VIRY.CZ

Zdravím,
mám notebook plný různých reklam v prohlížeči a každý z prohlížečů pomalu načítá stránky. (jedná se o jiný počítač než v mém současně otevřeném topicu)
Zkoušel jsem rozchodit Combofix, ale ten mi hlásí, že mám Windows 2000, a tedy nejde spustit (přitom mám Win7 x64)
Co by se s tím dalo dělat?
Děkuji,
Zde je log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Misa at 2014-06-07 11:17:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 190 GB (50%) free of 382 GB
Total RAM: 3959 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:17:24, on 7.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\wisen wizard\bin\wisenwizard.BrowserAdapter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Misa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13014
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RandoMPricea - {0B7449AB-D29B-1E46-A056-DBA6693C8729} - C:\ProgramData\RandoMPricea\D.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: wisen wizard - {d7bbe586-f42a-454b-9794-776b57483a40} - C:\Program Files (x86)\wisen wizard\wisenwizardBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncauyhcSrv] C:\Windows\system32\mncauyhc.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Launcher6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
O4 - HKLM\..\Run: [DocuPrint 6015N RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnctsxdSrv] C:\Windows\system32\mnctsxd.vbe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Misa\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [SystemProc] C:\Users\Public\Other\run_shc.lnk
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: MacroWorks 3.1.lnk = C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update wisen wizard - Unknown owner - C:\Program Files (x86)\wisen wizard\updatewisenwizard.exe
O23 - Service: Util wisen wizard - Unknown owner - C:\Program Files (x86)\wisen wizard\bin\utilwisenwizard.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe

--
End of file - 9491 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\wisen wizard\bin\utilwisenwizard.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 3200
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\Explorer.exe"
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/26500"
"C:\Program Files (x86)\wisen wizard\bin\wisenwizard.PurBrowse64.exe" /l false /s false /c "wisen wizard" /t "C:\Program Files (x86)\wisen wizard\bin\TEMP" /i "http://apiwisenwizardne-a.akamaihd.net/ ... 0000000000" /d {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64 /p 42bcc0b0-3fbc-46c5-88d6-336afd681103:chrome
\??\C:\Windows\system32\conhost.exe "1005849820363307741-1704201174-19967111771069970306-6356625471983152921-984341891
/c 42bcc0b0-3fbc-46c5-88d6-336afd681103 /s /z "n=wisenwizard&is=epo000CZ&dpt=21"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8480.0.1021218034\921893857" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x0a2d --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/Label=Stable3:SkipWhitelist=Enabled:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderAlwaysControl=Enabled:SkipHTTPS=Enabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8480.15.55801661\1950405972" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/Label=Stable3:SkipWhitelist=Enabled:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderAlwaysControl=Enabled:SkipHTTPS=Enabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8480.26.1334437180\1277304305" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8480.27.247879464\1313497672" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe31_ Global\UsGthrCtrlFltPipeMssGthrPipe31 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/Label=Stable3:SkipWhitelist=Enabled:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderAlwaysControl=Enabled:SkipHTTPS=Enabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8480.29.1231136606\1365842389" /prefetch:673131151
"C:\Users\Misa\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B7449AB-D29B-1E46-A056-DBA6693C8729}]
RandoMPricea - C:\ProgramData\RandoMPricea\D.x64.dll [2014-05-08 474112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B7449AB-D29B-1E46-A056-DBA6693C8729}]
RandoMPricea - C:\ProgramData\RandoMPricea\D.dll [2014-05-08 425472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7bbe586-f42a-454b-9794-776b57483a40}]
wisen wizard - C:\Program Files (x86)\wisen wizard\wisenwizardBHO.dll [2014-05-01 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"SystemProc"=C:\Users\Public\Other\run_shc.lnk []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-05-02 3588952]
"uTorrent"=C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1271376]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"mncauyhcSrv"=C:\Windows\system32\mncauyhc.vbe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Launcher6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-05-19 2571264]
"DocuPrint 6015N RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2011-05-23 355840]
