins002.exe
2013-10-01 20:10:51 ----A---- C:\Windows\unins002.dat
2013-10-01 20:10:51 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.vc10.dll
2013-10-01 20:10:51 ----A---- C:\Windows\SYSWOW64\AstraDataSelect140.dll
2013-10-01 19:56:09 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2013-10-01 19:56:09 ----A---- C:\Windows\SYSWOW64\msvci70.dll
2013-10-01 19:56:09 ----A---- C:\Windows\SYSWOW64\mfc70.dll
2013-10-01 19:55:00 ----D---- C:\Program Files (x86)\MSECache
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.zwvc10.dll
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.vc9.dll
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.vc8.dll
2013-10-01 19:55:00 ----A---- C:\Windows\SYSWOW64\AstraData120.vc7.dll
2013-10-01 19:55:00 ----A---- C:\Windows\system32\AstraData120.x64.vc9.dll
2013-10-01 19:55:00 ----A---- C:\Windows\system32\AstraData120.x64.vc8.dll
2013-10-01 19:55:00 ----A---- C:\Windows\system32\AstraData120.x64.vc10.dll
2013-10-01 19:54:59 ----A---- C:\Windows\unins001.exe
2013-10-01 19:54:59 ----A---- C:\Windows\unins001.dat
2013-10-01 19:54:59 ----A---- C:\Windows\SYSWOW64\AstraData120.vc10.dll
2013-10-01 19:54:59 ----A---- C:\Windows\SYSWOW64\AstraData120.dll
2013-10-01 19:54:58 ----A---- C:\Windows\SYSWOW64\BCGCBResSKY.dll
2013-10-01 19:54:58 ----A---- C:\Windows\SYSWOW64\BCGCBResCSY.dll
2013-10-01 19:54:58 ----A---- C:\Windows\SYSWOW64\BCGCB474.dll
2013-10-01 19:54:58 ----A---- C:\Windows\system32\AstraSec125.x64.vc9.dll
2013-10-01 19:54:58 ----A---- C:\Windows\system32\AstraSec125.x64.vc8.dll
2013-10-01 19:54:58 ----A---- C:\Windows\system32\AstraSec125.x64.vc10.dll
2013-10-01 19:54:58 ----A---- C:\Windows\prevod.pif
2013-10-01 19:54:58 ----A---- C:\Windows\prevod.exe
2013-10-01 19:54:57 ----A---- C:\Windows\unins000.exe
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.zwvc10.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc9.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc8.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc7.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.vc10.dll
2013-10-01 19:54:57 ----A---- C:\Windows\SYSWOW64\AstraSec125.dll
2013-10-01 19:54:56 ----A---- C:\Windows\unins000.dat
2013-09-25 15:57:47 ----D---- C:\Users\Žilka Filip\AppData\Roaming\PC Suite
2013-09-25 15:57:47 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Nokia
2013-09-25 15:57:46 ----D---- C:\ProgramData\PC Suite
2013-09-25 15:51:25 ----A---- C:\Windows\system32\nmwcdclsX64.dll
2013-09-25 15:50:06 ----D---- C:\ProgramData\Installations
2013-09-25 11:21:17 ----D---- C:\Program Files\Bricsys
2013-09-24 17:45:33 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Bricsys
2013-09-16 07:54:13 ----D---- C:\Windows\Minidump

======List of files/folders modified in the last 1 month======

2013-10-14 21:57:01 ----D---- C:\Users\Žilka Filip\AppData\Roaming\Skype
2013-10-14 21:56:08 ----D---- C:\Windows\Temp
2013-10-14 21:48:53 ----D---- C:\Windows\system32\drivers
2013-10-14 21:48:40 ----D---- C:\Windows\system32\Tasks
2013-10-14 21:48:37 ----D---- C:\Windows\SysWOW64
2013-10-14 21:48:37 ----D---- C:\Windows\System32
2013-10-14 21:48:28 ----SHD---- C:\Windows\Installer
2013-10-14 21:47:54 ----D---- C:\Windows
2013-10-14 21:47:30 ----RD---- C:\Program Files
2013-10-14 21:47:19 ----SHD---- C:\System Volume Information
2013-10-14 21:46:54 ----D---- C:\Windows\system32\config
2013-10-14 21:46:51 ----HD---- C:\ProgramData
2013-10-14 21:46:43 ----D---- C:\Windows\winsxs
2013-10-14 21:37:45 ----D---- C:\Windows\Microsoft.NET
2013-10-14 21:37:32 ----D---- C:\ProgramData\Microsoft Help
2013-10-14 21:37:28 ----RSD---- C:\Windows\assembly
2013-10-14 21:34:08 ----SD---- C:\ProgramData\Microsoft
2013-10-14 21:34:08 ----RD---- C:\Program Files (x86)
2013-10-14 21:34:08 ----D---- C:\Program Files\Microsoft Office
2013-10-14 21:34:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-14 21:32:51 ----RSD---- C:\Windows\Fonts
2013-10-14 21:32:20 ----D---- C:\Windows\ShellNew
2013-10-14 21:32:04 ----D---- C:\Program Files (x86)\MSBuild
2013-10-14 21:31:42 ----D---- C:\Program Files\Common Files
2013-10-14 21:25:35 ----D---- C:\Program Files\Common Files\System
2013-10-14 21:25:31 ----A---- C:\Windows\win.ini
2013-10-14 20:36:37 ----D---- C:\Windows\AutoKMS
2013-10-14 18:51:57 ----RD---- C:\Program Files (x86)\Skype
2013-10-14 17:34:19 ----D---- C:\Users\Žilka Filip\AppData\Roaming\vlc
2013-10-14 08:02:25 ----D---- C:\Users\Žilka Filip\AppData\Roaming\DC++
2013-10-13 07:34:51 ----D---- C:\Windows\Panther
2013-10-13 07:32:40 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-13 07:32:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-13 07:29:19 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-13 07:29:15 ----D---- C:\Program Files\Internet Explorer
2013-10-13 07:28:46 ----D---- C:\Windows\system32\DriverStore
2013-10-12 07:56:28 ----D---- C:\Windows\system32\catroot
2013-10-12 07:56:26 ----D---- C:\Windows\system32\catroot2
2013-10-12 07:44:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-12 07:43:42 ----D---- C:\Windows\inf
2013-10-12 07:43:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-11 07:15:22 ----D---- C:\Windows\system32\MRT
2013-10-11 07:00:38 ----D---- C:\Windows\debug
2013-10-11 07:00:32 ----A---- C:\Windows\system32\MRT.exe
2013-10-06 10:48:59 ----D---- C:\Users\Žilka Filip\AppData\Roaming\uTorrent
2013-09-26 14:53:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-26 14:50:00 ----D---- C:\Program Files (x86)\Ski Region Simulator 2012
2013-09-26 14:45:44 ----DC---- C:\Windows\system32\DRVSTORE
2013-09-26 14:35:25 ----D---- C:\Program Files (x86)\Common Files
2013-09-26 14:08:51 ----D---- C:\Users\Žilka Filip\AppData\Roaming\CodeBlocks
2013-09-26 14:02:59 ----D---- C:\Users\Žilka Filip\AppData\Roaming\DAEMON Tools Lite
2013-09-25 15:59:05 ----D---- C:\Windows\system32\drivers\UMDF
2013-09-25 15:53:15 ----D---- C:\Program Files\DIFX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-31 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 17024]
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys [2006-08-05 9728]
S3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2006-10-19 296448]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2006-10-19 1513472]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SysTool;SysTool Overclocking Utility; C:\Windows\system32\DRIVERS\SysTool64.sys [2005-12-30 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2006-10-19 731648]
S3 WinUsb;WinUSB Driver for STLink; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 RsFx0105;RsFx0105 Driver; C:\Windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-30 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-02-26 841248]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-09-22 58345832]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984]
R2 Util qualitink;Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [2013-10-13 65312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S2 Update qualitink;Update qualitink; C:\Program Files (x86)\qualitink\updatequalitink.exe [2013-10-05 65312]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [2006-08-05 410624]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-23 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14 256904]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336]