"StatusAutoRun6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2011-05-23 4477440]
"MSStp"=C:\Windows\inf\msstp.vbe [2014-03-05 1584]
"mnctsxdSrv"=C:\Windows\system32\mnctsxd.vbe []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-05-13 3814736]

C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MacroWorks 3.1.lnk - C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-07 11:17:20 ----D---- C:\rsit
2014-06-07 11:17:20 ----D---- C:\Program Files\trend micro
2014-06-07 10:47:28 ----SD---- C:\ComboFix
2014-06-01 10:27:11 ----A---- C:\Windows\wp.INI
2014-06-01 10:14:25 ----D---- C:\Worms2
2014-06-01 10:13:12 ----A---- C:\Windows\SYSWOW64\KMVIDC32.DLL
2014-06-01 09:49:23 ----D---- C:\Worms Armageddon
2014-05-31 23:05:35 ----D---- C:\Worms World Party
2014-05-31 19:42:30 ----D---- C:\Program Files (x86)\Worms Revolution
2014-05-28 13:52:56 ----D---- C:\Program Files\Bus Simulator
2014-05-21 17:11:18 ----D---- C:\ProgramData\EA Core
2014-05-21 17:11:16 ----D---- C:\ProgramData\EA Logs
2014-05-18 19:46:43 ----D---- C:\Users\Misa\AppData\Roaming\Synthesia
2014-05-18 19:46:22 ----D---- C:\Program Files (x86)\Synthesia
2014-05-18 12:33:17 ----D---- C:\Windows\Sun
2014-05-18 11:36:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\java.exe
2014-05-15 21:04:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 21:04:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 21:04:14 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 21:04:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 15:29:02 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 15:29:00 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 15:28:59 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 15:28:54 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 15:28:25 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 15:28:23 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 15:28:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 15:28:22 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 15:28:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 15:28:22 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 15:28:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 15:28:21 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 15:28:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 15:28:20 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 15:28:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 15:28:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:28:19 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 15:28:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 15:28:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 15:28:18 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 15:28:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 15:28:17 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 15:28:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 15:28:17 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 15:28:17 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 15:28:17 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 12:28:54 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-05-08 13:38:40 ----D---- C:\ProgramData\RandoMPricea

======List of files/folders modified in the last 1 month======

2014-06-07 11:17:21 ----D---- C:\Windows\temp
2014-06-07 11:17:20 ----RD---- C:\Program Files
2014-06-07 10:59:55 ----RD---- C:\Program Files (x86)
2014-06-07 10:59:45 ----D---- C:\Program Files (x86)\Google
2014-06-07 10:56:01 ----SHD---- C:\Windows\Installer
2014-06-07 10:51:27 ----D---- C:\Windows\Tasks
2014-06-07 10:51:27 ----D---- C:\Windows\system32\Tasks
2014-06-07 10:47:38 ----SHD---- C:\System Volume Information
2014-06-07 10:47:25 ----D---- C:\Windows\system32\drivers
2014-06-07 10:42:19 ----D---- C:\Qoobox
2014-06-07 10:36:38 ----D---- C:\Users\Misa\AppData\Roaming\uTorrent
2014-06-07 09:25:43 ----A---- C:\Windows\win.ini
2014-06-07 09:15:51 ----D---- C:\Program Files (x86)\Steam
2014-06-07 09:06:06 ----D---- C:\Windows\system32\NDF
2014-06-07 09:03:44 ----D---- C:\Windows\system32\config
2014-06-07 08:55:09 ----D---- C:\Users\Misa\AppData\Roaming\Skype
2014-06-07 08:55:05 ----D---- C:\ProgramData\Origin
2014-06-07 08:55:03 ----D---- C:\Users\Misa\AppData\Roaming\newnext.me
2014-06-07 08:54:52 ----D---- C:\Program Files (x86)\Origin
2014-06-07 08:48:07 ----RD---- C:\Program Files (x86)\Skype
2014-06-07 08:48:07 ----D---- C:\Program Files (x86)\Common Files
2014-06-07 08:48:02 ----D---- C:\ProgramData\Skype
2014-06-07 08:44:45 ----D---- C:\ProgramData\NVIDIA
2014-06-01 12:09:51 ----D---- C:\Windows\Microsoft.NET
2014-06-01 12:09:03 ----RSD---- C:\Windows\assembly
2014-06-01 10:27:11 ----D---- C:\Windows
2014-06-01 10:13:12 ----D---- C:\Windows\SysWOW64
2014-05-31 23:05:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-31 19:45:07 ----D---- C:\Windows\winsxs
2014-05-31 12:02:10 ----D---- C:\Windows\system32\wdi
2014-05-22 08:49:49 ----SD---- C:\Users\Misa\AppData\Roaming\Microsoft
2014-05-21 17:11:18 ----D---- C:\ProgramData
2014-05-21 13:04:59 ----D---- C:\Program Files (x86)\Origin Games
2014-05-18 12:04:55 ----A---- C:\Windows\system.ini
2014-05-18 12:04:32 ----D---- C:\Windows\system32\drivers\etc
2014-05-18 12:00:15 ----D---- C:\Program Files (x86)\Supporter
2014-05-18 11:54:10 ----D---- C:\Windows\SYSWOW64\drivers
2014-05-18 11:54:10 ----D---- C:\Windows\AppPatch
2014-05-18 11:36:29 ----D---- C:\ProgramData\Oracle
2014-05-18 11:36:12 ----D---- C:\Program Files (x86)\Java
2014-05-18 11:23:06 ----D---- C:\Users\Misa\AppData\Roaming\Seznam.cz
2014-05-16 17:00:18 ----D---- C:\Users\Misa\AppData\Roaming\.minecraft
2014-05-16 12:35:57 ----SD---- C:\Windows\system32\CompatTel
2014-05-16 12:35:57 ----D---- C:\Windows\System32
2014-05-16 12:35:51 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 21:04:19 ----D---- C:\Windows\system32\catroot
2014-05-15 21:03:50 ----D---- C:\Windows\system32\MRT
2014-05-15 21:02:09 ----A---- C:\Windows\system32\MRT.exe
2014-05-15 15:28:42 ----D---- C:\Windows\system32\catroot2
2014-05-14 20:14:55 ----D---- C:\ProgramData\Electronic Arts
2014-05-09 17:58:24 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-08 13:38:54 ----D---- C:\ProgramData\9592eb269e68befc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64;{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64; C:\Windows\system32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys [2014-04-29 61120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-09 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 2228048]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 377616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 Util wisen wizard;Util wisen wizard; C:\Program Files (x86)\wisen wizard\bin\utilwisenwizard.exe [2014-05-31 317728]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XRNADB;XRcnStatutsDatabase; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [2011-05-23 95232]
S2 be0fb33b;Supporter; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe []
S2 Update wisen wizard;Update wisen wizard; C:\Program Files (x86)\wisen wizard\updatewisenwizard.exe [2014-05-31 317728]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by Misa (administrator) on MISA-PC on 07-06-2014 11:20:42
Running from C:\Users\Misa\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\wisen wizard\bin\utilwisenwizard.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(PI Engineering) C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\wisen wizard\bin\wisenwizard.PurBrowse64.exe
() C:\Program Files (x86)\wisen wizard\bin\wisenwizard.BrowserAdapter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Misa\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mncauyhcSrv] => C:\Windows\SysWOW64\mncauyhc.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Launcher6015N] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2571264 2011-05-19] (Xerox)
HKLM-x32\...\Run: [DocuPrint 6015N RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2011-05-23] ()
HKLM-x32\...\Run: [StatusAutoRun6015N] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4477440 2011-05-23] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctsxdSrv] => C:\Windows\SysWOW64\mnctsxd.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-2638994720-480925200-2635197728-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2638994720-480925200-2635197728-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2638994720-480925200-2635197728-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Misa\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2638994720-480925200-2635197728-1000\...\Run: [SystemProc] => C:\Users\Public\Other\run_shc.lnk
HKU\S-1-5-21-2638994720-480925200-2635197728-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-05-02] (Electronic Arts)
HKU\S-1-5-21-2638994720-480925200-2635197728-1000\...\Run: [uTorrent] => C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe [1271376 2014-05-29] (BitTorrent Inc.)
Startup: C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MacroWorks 3.1.lnk
ShortcutTarget: MacroWorks 3.1.lnk -> C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe (PI Engineering)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13014
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {33FA4F14-A7F2-4568-8940-9DFB4743DDDD} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13014
SearchScopes: HKCU - {52FC99FE-8F25-4092-92BF-8FCAB21FB61D} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13014
SearchScopes: HKCU - {5C473AAB-0370-4BFF-BB61-9E4A5B4E4A1A} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13014
SearchScopes: HKCU - {7989EA8C-E594-46D1-8E59-43435C05DFA6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13014
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {AEBB6738-13ED-4E93-82EA-2FD804389F86} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13014
SearchScopes: HKCU - {B64E694C-08AF-4ED1-AE20-CD326EAD9F6A} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13014