-----------------EOF-----------------

Re: Preventivka

Napsal: 15 říj 2013 06:42
od vyosek
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Preventivka

Napsal: 15 říj 2013 07:10
od ziliph
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Windows 7 Professional x64
Ran by ¦ilka Filip on ut 15. 10. 2013 at 7:43:39,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] update qualitink
Successfully deleted: [Service] update qualitink



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_partition-wizard_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_partition-wizard_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_partition-wizard_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_partition-wizard_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\¦ilka Filip\AppData\Roaming\dvdvideosoftiehelpers"
Failed to delete: [Folder] "C:\Program Files (x86)\qualitink"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 15. 10. 2013 at 8:01:32,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Preventivka

Napsal: 15 říj 2013 07:11
od ziliph
# AdwCleaner v3.007 - Report created 15/10/2013 at 08:06:24
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Žilka Filip - ZILKAFILIP-PC
# Running from : C:\Users\Žilka Filip\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Google Chrome v

[ File : C:\Users\Žilka Filip\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1699 octets] - [15/10/2013 08:02:49]
AdwCleaner[R1].txt - [2260 octets] - [15/10/2013 08:05:22]
AdwCleaner[S0].txt - [2181 octets] - [15/10/2013 08:06:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2241 octets] ##########

Re: Preventivka

Napsal: 15 říj 2013 07:12
od vyosek
Poprosim o FRSTL http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Preventivka

Napsal: 15 říj 2013 07:20
od ziliph
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Žilka Filip (administrator) on ZILKAFILIP-PC on 15-10-2013 08:17:53
Running from C:\Users\Žilka Filip\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\PLFSetI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Žilka Filip\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876456 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA048AA72B242CE01
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 147.229.190.143 147.229.191.143

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\\u017Dilka Filip\AppData\Local\Google\Chrome\User Data\PepperFlash\11.8.800.97\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\\u017Dilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\\u017Dilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\\u017Dilka Filip\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Skype Click to Call) - C:\Users\ILKAFI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S2 Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [65312 2013-10-13] (qualitink)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-31] (DT Soft Ltd)
S1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SysTool; C:\Windows\System32\DRIVERS\SysTool64.sys [30720 2005-12-30] ()
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-15 08:17 - 2013-10-15 08:17 - 00000000 ____D C:\FRST
2013-10-15 08:16 - 2013-10-15 08:16 - 00112128 _____ (forum.viry.cz) C:\Users\Žilka Filip\Desktop\FRSTLauncher.exe
2013-10-15 08:15 - 2013-10-15 08:16 - 01954124 _____ (Farbar) C:\Users\Žilka Filip\Desktop\FRST64.exe
2013-10-15 08:02 - 2013-10-15 08:06 - 00000000 ____D C:\AdwCleaner
2013-10-15 08:01 - 2013-10-15 08:01 - 00001636 _____ C:\Users\Žilka Filip\Desktop\JRT.txt
2013-10-15 07:59 - 2013-10-15 08:05 - 01048960 _____ C:\Users\Žilka Filip\Desktop\adwcleaner.exe
2013-10-15 07:43 - 2013-10-15 07:43 - 00000000 ____D C:\Windows\ERUNT
2013-10-15 07:42 - 2013-10-15 07:43 - 01032220 _____ (Thisisu) C:\Users\Žilka Filip\Desktop\JRT.exe
2013-10-14 22:28 - 2013-10-14 22:33 - 00006945 _____ C:\Users\Žilka Filip\Downloads\678587921
2013-10-14 22:28 - 2013-10-14 22:33 - 00006896 _____ C:\Users\Žilka Filip\Downloads\679681528
2013-10-14 21:48 - 2013-10-14 21:48 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-14 21:48 - 2013-10-14 21:48 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-14 21:48 - 2013-10-14 21:48 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-14 21:48 - 2013-08-30 09:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-14 21:48 - 2013-08-30 09:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-14 21:48 - 2013-08-30 09:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-14 21:47 - 2013-10-14 21:47 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-14 21:47 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-14 21:46 - 2013-10-14 21:47 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-14 21:21 - 2013-10-14 21:22 - 131918888 _____ C:\Users\Žilka Filip\Downloads\avast_free_antivirus_setup.exe
2013-10-14 20:46 - 2013-10-14 21:58 - 00000000 ____D C:\Program Files\trend micro
2013-10-14 20:46 - 2013-10-14 20:46 - 00000000 ____D C:\rsit
2013-10-14 20:45 - 2013-10-14 20:46 - 00935175 _____ C:\Users\Žilka Filip\Downloads\RSITx64 (1).exe
2013-10-14 20:36 - 2013-10-14 20:36 - 00935175 _____ C:\Users\Žilka Filip\Downloads\RSITx64.exe
2013-10-14 17:41 - 2013-10-14 17:41 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-14 17:41 - 2013-10-14 17:41 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Malwarebytes
2013-10-14 17:40 - 2013-10-14 17:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-14 17:40 - 2013-10-14 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-14 17:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-14 17:37 - 2013-10-14 17:38 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Žilka Filip\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-14 09:25 - 2013-10-14 09:25 - 02289525 _____ C:\Users\Žilka Filip\Downloads\DokumentaceProProgramatora.rar
2013-10-14 09:12 - 2013-10-14 09:12 - 00002307 _____ C:\Users\Žilka Filip\Downloads\vskp.tex
2013-10-14 08:02 - 2013-10-14 08:02 - 178139202 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E04.HDTV.XviD-AFG.avi
2013-10-13 11:21 - 2013-10-13 11:21 - 00009621 _____ C:\Users\Žilka Filip\Desktop\pan kaplan.xlsx
2013-10-12 21:58 - 2013-10-12 21:58 - 00200499 _____ C:\Users\Žilka Filip\Downloads\Jak psat bakalarku.zip
2013-10-12 07:55 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 07:55 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 07:55 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 07:55 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 07:55 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 07:55 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 07:55 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 07:55 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 07:55 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 07:55 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 07:55 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 07:55 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-12 07:54 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 07:34 - 2013-10-15 07:48 - 00000000 ____D C:\Program Files (x86)\qualitink
2013-10-12 07:33 - 2013-10-14 17:41 - 00000000 ____D C:\Program Files (x86)\HDPlayer
2013-10-10 11:44 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 11:44 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 11:44 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 11:44 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 11:44 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 11:44 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 11:44 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 11:43 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 11:43 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 11:43 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 11:43 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 11:43 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 11:43 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-10 11:43 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 11:43 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 11:43 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 11:43 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:43 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:43 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 11:43 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 11:43 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 11:43 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 11:43 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 11:43 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 11:43 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 11:43 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 11:43 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 11:43 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 11:20 - 2013-10-09 12:56 - 00032580 _____ C:\Users\Žilka Filip\Desktop\Protokol EC motory.xlsx
2013-10-08 21:35 - 2013-10-08 21:35 - 00023040 _____ C:\Users\Žilka Filip\Downloads\Hodnoty_EC_motor .xls
2013-10-08 21:35 - 2013-10-08 21:35 - 00011303 _____ C:\Users\Žilka Filip\Downloads\Hodnoty_EC_motor .xlsx
2013-10-08 21:16 - 2013-10-08 21:16 - 04225064 _____ (TeamViewer) C:\Users\Žilka Filip\Downloads\TeamViewer_Palstat_cs_QuickSupport_v8.exe
2013-10-08 20:04 - 2013-10-08 20:04 - 03805936 _____ C:\Users\Žilka Filip\Downloads\BEPB_lab_2.zip
2013-10-08 19:28 - 2013-10-08 19:28 - 00001982 _____ C:\Users\Žilka Filip\Desktop\Profylax.lnk
2013-10-08 19:28 - 2013-10-08 19:28 - 00000000 ____D C:\Program Files (x86)\Ivar
2013-10-08 19:27 - 2013-10-08 19:28 - 26493261 _____ C:\Users\Žilka Filip\Downloads\ProfInst.zip
2013-10-07 09:35 - 2013-10-07 09:35 - 00019456 _____ C:\Users\Žilka Filip\Documents\Nový.XLS
2013-10-07 09:34 - 2013-10-07 09:34 - 00003190 _____ C:\Windows\System32\Tasks\{FC86B1B1-E23A-4AFF-86A6-046876AB74C8}
2013-10-07 09:34 - 2012-09-20 15:29 - 04656218 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elm.exe
2013-10-07 09:34 - 2012-09-20 15:28 - 01225624 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elv.exe
2013-10-07 09:34 - 2012-09-20 15:28 - 00831864 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elo.exe
2013-10-07 09:34 - 2012-09-20 15:28 - 00417507 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Ely.exe
2013-10-07 09:34 - 2012-09-20 15:27 - 06133418 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Ela.exe
2013-10-07 09:34 - 2012-09-20 15:27 - 01440007 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elik.exe
2013-10-07 09:34 - 2012-09-20 15:27 - 01420659 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elj.exe
2013-10-07 09:34 - 2012-09-20 15:27 - 00851296 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Ele.exe
2013-10-07 09:34 - 2012-09-20 15:26 - 01284522 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elb.exe
2013-10-07 09:34 - 2012-09-07 15:11 - 00002467 _____ C:\Users\Žilka Filip\Downloads\ElProCADx2.10_demo.ini
2013-10-07 09:34 - 2012-09-07 15:09 - 00411253 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elz.exe
2013-10-07 09:34 - 2012-09-07 15:08 - 00404387 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elt.exe
2013-10-07 09:34 - 2012-09-07 15:08 - 00393910 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Els.exe
2013-10-07 09:33 - 2012-09-25 12:27 - 01276357 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10_demo.exe
2013-10-07 09:33 - 2012-09-20 15:34 - 12299702 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\ElProCADx2.10-Elr.exe
2013-10-07 08:12 - 2013-10-07 08:14 - 00000000 ____D C:\Users\Žilka Filip\Downloads\Microsoft Office Professional Plus 2010 CZ 64 bit
2013-10-07 08:07 - 2013-10-07 08:11 - 00000000 ____D C:\Users\Žilka Filip\Downloads\office 2010 professional original dvd
2013-10-07 08:06 - 2013-10-07 08:11 - 00000000 ____D C:\Users\Žilka Filip\Downloads\4. semestr
2013-10-06 10:09 - 2013-10-06 10:17 - 178791012 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E03.HDTV.x264-LOL.mp4
2013-10-06 10:09 - 2013-10-06 10:09 - 00007308 _____ C:\Users\Žilka Filip\Downloads\[TorrentDownloads.me]_The Big Bang Theory S07E03 HDTV x264-LOL mp4.torrent
2013-10-05 19:22 - 2013-10-05 19:22 - 00000033 ___RH C:\Windows\AstraVerox1_8_d.sec
2013-10-01 20:11 - 2013-10-01 20:11 - 00000033 ___RH C:\Windows\AstraAstra2_6_d.sec
2013-10-01 20:10 - 2013-10-01 20:10 - 00722008 _____ C:\Windows\unins002.exe
2013-10-01 20:10 - 2013-10-01 20:10 - 00002128 _____ C:\Windows\unins002.dat
2013-10-01 20:10 - 2012-09-21 13:58 - 00566784 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.zwvc10.dll
2013-10-01 20:10 - 2012-09-21 13:58 - 00039936 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.zwvc10.dll.sk
2013-10-01 20:10 - 2012-09-21 09:38 - 00572416 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.vc10.dll
2013-10-01 20:10 - 2012-09-20 10:28 - 00813056 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraDataSelect140.x64.vc8.dll
2013-10-01 20:10 - 2012-09-19 15:58 - 00774144 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraDataSelect140.x64.vc9.dll
2013-10-01 20:10 - 2012-09-19 14:55 - 00753152 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraDataSelect140.x64.vc10.dll