SearchScopes: HKCU - {C34BD442-4498-40C7-98B3-863FEA374F47} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13014
SearchScopes: HKCU - {D0C76087-D78A-4EAF-B7A8-5751F9D23B5C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13014
SearchScopes: HKCU - {D5677D0E-C689-4F2B-81E2-116E3A4AE96E} URL = http://search.seznam.cz/?q={searchTerms ... arch_13014
BHO: RandoMPricea - {0B7449AB-D29B-1E46-A056-DBA6693C8729} - C:\ProgramData\RandoMPricea\D.x64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: RandoMPricea - {0B7449AB-D29B-1E46-A056-DBA6693C8729} - C:\ProgramData\RandoMPricea\D.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: wisen wizard - {d7bbe586-f42a-454b-9794-776b57483a40} - C:\Program Files (x86)\wisen wizard\wisenwizardBHO.dll (wisen wizard)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-73ae31ae795e410c\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Misa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: iMeshPlugin - C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll No File

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-07]
CHR Extension: (Disk Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-07]
CHR Extension: (YouTube) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-07]
CHR Extension: (Peněženka Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-07]
CHR Extension: (Gmail) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-07]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S2 Update wisen wizard; C:\Program Files (x86)\wisen wizard\updatewisenwizard.exe [317728 2014-05-31] ()
R2 Util wisen wizard; C:\Program Files (x86)\wisen wizard\bin\utilwisenwizard.exe [317728 2014-05-31] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2013-12-18] (AVG)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [95232 2011-05-23] ()
S2 be0fb33b; "C:\Windows\system32\rundll32.exe" "c:\progra~2\suppor~1\SupporterSvc.dll",service
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-09] (Disc Soft Ltd)
R1 {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64; C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys [61120 2014-04-29] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-07 11:20 - 2014-06-07 11:21 - 00013577 _____ () C:\Users\Misa\Desktop\FRST.txt
2014-06-07 11:20 - 2014-06-07 11:20 - 00029696 _____ () C:\Users\Misa\AppData\Local\MSGBOX.EXE
2014-06-07 11:20 - 2014-06-07 11:20 - 00015327 _____ () C:\Users\Misa\Desktop\LM.bat
2014-06-07 11:20 - 2014-06-07 11:20 - 00000000 ____D () C:\FRST
2014-06-07 11:17 - 2014-06-07 11:17 - 00000000 ____D () C:\rsit
2014-06-07 11:17 - 2014-06-07 11:17 - 00000000 ____D () C:\Program Files\trend micro
2014-06-07 11:16 - 2014-06-07 11:16 - 00112640 _____ (forum.viry.cz) C:\Users\Misa\Desktop\FRSTLauncher.exe
2014-06-07 10:59 - 2014-06-07 10:59 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-07 10:59 - 2014-06-07 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-07 10:57 - 2014-06-07 10:59 - 02072576 _____ (Farbar) C:\Users\Misa\Desktop\FRST64.exe
2014-06-07 10:56 - 2014-06-07 10:59 - 01222144 _____ () C:\Users\Misa\Desktop\RSITx64.exe
2014-06-07 10:51 - 2014-06-07 10:56 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-07 10:51 - 2014-06-07 10:56 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-07 10:51 - 2014-06-07 10:51 - 00003842 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-07 10:51 - 2014-06-07 10:51 - 00003590 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-07 10:47 - 2014-06-07 10:47 - 00000000 ___SD () C:\ComboFix
2014-06-07 10:41 - 2014-06-07 10:40 - 05205146 ____R (Swearware) C:\Users\Misa\Desktop\ComboFix.exe
2014-06-07 10:40 - 2014-06-07 10:40 - 05205146 _____ (Swearware) C:\Users\Misa\Downloads\ComboFix (1).exe
2014-06-07 10:35 - 2014-06-07 10:40 - 00918672 _____ (Google Inc.) C:\Users\Misa\Downloads\ChromeSetup.exe
2014-06-07 08:46 - 2014-06-07 08:46 - 00000022 _____ () C:\Users\Misa\Desktop\Worms.txt
2014-06-01 10:27 - 2014-06-01 10:27 - 00000083 _____ () C:\Windows\wp.INI
2014-06-01 10:26 - 1998-04-08 00:41 - 08619189 _____ (Funduc Software Inc.) C:\Users\Misa\Desktop\W2P005_English.exe
2014-06-01 10:25 - 2014-06-01 10:26 - 02803994 _____ () C:\Users\Misa\Downloads\W2P005_English.zip
2014-06-01 10:24 - 2014-06-01 10:24 - 00004856 _____ () C:\Users\Misa\Downloads\SR-WORM2.ZIP
2014-06-01 10:24 - 2014-06-01 10:24 - 00000000 ____D () C:\Users\Misa\Downloads\SR-WORM2
2014-06-01 10:16 - 2014-06-01 10:16 - 00000000 ____D () C:\Users\Misa\Desktop\Patch
2014-06-01 10:16 - 2002-01-15 15:08 - 02686464 _____ () C:\Users\Misa\Desktop\Patch.exe
2014-06-01 10:14 - 2014-06-01 10:21 - 00000000 ____D () C:\Worms2
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms2
2014-06-01 10:13 - 2014-06-01 10:21 - 00047104 _____ () C:\Windows\SysWOW64\KMVIDC32.DLL
2014-06-01 09:49 - 2014-06-01 09:49 - 00000000 ____D () C:\Worms Armageddon
2014-06-01 09:46 - 2014-06-01 09:46 - 00000000 ____D () C:\Users\Misa\Downloads\WA
2014-06-01 00:28 - 2014-06-01 00:28 - 00154769 _____ () C:\Users\Misa\Downloads\WWP-Colour-Fix-for-Vista.zip
2014-05-31 23:07 - 2014-06-01 09:50 - 00000949 _____ () C:\Users\Misa\Desktop\Worms Armageddon.lnk
2014-05-31 23:07 - 2014-05-31 23:07 - 00000969 _____ () C:\Users\Misa\Desktop\Worms World Party.lnk
2014-05-31 23:05 - 2014-06-07 08:56 - 00000000 ____D () C:\Worms World Party
2014-05-31 23:05 - 2014-06-01 09:15 - 00000000 ____D () C:\Users\Misa\Downloads\Worms2
2014-05-31 23:05 - 2014-05-31 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2014-05-31 23:00 - 2014-06-01 09:17 - 674939902 _____ (Igor Pavlov) C:\Users\Misa\Downloads\Worms Armageddon v3.7.2.1.exe
2014-05-31 21:09 - 2014-05-31 22:19 - 594497536 _____ () C:\Users\Misa\Downloads\Worms World Party.iso
2014-05-31 19:47 - 2014-05-31 19:47 - 00000000 ____D () C:\Users\Misa\AppData\Local\FLT
2014-05-31 19:44 - 2014-05-31 19:44 - 00001984 _____ () C:\Users\Public\Desktop\Worms Revolution.lnk
2014-05-31 19:44 - 2014-05-31 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Revolution
2014-05-31 19:42 - 2014-05-31 19:44 - 00000000 ____D () C:\Program Files (x86)\Worms Revolution
2014-05-31 12:18 - 2014-05-31 16:06 - 00000000 ____D () C:\Users\Misa\Downloads\Worms_Revolution-FLT
2014-05-31 12:11 - 2014-05-31 12:11 - 00332288 _____ () C:\Users\Misa\Downloads\Game Setup File__2871_il2150.exe
2014-05-29 11:31 - 2014-06-07 10:29 - 00000000 ____D () C:\Users\Misa\Documents\Bus Driver
2014-05-29 11:31 - 2014-05-29 11:31 - 00001986 _____ () C:\Users\Misa\Desktop\busdriver – zástupce.lnk
2014-05-29 11:26 - 2014-05-29 11:26 - 00000000 ____D () C:\Users\Misa\Desktop\script – kopie
2014-05-29 11:26 - 2014-05-29 11:26 - 00000000 ____D () C:\Users\Misa\Desktop\script
2014-05-29 11:25 - 2014-05-29 11:25 - 00182364 _____ () C:\Users\Misa\Downloads\Bus Driver AN.rar
2014-05-29 11:22 - 2014-05-29 11:22 - 00000000 ____D () C:\Users\Misa\Downloads\Bus driver english
2014-05-29 11:11 - 2014-05-29 11:22 - 61146032 _____ () C:\Users\Misa\Downloads\Bus driver english.7z
2014-05-29 11:11 - 2014-05-29 11:11 - 00000849 _____ () C:\Users\Misa\Desktop\µTorrent.lnk
2014-05-29 11:09 - 2014-05-29 11:09 - 01271376 _____ (BitTorrent Inc.) C:\Users\Misa\Downloads\uTorrent (1).exe
2014-05-29 10:29 - 2014-05-29 10:37 - 32648921 _____ () C:\Users\Misa\Downloads\Bus-Simulator-2008.iso.rar
2014-05-29 09:37 - 2014-05-29 09:37 - 00471424 _____ () C:\Users\Misa\Downloads\NineGame_514292_in.apk
2014-05-29 09:34 - 2014-05-29 09:36 - 34840341 _____ () C:\Users\Misa\Downloads\2013072514551169222b_bussimulator3d_9game.apk
2014-05-28 15:10 - 2014-05-28 15:10 - 00001656 _____ () C:\Users\Misa\Desktop\Vlaky na Raz dva.txt
2014-05-28 13:55 - 2014-05-28 14:02 - 00001713 _____ () C:\Users\Misa\Desktop\Bus Simulator.lnk
2014-05-28 13:52 - 2014-05-28 14:02 - 00000000 ____D () C:\Program Files\Bus Simulator
2014-05-28 13:39 - 2014-05-28 13:40 - 00000044 _____ () C:\Users\Misa\Desktop\Klíč youtube Vyhledávání.txt
2014-05-28 13:32 - 2014-05-28 13:32 - 00357728 _____ (Softonic) C:\Users\Misa\Downloads\SoftonicDownloader_for_european-bus-simulator-2012.exe
2014-05-21 17:56 - 2014-05-21 17:56 - 00000000 ____D () C:\Users\Misa\Documents\My Cheat Tables
2014-05-21 17:55 - 2014-05-21 17:55 - 07141335 _____ () C:\Users\Misa\Downloads\plants trainer.rar
2014-05-21 17:55 - 2014-05-21 17:55 - 01759480 _____ (Bandoo Media Inc) C:\Users\Misa\Downloads\iLividSetup-r1250-n-bc.exe
2014-05-21 17:11 - 2014-05-21 17:11 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-21 13:11 - 2014-05-21 13:11 - 00001275 _____ () C:\Users\Public\Desktop\Plants vs. Zombies.lnk
2014-05-21 13:11 - 2014-05-21 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies
2014-05-18 20:51 - 2014-05-18 20:51 - 00000000 ____D () C:\Users\Misa\AppData\Local\Lazy 8 Studios
2014-05-18 19:46 - 2014-05-18 20:49 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Synthesia
2014-05-18 19:46 - 2014-05-18 19:46 - 02821848 _____ (Synthesia LLC) C:\Users\Misa\Downloads\Synthesia-9.0-installer.exe
2014-05-18 19:46 - 2014-05-18 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
2014-05-18 19:46 - 2014-05-18 19:46 - 00000000 ____D () C:\Program Files (x86)\Synthesia
2014-05-18 19:28 - 2014-05-18 19:28 - 00000221 _____ () C:\Users\Misa\Desktop\Cogs.url
2014-05-18 15:01 - 2014-05-18 15:01 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RailDriver for Trainz
2014-05-18 15:01 - 2014-05-18 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RailDriver for Trainz
2014-05-18 15:00 - 2014-05-18 15:00 - 01529970 _____ (P.I. Engineering, Inc.) C:\Users\Misa\Downloads\rdts12sp1.exe
2014-05-18 14:59 - 2014-05-18 15:00 - 01529886 _____ (P.I. Engineering, Inc.) C:\Users\Misa\Downloads\rdts2009.exe
2014-05-18 12:33 - 2014-05-18 12:33 - 00000000 ____D () C:\Windows\Sun
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-18 11:39 - 2014-05-18 11:39 - 03972608 _____ () C:\Users\Misa\Downloads\RogueKiller (1).exe