2013-10-01 20:10 - 2012-08-29 15:54 - 00598016 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.dll
2013-10-01 20:10 - 2012-08-29 15:54 - 00593920 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.vc7.dll
2013-10-01 20:10 - 2012-08-29 15:54 - 00585728 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.vc8.dll
2013-10-01 20:10 - 2012-08-29 15:54 - 00572416 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraDataSelect140.vc9.dll
2013-10-01 20:10 - 2012-08-29 15:54 - 00493489 _____ C:\Windows\SysWOW64\AstraDataSelect.chm
2013-10-01 20:05 - 2013-10-01 20:05 - 00001368 _____ C:\Users\Žilka Filip\Desktop\Wvtz.lnk
2013-10-01 20:05 - 2013-10-01 20:05 - 00001356 _____ C:\Users\Žilka Filip\Desktop\Verox.lnk
2013-10-01 19:59 - 2013-03-11 10:08 - 00000004 ___RH C:\Windows\AstraElProCAD_IC1_d.sec
2013-10-01 19:56 - 2012-08-29 16:03 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2013-10-01 19:56 - 2012-08-29 16:03 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2013-10-01 19:56 - 2012-08-29 16:03 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2013-10-01 19:55 - 2013-10-01 19:55 - 00000608 _____ C:\Windows\KB829558.log
2013-10-01 19:55 - 2013-10-01 19:55 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-10-01 19:55 - 2012-09-21 10:13 - 00039424 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraData120.zwvc10.dll
2013-10-01 19:55 - 2012-09-20 10:27 - 00303616 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraData120.x64.vc8.dll
2013-10-01 19:55 - 2012-09-19 15:57 - 00331776 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraData120.x64.vc9.dll
2013-10-01 19:55 - 2012-09-19 14:54 - 00286208 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraData120.x64.vc10.dll
2013-10-01 19:55 - 2012-08-29 15:43 - 00086016 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraData120.vc7.dll
2013-10-01 19:55 - 2012-08-29 15:43 - 00053248 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraData120.vc8.dll
2013-10-01 19:55 - 2012-08-29 15:43 - 00047616 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraData120.vc9.dll
2013-10-01 19:54 - 2013-10-01 20:10 - 00000000 ____D C:\Users\Public\Documents\Astra 92
2013-10-01 19:54 - 2013-10-01 19:55 - 00002035 _____ C:\Windows\unins001.dat
2013-10-01 19:54 - 2013-10-01 19:54 - 00722081 _____ C:\Windows\unins001.exe
2013-10-01 19:54 - 2013-10-01 19:54 - 00722081 _____ C:\Windows\unins000.exe
2013-10-01 19:54 - 2013-10-01 19:54 - 00003565 _____ C:\Windows\unins000.dat
2013-10-01 19:54 - 2013-10-01 19:54 - 00001350 _____ C:\Users\Žilka Filip\Desktop\Astra.lnk
2013-10-01 19:54 - 2012-09-24 12:42 - 00043520 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.zwvc10.dll
2013-10-01 19:54 - 2012-09-24 12:42 - 00018944 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.zwvc10.dll.en
2013-10-01 19:54 - 2012-09-24 12:42 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.zwvc10.dll.sk
2013-10-01 19:54 - 2012-09-21 09:16 - 00043008 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc10.dll
2013-10-01 19:54 - 2012-09-21 09:16 - 00018944 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc10.dll.en
2013-10-01 19:54 - 2012-09-21 09:16 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc10.dll.sk
2013-10-01 19:54 - 2012-09-21 09:15 - 00039936 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraData120.vc10.dll
2013-10-01 19:54 - 2012-09-19 15:32 - 00056832 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc8.dll
2013-10-01 19:54 - 2012-09-19 15:32 - 00017920 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc8.dll.en
2013-10-01 19:54 - 2012-09-19 15:32 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc8.dll.sk
2013-10-01 19:54 - 2012-08-29 15:43 - 00688128 _____ () C:\Windows\SysWOW64\BCGCB474.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00057344 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc7.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00053248 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc8.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00049664 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc9.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00045056 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00045056 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraData120.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00040960 _____ C:\Windows\SysWOW64\BCGCBResCSY.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00036864 _____ C:\Windows\SysWOW64\BCGCBResSKY.dll
2013-10-01 19:54 - 2012-08-29 15:43 - 00024576 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.dll.sk
2013-10-01 19:54 - 2012-08-29 15:43 - 00020480 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.dll.en
2013-10-01 19:54 - 2012-08-29 15:43 - 00017920 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc8.dll.en
2013-10-01 19:54 - 2012-08-29 15:43 - 00017920 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc7.dll.en
2013-10-01 19:54 - 2012-08-29 15:43 - 00017408 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc9.dll.en
2013-10-01 19:54 - 2012-08-29 15:43 - 00015776 _____ C:\Windows\prevod.exe
2013-10-01 19:54 - 2012-08-29 15:43 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc9.dll.sk
2013-10-01 19:54 - 2012-08-29 15:43 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc8.dll.sk
2013-10-01 19:54 - 2012-08-29 15:43 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\SysWOW64\AstraSec125.vc7.dll.sk
2013-10-01 19:54 - 2012-08-29 15:43 - 00000967 _____ C:\Windows\prevod.pif
2013-10-01 19:54 - 2012-08-29 15:35 - 00065024 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc9.dll
2013-10-01 19:54 - 2012-08-29 15:35 - 00051200 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc10.dll
2013-10-01 19:54 - 2012-08-29 15:35 - 00018944 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc10.dll.en
2013-10-01 19:54 - 2012-08-29 15:35 - 00017408 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc9.dll.en
2013-10-01 19:54 - 2012-08-29 15:35 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc9.dll.sk
2013-10-01 19:54 - 2012-08-29 15:35 - 00004096 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.x64.vc10.dll.sk
2013-10-01 19:50 - 2013-10-01 19:50 - 29435728 _____ (Microsoft Corporation) C:\Users\Žilka Filip\Downloads\AccessDatabaseEngine_x64.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 02966624 _____ (Microsoft Corporation) C:\Users\Žilka Filip\Downloads\Jet40SP8_XP.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 02556575 _____ ( ) C:\Users\Žilka Filip\Downloads\DataEx.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 01473505 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\CommonLibs.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 01068136 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\DataObjects.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 00326038 _____ C:\Users\Žilka Filip\Downloads\AstraMergeStructure.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 00000000 ____D C:\Users\Žilka Filip\Downloads\Instalace
2013-10-01 19:49 - 2013-10-01 19:50 - 14282082 _____ C:\Users\Žilka Filip\Downloads\Data_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 29294675 _____ C:\Users\Žilka Filip\Downloads\ElProCAD_IC_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 05655522 _____ C:\Users\Žilka Filip\Downloads\ElProCAD_LTx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 05482182 _____ C:\Users\Žilka Filip\Downloads\VzProCADx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 03416567 _____ C:\Users\Žilka Filip\Downloads\XProCADx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 02450574 _____ C:\Users\Žilka Filip\Downloads\XProCAD_IC_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 02381080 _____ C:\Users\Žilka Filip\Downloads\Wvtz_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 01601571 _____ C:\Users\Žilka Filip\Downloads\Verox_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 01225959 _____ C:\Users\Žilka Filip\Downloads\ProCADx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 00641433 _____ C:\Users\Žilka Filip\Downloads\ProCAD_IC_demo.exe
2013-10-01 19:48 - 2013-10-01 19:49 - 32865604 _____ C:\Users\Žilka Filip\Downloads\ElProCADx_demo.exe
2013-10-01 19:48 - 2013-10-01 19:48 - 06402163 _____ C:\Users\Žilka Filip\Downloads\Astra_demo.exe
2013-10-01 19:48 - 2013-10-01 19:48 - 00458206 _____ C:\Users\Žilka Filip\Downloads\WebDemo.exe
2013-10-01 19:48 - 2013-07-29 15:04 - 00005295 _____ C:\Users\Žilka Filip\Downloads\AstraSW_WebDemo.ini
2013-10-01 19:48 - 2012-09-25 13:38 - 00379165 _____ (ASTRA MS Software s.r.o. ) C:\Users\Žilka Filip\Downloads\AstraSW_WebDemo.exe
2013-10-01 17:20 - 2013-10-01 17:20 - 185161290 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E01.HDTV.XviD-AFG.avi
2013-10-01 17:20 - 2013-10-01 17:20 - 184843518 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E02.HDTV.XviD-AFG.avi
2013-10-01 11:28 - 2013-10-01 11:28 - 00469534 _____ C:\Users\Žilka Filip\Downloads\Znacky.dwg
2013-09-30 17:23 - 2013-09-30 17:23 - 00340507 _____ C:\Users\Žilka Filip\Downloads\VUT-E-pudorysy (1).dwg
2013-09-26 17:34 - 2013-09-26 17:34 - 00005865 _____ C:\Users\Žilka Filip\Downloads\crash_report.txt
2013-09-26 17:33 - 2013-09-26 17:33 - 00340507 _____ C:\Users\Žilka Filip\Downloads\VUT-E-pudorysy.dwg
2013-09-26 15:07 - 2013-10-15 08:08 - 00012824 _____ C:\Windows\setupact.log
2013-09-26 15:07 - 2013-10-14 21:53 - 00027302 _____ C:\Windows\PFRO.log
2013-09-26 15:07 - 2013-09-26 15:07 - 00000000 _____ C:\Windows\setuperr.log
2013-09-26 14:54 - 2013-09-26 14:54 - 00003130 _____ C:\Windows\System32\Tasks\{563E7211-68C0-46B5-B044-5ACC16C4B99B}
2013-09-26 14:32 - 2013-09-26 14:45 - 00017120 _____ C:\Windows\DPINST.LOG
2013-09-25 15:59 - 2013-09-25 15:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-09-25 15:58 - 2013-09-25 15:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-09-25 15:57 - 2013-09-25 16:02 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Nokia
2013-09-25 15:57 - 2013-09-25 15:59 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\PC Suite
2013-09-25 15:57 - 2013-09-25 15:59 - 00000000 ____D C:\ProgramData\PC Suite
2013-09-25 15:51 - 2012-01-09 17:28 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll
2013-09-25 15:50 - 2013-09-25 15:50 - 00000000 ____D C:\ProgramData\Installations
2013-09-25 11:21 - 2013-09-25 11:21 - 00002021 _____ C:\Users\Public\Desktop\BricsCAD V13 (x64) en_US.lnk
2013-09-25 11:21 - 2013-09-25 11:21 - 00000000 ____D C:\Program Files\Bricsys
2013-09-24 21:25 - 2013-09-30 17:30 - 00011827 _____ C:\Users\Žilka Filip\crash_report.txt
2013-09-24 17:45 - 2013-09-24 17:45 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Bricsys
2013-09-24 17:45 - 2013-09-24 17:45 - 00000000 ____D C:\Users\Žilka Filip\AppData\Local\Bricsys
2013-09-16 07:54 - 2013-09-26 13:58 - 00000000 ____D C:\Windows\Minidump

==================== One Month Modified Files and Folders =======

2013-10-15 08:18 - 2009-07-14 06:45 - 00032016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-15 08:17 - 2013-10-15 08:17 - 00000000 ____D C:\FRST
2013-10-15 08:17 - 2009-07-14 06:45 - 00032016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-15 08:16 - 2013-10-15 08:16 - 00112128 _____ (forum.viry.cz) C:\Users\Žilka Filip\Desktop\FRSTLauncher.exe
2013-10-15 08:16 - 2013-10-15 08:15 - 01954124 _____ (Farbar) C:\Users\Žilka Filip\Desktop\FRST64.exe
2013-10-15 08:16 - 2012-12-21 15:27 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Skype
2013-10-15 08:13 - 2012-12-21 14:15 - 01851362 _____ C:\Windows\WindowsUpdate.log
2013-10-15 08:08 - 2013-09-26 15:07 - 00012824 _____ C:\Windows\setupact.log
2013-10-15 08:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-15 08:06 - 2013-10-15 08:02 - 00000000 ____D C:\AdwCleaner
2013-10-15 08:05 - 2013-10-15 07:59 - 01048960 _____ C:\Users\Žilka Filip\Desktop\adwcleaner.exe
2013-10-15 08:01 - 2013-10-15 08:01 - 00001636 _____ C:\Users\Žilka Filip\Desktop\JRT.txt
2013-10-15 07:48 - 2013-10-12 07:34 - 00000000 ____D C:\Program Files (x86)\qualitink
2013-10-15 07:43 - 2013-10-15 07:43 - 00000000 ____D C:\Windows\ERUNT
2013-10-15 07:43 - 2013-10-15 07:42 - 01032220 _____ (Thisisu) C:\Users\Žilka Filip\Desktop\JRT.exe
2013-10-14 22:33 - 2013-10-14 22:28 - 00006945 _____ C:\Users\Žilka Filip\Downloads\678587921
2013-10-14 22:33 - 2013-10-14 22:28 - 00006896 _____ C:\Users\Žilka Filip\Downloads\679681528
2013-10-14 21:58 - 2013-10-14 20:46 - 00000000 ____D C:\Program Files\trend micro
2013-10-14 21:56 - 2012-12-21 14:58 - 00107264 _____ C:\Users\Žilka Filip\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 21:54 - 2009-07-14 06:45 - 00413816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 21:53 - 2013-09-26 15:07 - 00027302 _____ C:\Windows\PFRO.log
2013-10-14 21:49 - 2013-02-18 11:15 - 00000000 ____D C:\Users\Žilka Filip\Documents\Súbory programu Outlook
2013-10-14 21:48 - 2013-10-14 21:48 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-14 21:48 - 2013-10-14 21:48 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-14 21:48 - 2013-10-14 21:48 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-14 21:47 - 2013-10-14 21:47 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-14 21:47 - 2013-10-14 21:46 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-14 21:37 - 2012-12-21 15:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 21:34 - 2012-12-21 15:52 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-14 21:34 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-14 21:32 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2013-10-14 21:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-10-14 21:25 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-14 21:25 - 2009-07-14 04:34 - 00000387 _____ C:\Windows\win.ini
2013-10-14 21:22 - 2013-10-14 21:21 - 131918888 _____ C:\Users\Žilka Filip\Downloads\avast_free_antivirus_setup.exe
2013-10-14 20:46 - 2013-10-14 20:46 - 00000000 ____D C:\rsit
2013-10-14 20:46 - 2013-10-14 20:45 - 00935175 _____ C:\Users\Žilka Filip\Downloads\RSITx64 (1).exe
2013-10-14 20:36 - 2013-10-14 20:36 - 00935175 _____ C:\Users\Žilka Filip\Downloads\RSITx64.exe
2013-10-14 20:36 - 2012-12-21 16:04 - 00000000 ____D C:\Windows\AutoKMS
2013-10-14 18:51 - 2012-12-21 15:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:41 - 2013-10-14 17:41 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-14 17:41 - 2013-10-14 17:41 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Malwarebytes
2013-10-14 17:41 - 2013-10-14 17:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-14 17:41 - 2013-10-12 07:33 - 00000000 ____D C:\Program Files (x86)\HDPlayer
2013-10-14 17:40 - 2013-10-14 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-14 17:38 - 2013-10-14 17:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Žilka Filip\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-14 17:34 - 2012-12-21 15:33 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\vlc
2013-10-14 09:25 - 2013-10-14 09:25 - 02289525 _____ C:\Users\Žilka Filip\Downloads\DokumentaceProProgramatora.rar
2013-10-14 09:12 - 2013-10-14 09:12 - 00002307 _____ C:\Users\Žilka Filip\Downloads\vskp.tex
2013-10-14 08:02 - 2013-10-14 08:02 - 178139202 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E04.HDTV.XviD-AFG.avi
2013-10-14 08:02 - 2013-01-09 17:05 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\DC++
2013-10-14 08:02 - 2013-01-09 17:05 - 00000000 ____D C:\Users\Žilka Filip\AppData\Local\DC++
2013-10-13 11:21 - 2013-10-13 11:21 - 00009621 _____ C:\Users\Žilka Filip\Desktop\pan kaplan.xlsx
2013-10-13 07:34 - 2012-12-21 23:09 - 00000000 ____D C:\Windows\Panther
2013-10-13 07:32 - 2013-07-13 07:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-13 07:32 - 2013-07-13 07:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 21:58 - 2013-10-12 21:58 - 00200499 _____ C:\Users\Žilka Filip\Downloads\Jak psat bakalarku.zip
2013-10-12 07:44 - 2012-12-21 15:45 - 00858318 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-12 07:43 - 2009-07-14 07:13 - 00858318 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 07:15 - 2013-07-31 08:17 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 07:00 - 2012-12-23 16:30 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 12:56 - 2013-10-09 11:20 - 00032580 _____ C:\Users\Žilka Filip\Desktop\Protokol EC motory.xlsx
2013-10-08 21:35 - 2013-10-08 21:35 - 00023040 _____ C:\Users\Žilka Filip\Downloads\Hodnoty_EC_motor .xls
2013-10-08 21:35 - 2013-10-08 21:35 - 00011303 _____ C:\Users\Žilka Filip\Downloads\Hodnoty_EC_motor .xlsx
2013-10-08 21:16 - 2013-10-08 21:16 - 04225064 _____ (TeamViewer) C:\Users\Žilka Filip\Downloads\TeamViewer_Palstat_cs_QuickSupport_v8.exe
2013-10-08 20:04 - 2013-10-08 20:04 - 03805936 _____ C:\Users\Žilka Filip\Downloads\BEPB_lab_2.zip
2013-10-08 19:28 - 2013-10-08 19:28 - 00001982 _____ C:\Users\Žilka Filip\Desktop\Profylax.lnk
2013-10-08 19:28 - 2013-10-08 19:28 - 00000000 ____D C:\Program Files (x86)\Ivar
2013-10-08 19:28 - 2013-10-08 19:27 - 26493261 _____ C:\Users\Žilka Filip\Downloads\ProfInst.zip
2013-10-07 09:35 - 2013-10-07 09:35 - 00019456 _____ C:\Users\Žilka Filip\Documents\Nový.XLS
2013-10-07 09:34 - 2013-10-07 09:34 - 00003190 _____ C:\Windows\System32\Tasks\{FC86B1B1-E23A-4AFF-86A6-046876AB74C8}
2013-10-07 09:30 - 2012-12-21 14:23 - 00000000 ____D C:\Users\Žilka Filip\AppData\Local\VirtualStore
2013-10-07 08:14 - 2013-10-07 08:12 - 00000000 ____D C:\Users\Žilka Filip\Downloads\Microsoft Office Professional Plus 2010 CZ 64 bit
2013-10-07 08:11 - 2013-10-07 08:07 - 00000000 ____D C:\Users\Žilka Filip\Downloads\office 2010 professional original dvd
2013-10-07 08:11 - 2013-10-07 08:06 - 00000000 ____D C:\Users\Žilka Filip\Downloads\4. semestr
2013-10-06 10:48 - 2013-01-04 11:47 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\uTorrent
2013-10-06 10:17 - 2013-10-06 10:09 - 178791012 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E03.HDTV.x264-LOL.mp4
2013-10-06 10:09 - 2013-10-06 10:09 - 00007308 _____ C:\Users\Žilka Filip\Downloads\[TorrentDownloads.me]_The Big Bang Theory S07E03 HDTV x264-LOL mp4.torrent