2014-05-18 11:36 - 2014-05-18 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 11:36 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-18 11:36 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-18 11:36 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-18 11:36 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-18 11:35 - 2014-05-18 11:43 - 00000000 ____D () C:\Users\Misa\Desktop\antivir
2014-05-18 11:34 - 2014-05-18 11:36 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-18 11:33 - 2014-05-18 11:33 - 00921512 _____ (Oracle Corporation) C:\Users\Misa\Downloads\chromeinstall-7u55.exe
2014-05-16 17:21 - 2014-05-16 17:22 - 05565454 _____ () C:\Users\Misa\Downloads\mari0-win.zip
2014-05-16 16:49 - 2014-05-16 16:50 - 24420851 _____ () C:\Users\Misa\Downloads\Minecraft mod.zip
2014-05-15 21:04 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 21:04 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 21:04 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 21:04 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 21:04 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 21:04 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 15:29 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:29 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:28 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:28 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:28 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:28 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:28 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:28 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:28 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:28 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:28 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:28 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:28 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:28 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:28 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:28 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:28 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:28 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:28 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:28 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:28 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:28 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:28 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:28 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:28 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:28 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:28 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:28 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 12:28 - 2014-05-14 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 12:28 - 2014-05-14 12:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-11 19:48 - 2014-05-11 19:48 - 01299168 _____ (Josef Harkabus ) C:\Users\Misa\Downloads\CR_310.exe
2014-05-11 19:44 - 2014-05-11 20:47 - 00000000 ____D () C:\Users\Misa\Desktop\CR 310 MSTS
2014-05-11 15:46 - 2014-05-11 16:04 - 09292605 _____ () C:\Users\Misa\Downloads\MHD-simulator-2009.rar
2014-05-11 14:49 - 2014-05-11 15:04 - 34130777 _____ () C:\Users\Misa\Downloads\GLOBAL.ZIP
2014-05-09 17:58 - 2014-05-09 17:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-08 13:38 - 2014-05-08 13:38 - 00000000 ____D () C:\ProgramData\RandoMPricea

==================== One Month Modified Files and Folders =======

2014-06-07 11:21 - 2014-06-07 11:20 - 00013577 _____ () C:\Users\Misa\Desktop\FRST.txt
2014-06-07 11:21 - 2014-02-01 15:22 - 00000000 ____D () C:\Users\Misa\AppData\Local\Temp
2014-06-07 11:20 - 2014-06-07 11:20 - 00029696 _____ () C:\Users\Misa\AppData\Local\MSGBOX.EXE
2014-06-07 11:20 - 2014-06-07 11:20 - 00015327 _____ () C:\Users\Misa\Desktop\LM.bat
2014-06-07 11:20 - 2014-06-07 11:20 - 00000000 ____D () C:\FRST
2014-06-07 11:17 - 2014-06-07 11:17 - 00000000 ____D () C:\rsit
2014-06-07 11:17 - 2014-06-07 11:17 - 00000000 ____D () C:\Program Files\trend micro
2014-06-07 11:16 - 2014-06-07 11:16 - 00112640 _____ (forum.viry.cz) C:\Users\Misa\Desktop\FRSTLauncher.exe
2014-06-07 10:59 - 2014-06-07 10:59 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-07 10:59 - 2014-06-07 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-07 10:59 - 2014-06-07 10:57 - 02072576 _____ (Farbar) C:\Users\Misa\Desktop\FRST64.exe
2014-06-07 10:59 - 2014-06-07 10:56 - 01222144 _____ () C:\Users\Misa\Desktop\RSITx64.exe
2014-06-07 10:59 - 2014-02-01 17:24 - 00000000 ____D () C:\Users\Misa\AppData\Local\Google
2014-06-07 10:59 - 2014-02-01 17:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-07 10:56 - 2014-06-07 10:51 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-07 10:56 - 2014-06-07 10:51 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-07 10:51 - 2014-06-07 10:51 - 00003842 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-07 10:51 - 2014-06-07 10:51 - 00003590 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-07 10:47 - 2014-06-07 10:47 - 00000000 ___SD () C:\ComboFix