2013-10-05 19:22 - 2013-10-05 19:22 - 00000033 ___RH C:\Windows\AstraVerox1_8_d.sec
2013-10-03 11:36 - 2013-01-07 11:00 - 00000000 ____D C:\Users\Žilka Filip\Documents\Visual Studio 2010
2013-10-01 20:11 - 2013-10-01 20:11 - 00000033 ___RH C:\Windows\AstraAstra2_6_d.sec
2013-10-01 20:10 - 2013-10-01 20:10 - 00722008 _____ C:\Windows\unins002.exe
2013-10-01 20:10 - 2013-10-01 20:10 - 00002128 _____ C:\Windows\unins002.dat
2013-10-01 20:10 - 2013-10-01 19:54 - 00000000 ____D C:\Users\Public\Documents\Astra 92
2013-10-01 20:05 - 2013-10-01 20:05 - 00001368 _____ C:\Users\Žilka Filip\Desktop\Wvtz.lnk
2013-10-01 20:05 - 2013-10-01 20:05 - 00001356 _____ C:\Users\Žilka Filip\Desktop\Verox.lnk
2013-10-01 19:55 - 2013-10-01 19:55 - 00000608 _____ C:\Windows\KB829558.log
2013-10-01 19:55 - 2013-10-01 19:55 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-10-01 19:55 - 2013-10-01 19:54 - 00002035 _____ C:\Windows\unins001.dat
2013-10-01 19:54 - 2013-10-01 19:54 - 00722081 _____ C:\Windows\unins001.exe
2013-10-01 19:54 - 2013-10-01 19:54 - 00722081 _____ C:\Windows\unins000.exe
2013-10-01 19:54 - 2013-10-01 19:54 - 00003565 _____ C:\Windows\unins000.dat
2013-10-01 19:54 - 2013-10-01 19:54 - 00001350 _____ C:\Users\Žilka Filip\Desktop\Astra.lnk
2013-10-01 19:50 - 2013-10-01 19:50 - 29435728 _____ (Microsoft Corporation) C:\Users\Žilka Filip\Downloads\AccessDatabaseEngine_x64.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 02966624 _____ (Microsoft Corporation) C:\Users\Žilka Filip\Downloads\Jet40SP8_XP.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 02556575 _____ ( ) C:\Users\Žilka Filip\Downloads\DataEx.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 01473505 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\CommonLibs.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 01068136 _____ (ASTRA 92 a.s. ) C:\Users\Žilka Filip\Downloads\DataObjects.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 00326038 _____ C:\Users\Žilka Filip\Downloads\AstraMergeStructure.exe
2013-10-01 19:50 - 2013-10-01 19:50 - 00000000 ____D C:\Users\Žilka Filip\Downloads\Instalace
2013-10-01 19:50 - 2013-10-01 19:49 - 14282082 _____ C:\Users\Žilka Filip\Downloads\Data_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 29294675 _____ C:\Users\Žilka Filip\Downloads\ElProCAD_IC_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 05655522 _____ C:\Users\Žilka Filip\Downloads\ElProCAD_LTx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 05482182 _____ C:\Users\Žilka Filip\Downloads\VzProCADx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 03416567 _____ C:\Users\Žilka Filip\Downloads\XProCADx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 02450574 _____ C:\Users\Žilka Filip\Downloads\XProCAD_IC_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 02381080 _____ C:\Users\Žilka Filip\Downloads\Wvtz_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 01601571 _____ C:\Users\Žilka Filip\Downloads\Verox_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 01225959 _____ C:\Users\Žilka Filip\Downloads\ProCADx_demo.exe
2013-10-01 19:49 - 2013-10-01 19:49 - 00641433 _____ C:\Users\Žilka Filip\Downloads\ProCAD_IC_demo.exe
2013-10-01 19:49 - 2013-10-01 19:48 - 32865604 _____ C:\Users\Žilka Filip\Downloads\ElProCADx_demo.exe
2013-10-01 19:48 - 2013-10-01 19:48 - 06402163 _____ C:\Users\Žilka Filip\Downloads\Astra_demo.exe
2013-10-01 19:48 - 2013-10-01 19:48 - 00458206 _____ C:\Users\Žilka Filip\Downloads\WebDemo.exe
2013-10-01 17:20 - 2013-10-01 17:20 - 185161290 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E01.HDTV.XviD-AFG.avi
2013-10-01 17:20 - 2013-10-01 17:20 - 184843518 _____ C:\Users\Žilka Filip\Downloads\The.Big.Bang.Theory.S07E02.HDTV.XviD-AFG.avi
2013-10-01 11:28 - 2013-10-01 11:28 - 00469534 _____ C:\Users\Žilka Filip\Downloads\Znacky.dwg
2013-09-30 17:30 - 2013-09-24 21:25 - 00011827 _____ C:\Users\Žilka Filip\crash_report.txt
2013-09-30 17:23 - 2013-09-30 17:23 - 00340507 _____ C:\Users\Žilka Filip\Downloads\VUT-E-pudorysy (1).dwg
2013-09-26 17:34 - 2013-09-26 17:34 - 00005865 _____ C:\Users\Žilka Filip\Downloads\crash_report.txt
2013-09-26 17:33 - 2013-09-26 17:33 - 00340507 _____ C:\Users\Žilka Filip\Downloads\VUT-E-pudorysy.dwg
2013-09-26 15:07 - 2013-09-26 15:07 - 00000000 _____ C:\Windows\setuperr.log
2013-09-26 14:54 - 2013-09-26 14:54 - 00003130 _____ C:\Windows\System32\Tasks\{563E7211-68C0-46B5-B044-5ACC16C4B99B}
2013-09-26 14:53 - 2012-12-24 15:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-26 14:50 - 2013-05-27 17:38 - 00000000 ____D C:\Program Files (x86)\Ski Region Simulator 2012
2013-09-26 14:48 - 2013-01-29 22:39 - 00000000 ____D C:\Users\Žilka Filip\Documents\Euro Truck Simulator 2
2013-09-26 14:45 - 2013-09-26 14:32 - 00017120 _____ C:\Windows\DPINST.LOG
2013-09-26 14:08 - 2013-03-13 12:49 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\CodeBlocks
2013-09-26 14:02 - 2013-01-31 15:38 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\DAEMON Tools Lite
2013-09-26 13:58 - 2013-09-16 07:54 - 00000000 ____D C:\Windows\Minidump
2013-09-25 16:02 - 2013-09-25 15:57 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Nokia
2013-09-25 15:59 - 2013-09-25 15:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-09-25 15:59 - 2013-09-25 15:57 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\PC Suite
2013-09-25 15:59 - 2013-09-25 15:57 - 00000000 ____D C:\ProgramData\PC Suite
2013-09-25 15:58 - 2013-09-25 15:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-09-25 15:53 - 2013-05-17 17:44 - 00000000 ____D C:\Program Files\DIFX
2013-09-25 15:50 - 2013-09-25 15:50 - 00000000 ____D C:\ProgramData\Installations
2013-09-25 11:21 - 2013-09-25 11:21 - 00002021 _____ C:\Users\Public\Desktop\BricsCAD V13 (x64) en_US.lnk
2013-09-25 11:21 - 2013-09-25 11:21 - 00000000 ____D C:\Program Files\Bricsys
2013-09-24 21:25 - 2012-12-21 14:23 - 00000000 ____D C:\Users\Žilka Filip
2013-09-24 17:45 - 2013-09-24 17:45 - 00000000 ____D C:\Users\Žilka Filip\AppData\Roaming\Bricsys
2013-09-24 17:45 - 2013-09-24 17:45 - 00000000 ____D C:\Users\Žilka Filip\AppData\Local\Bricsys
2013-09-23 01:28 - 2013-10-12 07:55 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-12 07:55 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-12 07:55 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 01:27 - 2013-10-12 07:54 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-12 07:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-12 07:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-12 07:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-12 07:55 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-12 07:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 05:38 - 2013-10-12 07:55 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-12 07:55 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-12 07:55 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-12 07:55 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Some content of TEMP:
====================
C:\Users\Žilka Filip\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-28 11:00




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:146.55 GB) (Free:77.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:307.45 GB) (Free:110.19 GB) NTFS
Drive g: () (Removable) (Total:3.75 GB) (Free:1.2 GB) FAT32

Available physical RAM: 2122.45 MB
Total physical RAM: 3838.36 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BAD9BAD9)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=307 GB) - (Type=OF Extended)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:F25DDE13

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\�ilka Filip\Desktop" je 625 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\�ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_B85787955A3A24DB2F1ED99A6B250C88
"C:\Users\�ilka Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\�ilka Filip\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoWebCamera
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Preventivka

Napsal: 15 říj 2013 07:20
od ziliph
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Žilka Filip at 2013-10-15 08:19:02
Running from C:\Users\Žilka Filip\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.2.3.28705)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.6.602.180)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
AMD USB Filter Driver (x32 Version: 1.0.11.86)
Apple Application Support (x32 Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ASTRA 92 - Astra 2.6.5.7.7 (x32 Version: 2.6.5.7.7)
ASTRA 92 - Astra DemoData 2.6 (x32 Version: 2.6)
ASTRA 92 - Data 2009.3 (x32 Version: 2009.3)
ASTRA 92 - ElProCAD IC 1.0 (x32 Version: 1.0)
ASTRA 92 - ElProCAD LTx 1.3 (x32 Version: 1.3)
ASTRA 92 - ElProCADx 2.8 (x32 Version: 2.8)
ASTRA 92 - ProCAD IC 1.0.1 (x32 Version: 1.0.1)
ASTRA 92 - ProCADx 1.0.0.5 (x32 Version: 1.0.0.5)
ASTRA 92 - Verox 1.8.8.2.1 (x32 Version: 1.8.8.2.1)
ASTRA 92 - Wvtz 4.0.0.1.1 (x32 Version: 4.0.0.1.1)
ASTRA 92 - XProCAD IC 2.3 (x32 Version: 2.3)
ASTRA 92 - XProCADx 2.1 (x32 Version: 2.1)
ASTRA MS Software - Astra 2.6.5.10 (x32 Version: 2.6.5.7.10)
ASTRA MS Software - CommonLibs 1.2.0.6 (x32 Version: 1.2.0.6)
ASTRA MS Software - Data 2012.4 (x32 Version: 2012.4)
ASTRA MS Software - DataObjects 1.2.3.0.3-4.0sp8 (x32 Version: 1.2.3.0.3-4.0sp8)
ATI Catalyst Install Manager (Version: 3.0.732.0)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
BricsCAD V13.2.10 (x64) en_US (Version: 13.2.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498)
CCC Help Czech (x32 Version: 2009.0729.2226.38498)
CCC Help Danish (x32 Version: 2009.0729.2226.38498)
CCC Help Dutch (x32 Version: 2009.0729.2226.38498)
CCC Help English (x32 Version: 2009.0729.2226.38498)
CCC Help Finnish (x32 Version: 2009.0729.2226.38498)
CCC Help French (x32 Version: 2009.0729.2226.38498)
CCC Help German (x32 Version: 2009.0729.2226.38498)
CCC Help Greek (x32 Version: 2009.0729.2226.38498)
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498)
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498)
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498)
CCC Help Italian (x32 Version: 2009.0729.2226.38498)
CCC Help Japanese (x32 Version: 2009.0729.2226.38498)
CCC Help Korean (x32 Version: 2009.0729.2226.38498)
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498)
CCC Help Polish (x32 Version: 2009.0729.2226.38498)
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498)
CCC Help Russian (x32 Version: 2009.0729.2226.38498)
CCC Help Spanish (x32 Version: 2009.0729.2226.38498)
CCC Help Swedish (x32 Version: 2009.0729.2226.38498)
CCC Help Thai (x32 Version: 2009.0729.2226.38498)
CCC Help Turkish (x32 Version: 2009.0729.2226.38498)
ccc-core-static (x32 Version: 2009.0729.2227.38498)
ccc-utility64 (Version: 2009.0729.2227.38498)
CCleaner (Version: 3.28)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240)
DAEMON Tools Lite (x32 Version: 4.46.1.0328)
DataEx verze 1.0 (x32 Version: 1.0)
DC++ 0.802 (x32 Version: 0.802)
Dotfuscator Software Services - Community Edition (x32 Version: 5.0.2300.0)
EAGLE 6.3.0 (x32 Version: 6.3.0)
Free YouTube to MP3 Converter version 3.12.9.725 (x32 Version: 3.12.9.725)
Gateway Power Management (x32 Version: 4.05.3007)
Google Chrome (HKCU Version: 28.0.1500.71)
Google Zem (x32 Version: 6.1.0.5001)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 24 (x32 Version: 6.0.240)
LogixPro-500 PLC Simulator (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MATLAB R2009b (Version: 7.9)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 3 SDK (x32 Version: 3.0.40818.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (x32 Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (x32 Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (x32 Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.3.5500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (x32 Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
Need for Speed Underground 2 (x32)
NHL® 09 (x32 Version: 2.0.1.0)
PROFYLAX (x32 Version: 2.02)
qualitink 1.0.0 (Version: 1.0.0)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0)
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.6 (x32 Version: 6.6.106)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Video Web Camera (x32 Version: 0.5.30.2)
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0)
VLC media player 2.0.4 (x32 Version: 2.0.4)
Web Deployment Tool (Version: 1.1.0618)
WinRAR 4.10 beta 3 (64-bit) (Version: 4.10.3)