2014-06-07 10:47 - 2014-03-30 01:13 - 00000000 ____D () C:\Users\Misa\AppData\Local\LogMeIn Hamachi
2014-06-07 10:42 - 2014-03-08 21:30 - 00000000 ____D () C:\Qoobox
2014-06-07 10:40 - 2014-06-07 10:41 - 05205146 ____R (Swearware) C:\Users\Misa\Desktop\ComboFix.exe
2014-06-07 10:40 - 2014-06-07 10:40 - 05205146 _____ (Swearware) C:\Users\Misa\Downloads\ComboFix (1).exe
2014-06-07 10:40 - 2014-06-07 10:35 - 00918672 _____ (Google Inc.) C:\Users\Misa\Downloads\ChromeSetup.exe
2014-06-07 10:39 - 2014-02-01 15:14 - 02030686 _____ () C:\Windows\WindowsUpdate.log
2014-06-07 10:36 - 2014-03-15 12:18 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\uTorrent
2014-06-07 10:32 - 2014-02-01 17:24 - 00000000 ____D () C:\Users\Misa\AppData\Local\Deployment
2014-06-07 10:32 - 2014-02-01 17:24 - 00000000 ____D () C:\Users\Misa\AppData\Local\Apps\2.0
2014-06-07 10:29 - 2014-05-29 11:31 - 00000000 ____D () C:\Users\Misa\Documents\Bus Driver
2014-06-07 09:39 - 2014-02-24 17:12 - 00000000 _____ () C:\Users\Misa\AppData\Roaming\FileOut.cns
2014-06-07 09:39 - 2014-02-24 17:12 - 00000000 _____ () C:\Users\Misa\AppData\Roaming\FileIn.cns
2014-06-07 09:25 - 2009-07-14 04:34 - 00000532 _____ () C:\Windows\win.ini
2014-06-07 09:15 - 2014-02-01 17:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-07 09:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-07 08:56 - 2014-05-31 23:05 - 00000000 ____D () C:\Worms World Party
2014-06-07 08:56 - 2009-07-14 06:45 - 00015488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-07 08:56 - 2009-07-14 06:45 - 00015488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-07 08:55 - 2014-05-02 13:21 - 00000000 ____D () C:\ProgramData\Origin
2014-06-07 08:55 - 2014-03-30 09:46 - 00004270 _____ () C:\Users\Misa\rgut
2014-06-07 08:55 - 2014-03-09 10:42 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\newnext.me
2014-06-07 08:55 - 2014-02-04 17:29 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Skype
2014-06-07 08:54 - 2014-05-02 13:21 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-07 08:48 - 2014-02-04 17:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-07 08:48 - 2014-02-04 17:29 - 00000000 ____D () C:\ProgramData\Skype
2014-06-07 08:46 - 2014-06-07 08:46 - 00000022 _____ () C:\Users\Misa\Desktop\Worms.txt
2014-06-07 08:44 - 2014-04-06 17:31 - 00005755 _____ () C:\Windows\setupact.log
2014-06-07 08:44 - 2014-02-01 15:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-07 08:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-01 10:27 - 2014-06-01 10:27 - 00000083 _____ () C:\Windows\wp.INI
2014-06-01 10:26 - 2014-06-01 10:25 - 02803994 _____ () C:\Users\Misa\Downloads\W2P005_English.zip
2014-06-01 10:24 - 2014-06-01 10:24 - 00004856 _____ () C:\Users\Misa\Downloads\SR-WORM2.ZIP
2014-06-01 10:24 - 2014-06-01 10:24 - 00000000 ____D () C:\Users\Misa\Downloads\SR-WORM2
2014-06-01 10:21 - 2014-06-01 10:14 - 00000000 ____D () C:\Worms2
2014-06-01 10:21 - 2014-06-01 10:13 - 00047104 _____ () C:\Windows\SysWOW64\KMVIDC32.DLL
2014-06-01 10:16 - 2014-06-01 10:16 - 00000000 ____D () C:\Users\Misa\Desktop\Patch
2014-06-01 10:14 - 2014-06-01 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms2
2014-06-01 09:50 - 2014-05-31 23:07 - 00000949 _____ () C:\Users\Misa\Desktop\Worms Armageddon.lnk
2014-06-01 09:49 - 2014-06-01 09:49 - 00000000 ____D () C:\Worms Armageddon
2014-06-01 09:46 - 2014-06-01 09:46 - 00000000 ____D () C:\Users\Misa\Downloads\WA
2014-06-01 09:17 - 2014-05-31 23:00 - 674939902 _____ (Igor Pavlov) C:\Users\Misa\Downloads\Worms Armageddon v3.7.2.1.exe
2014-06-01 09:15 - 2014-05-31 23:05 - 00000000 ____D () C:\Users\Misa\Downloads\Worms2
2014-06-01 00:32 - 2014-03-08 22:17 - 00000000 ____D () C:\Users\Misa\AppData\Local\CrashDumps
2014-06-01 00:28 - 2014-06-01 00:28 - 00154769 _____ () C:\Users\Misa\Downloads\WWP-Colour-Fix-for-Vista.zip
2014-05-31 23:07 - 2014-05-31 23:07 - 00000969 _____ () C:\Users\Misa\Desktop\Worms World Party.lnk
2014-05-31 23:06 - 2014-03-09 10:57 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-31 23:05 - 2014-05-31 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2014-05-31 23:05 - 2014-03-11 16:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-31 22:19 - 2014-05-31 21:09 - 594497536 _____ () C:\Users\Misa\Downloads\Worms World Party.iso
2014-05-31 19:47 - 2014-05-31 19:47 - 00000000 ____D () C:\Users\Misa\AppData\Local\FLT
2014-05-31 19:46 - 2014-02-01 17:59 - 00166272 _____ () C:\Windows\DirectX.log
2014-05-31 19:44 - 2014-05-31 19:44 - 00001984 _____ () C:\Users\Public\Desktop\Worms Revolution.lnk
2014-05-31 19:44 - 2014-05-31 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Revolution
2014-05-31 19:44 - 2014-05-31 19:42 - 00000000 ____D () C:\Program Files (x86)\Worms Revolution
2014-05-31 16:06 - 2014-05-31 12:18 - 00000000 ____D () C:\Users\Misa\Downloads\Worms_Revolution-FLT
2014-05-31 12:11 - 2014-05-31 12:11 - 00332288 _____ () C:\Users\Misa\Downloads\Game Setup File__2871_il2150.exe
2014-05-29 11:31 - 2014-05-29 11:31 - 00001986 _____ () C:\Users\Misa\Desktop\busdriver – zástupce.lnk
2014-05-29 11:26 - 2014-05-29 11:26 - 00000000 ____D () C:\Users\Misa\Desktop\script – kopie
2014-05-29 11:26 - 2014-05-29 11:26 - 00000000 ____D () C:\Users\Misa\Desktop\script
2014-05-29 11:25 - 2014-05-29 11:25 - 00182364 _____ () C:\Users\Misa\Downloads\Bus Driver AN.rar
2014-05-29 11:22 - 2014-05-29 11:22 - 00000000 ____D () C:\Users\Misa\Downloads\Bus driver english
2014-05-29 11:22 - 2014-05-29 11:11 - 61146032 _____ () C:\Users\Misa\Downloads\Bus driver english.7z
2014-05-29 11:11 - 2014-05-29 11:11 - 00000849 _____ () C:\Users\Misa\Desktop\µTorrent.lnk
2014-05-29 11:09 - 2014-05-29 11:09 - 01271376 _____ (BitTorrent Inc.) C:\Users\Misa\Downloads\uTorrent (1).exe
2014-05-29 10:37 - 2014-05-29 10:29 - 32648921 _____ () C:\Users\Misa\Downloads\Bus-Simulator-2008.iso.rar
2014-05-29 09:37 - 2014-05-29 09:37 - 00471424 _____ () C:\Users\Misa\Downloads\NineGame_514292_in.apk
2014-05-29 09:36 - 2014-05-29 09:34 - 34840341 _____ () C:\Users\Misa\Downloads\2013072514551169222b_bussimulator3d_9game.apk
2014-05-28 15:10 - 2014-05-28 15:10 - 00001656 _____ () C:\Users\Misa\Desktop\Vlaky na Raz dva.txt
2014-05-28 14:02 - 2014-05-28 13:55 - 00001713 _____ () C:\Users\Misa\Desktop\Bus Simulator.lnk
2014-05-28 14:02 - 2014-05-28 13:52 - 00000000 ____D () C:\Program Files\Bus Simulator
2014-05-28 13:57 - 2014-02-01 15:22 - 00000000 ____D () C:\Users\Misa\AppData\Local\VirtualStore
2014-05-28 13:55 - 2014-03-12 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2014-05-28 13:40 - 2014-05-28 13:39 - 00000044 _____ () C:\Users\Misa\Desktop\Klíč youtube Vyhledávání.txt
2014-05-28 13:32 - 2014-05-28 13:32 - 00357728 _____ (Softonic) C:\Users\Misa\Downloads\SoftonicDownloader_for_european-bus-simulator-2012.exe
2014-05-21 17:56 - 2014-05-21 17:56 - 00000000 ____D () C:\Users\Misa\Documents\My Cheat Tables
2014-05-21 17:55 - 2014-05-21 17:55 - 07141335 _____ () C:\Users\Misa\Downloads\plants trainer.rar
2014-05-21 17:55 - 2014-05-21 17:55 - 01759480 _____ (Bandoo Media Inc) C:\Users\Misa\Downloads\iLividSetup-r1250-n-bc.exe
2014-05-21 17:11 - 2014-05-21 17:11 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-21 13:11 - 2014-05-21 13:11 - 00001275 _____ () C:\Users\Public\Desktop\Plants vs. Zombies.lnk
2014-05-21 13:11 - 2014-05-21 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs. Zombies
2014-05-21 13:11 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 13:04 - 2014-05-02 13:23 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-18 20:51 - 2014-05-18 20:51 - 00000000 ____D () C:\Users\Misa\AppData\Local\Lazy 8 Studios
2014-05-18 20:49 - 2014-05-18 19:46 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Synthesia
2014-05-18 19:46 - 2014-05-18 19:46 - 02821848 _____ (Synthesia LLC) C:\Users\Misa\Downloads\Synthesia-9.0-installer.exe
2014-05-18 19:46 - 2014-05-18 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
2014-05-18 19:46 - 2014-05-18 19:46 - 00000000 ____D () C:\Program Files (x86)\Synthesia
2014-05-18 19:28 - 2014-05-18 19:28 - 00000221 _____ () C:\Users\Misa\Desktop\Cogs.url
2014-05-18 19:28 - 2014-02-01 19:27 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-18 15:01 - 2014-05-18 15:01 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RailDriver for Trainz
2014-05-18 15:01 - 2014-05-18 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RailDriver for Trainz
2014-05-18 15:00 - 2014-05-18 15:00 - 01529970 _____ (P.I. Engineering, Inc.) C:\Users\Misa\Downloads\rdts12sp1.exe
2014-05-18 15:00 - 2014-05-18 14:59 - 01529886 _____ (P.I. Engineering, Inc.) C:\Users\Misa\Downloads\rdts2009.exe
2014-05-18 12:38 - 2014-02-01 21:07 - 00197518 _____ () C:\Windows\PFRO.log
2014-05-18 12:33 - 2014-05-18 12:33 - 00000000 ____D () C:\Windows\Sun
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-18 12:18 - 2014-05-18 12:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-18 12:04 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-18 12:00 - 2014-05-01 16:55 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-05-18 11:43 - 2014-05-18 11:35 - 00000000 ____D () C:\Users\Misa\Desktop\antivir
2014-05-18 11:41 - 2014-03-08 21:45 - 00000000 ____D () C:\Users\Misa\Desktop\RK_Quarantine
2014-05-18 11:39 - 2014-05-18 11:39 - 03972608 _____ () C:\Users\Misa\Downloads\RogueKiller (1).exe
2014-05-18 11:36 - 2014-05-18 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 11:36 - 2014-05-18 11:34 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-18 11:36 - 2014-02-02 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-18 11:36 - 2014-02-02 13:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-18 11:33 - 2014-05-18 11:33 - 00921512 _____ (Oracle Corporation) C:\Users\Misa\Downloads\chromeinstall-7u55.exe
2014-05-18 11:23 - 2014-04-17 09:55 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Seznam.cz
2014-05-16 17:22 - 2014-05-16 17:21 - 05565454 _____ () C:\Users\Misa\Downloads\mari0