==================== Restore Points =========================

10-10-2013 06:43:21 Windows Update
11-10-2013 04:56:21 Windows Update
13-10-2013 05:48:58 Windows Update
14-10-2013 05:41:25 Windows Update
14-10-2013 16:55:19 Windows Update
14-10-2013 19:19:47 Removed Microsoft Office Professional Plus 2010
14-10-2013 19:47:03 Inštalácia avast! Free Antivirus

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1CF91DD7-FBF5-4DFE-8B8D-E676AF40918C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA => C:\Users\Žilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {3696E00B-C884-4735-A370-CDB331C5C4A5} - System32\Tasks\{CF506DE2-27ED-4604-840E-DB1195A08927} => Iexplore.exe http://www.skype.com/go/downloading?sou ... tError=404
Task: {3AB80095-9FAF-4101-9C6A-1CE2776D7143} - System32\Tasks\{AD141D7D-E578-4172-912D-89F50BDA7538} => Iexplore.exe http://www.skype.com/go/downloading?sou ... tError=404
Task: {3D4F6D40-29AD-407F-BC41-2585C38CE316} - System32\Tasks\{7E807638-8040-44CC-AD18-D5BADC959DF0} => Iexplore.exe http://www.skype.com/go/downloading?sou ... tError=404
Task: {4091E681-FDE1-4225-844D-6F76148F845A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {42A53067-B771-4E98-9A84-E8B12531E8A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core => C:\Users\Žilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {4B43A497-6443-4F15-A409-66C5D8BC8D3A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {4F0F24AF-F36C-4F68-A4A1-62A578AE35F3} - System32\Tasks\{28FAF6AE-D7EF-492E-A328-AB73EEFD9BD4} => Iexplore.exe http://ui.skype.com/ui/0/6.0.59.126/en/ ... Error=1618
Task: {7970CDBB-A4DD-4F43-8D79-7D5F31B11D75} - System32\Tasks\{B48F166F-ABAF-4E0B-BCCC-22A9E5A70EC8} => Iexplore.exe http://ui.skype.com/ui/0/6.0.59.126/en/ ... Error=1618
Task: {83EF396C-3E81-41FC-A1B9-9A0DB76DEE16} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {BB50A4B7-7F69-4580-8010-2421D717DCE7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)
Task: {F18C72FD-1C52-4B6D-AC84-82B8CBF1E66B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-21 15:36 - 2011-11-05 19:28 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2009-05-13 10:44 - 2009-05-13 10:44 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-05-17 17:43 - 2013-05-17 17:43 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-15 07:17 - 2013-10-14 22:24 - 02105856 _____ () C:\Program Files\AVAST Software\Avast\defs\13101401\algo.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-12 21:57 - 2013-07-03 07:09 - 00601552 _____ () C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\libglesv2.dll
2013-07-12 21:57 - 2013-07-03 07:09 - 00123344 _____ () C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\libegl.dll
2013-07-12 21:57 - 2013-07-03 07:10 - 04052944 _____ () C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\pdf.dll
2013-07-12 21:57 - 2013-07-03 07:10 - 00396240 _____ () C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll
2013-07-12 21:57 - 2013-07-03 07:09 - 01597392 _____ () C:\Users\Žilka Filip\AppData\Local\Google\Chrome\Application\28.0.1500.71\ffmpegsumo.dll
2013-07-12 22:54 - 2013-07-12 22:54 - 13599624 _____ () C:\Users\Žilka Filip\AppData\Local\Google\Chrome\User Data\PepperFlash\11.8.800.97\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:F25DDE13

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Epfw NDIS LightWeight Filter
Description: Epfw NDIS LightWeight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: EpfwLWF
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: XAudio
Description: XAudio
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: XAudio
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2013 08:10:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/15/2013 08:10:50 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
EpfwLWF

Error: (10/15/2013 08:09:49 AM) (Source: Service Control Manager) (User: )
Description: The Util qualitink service failed to start due to the following error:
%%1053

Error: (10/15/2013 08:09:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Util qualitink service to connect.

Error: (10/15/2013 08:08:09 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/15/2013 08:08:09 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/15/2013 08:08:08 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/15/2013 08:08:08 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================
Error: (10/15/2013 08:10:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2013-10-15 08:10:03.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64MP19.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-15 08:09:49.529
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-15 08:09:49.424
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-15 08:08:29.453
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-15 08:08:29.359
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mdmxsdk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-15 08:07:59.338
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SysTool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-15 08:07:59.244
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SysTool64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-14 21:56:26.064
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-14 21:56:25.940
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\XAudio64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-14 21:56:24.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64MP19.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 3838.36 MB
Available physical RAM: 2122.45 MB
Total Pagefile: 7674.9 MB
Available Pagefile: 5531.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.55 GB) (Free:77.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:307.45 GB) (Free:110.19 GB) NTFS
Drive g: () (Removable) (Total:3.75 GB) (Free:1.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BAD9BAD9)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=147 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=307 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

Re: Preventivka

Napsal: 15 říj 2013 08:02
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876456 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA048AA72B242CE01
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb

CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx

S2 Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [65312 2013-10-13] (qualitink)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:F25DDE13

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_B85787955A3A24DB2F1ED99A6B250C88" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f

2013-10-07 08:12 - 2013-10-07 08:14 - 00000000 ____D C:\Users\Žilka Filip\Downloads\Microsoft Office Professional Plus 2010 CZ 64 bit
2013-10-07 08:07 - 2013-10-07 08:11 - 00000000 ____D C:\Users\Žilka Filip\Downloads\office 2010 professional original dvd
C:\Program Files (x86)\qualitink
C:\Windows\AutoKMS
C:\Users\Žilka Filip\AppData\Local\Temp\Quarantine.exe

Hosts:
CMD: shutdown /r /f /t 2
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Preventivka

Napsal: 15 říj 2013 10:09
od ziliph
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by Žilka Filip at 2013-10-15 11:04:12 Run:1
Running from C:\Users\Žilka Filip\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876456 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA048AA72B242CE01
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb

CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx

S2 Util qualitink; C:\Program Files (x86)\qualitink\bin\utilqualitink.exe [65312 2013-10-13] (qualitink)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job => C:\Users\}ilka Filip\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:F25DDE13

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_B85787955A3A24DB2F1ED99A6B250C88" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f

2013-10-07 08:12 - 2013-10-07 08:14 - 00000000 ____D C:\Users\Žilka Filip\Downloads\Microsoft Office Professional Plus 2010 CZ 64 bit
2013-10-07 08:07 - 2013-10-07 08:11 - 00000000 ____D C:\Users\Žilka Filip\Downloads\office 2010 professional original dvd
C:\Program Files (x86)\qualitink
C:\Windows\AutoKMS
C:\Users\Žilka Filip\AppData\Local\Temp\Quarantine.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key deleted successfully.
HKCR\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ljkcijnbckdflhifmbnfnkjacokloacf => Key deleted successfully.
"C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx" => File/Directory not found.
Util qualitink => Service deleted successfully.
pccsmcfd => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2687775889-4293437917-3383097516-1000UA.job => Moved successfully.
C:\ProgramData\TEMP => ":F25DDE13" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_B85787955A3A24DB2F1ED99A6B250C88" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f =========

The operation completed successfully.



========= End of Reg: =========

C:\Users\Žilka Filip\Downloads\Microsoft Office Professional Plus 2010 CZ 64 bit => Moved successfully.
C:\Users\Žilka Filip\Downloads\office 2010 professional original dvd => Moved successfully.
C:\Program Files (x86)\qualitink => Moved successfully.
C:\Windows\AutoKMS => Moved successfully.
C:\Users\Žilka Filip\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz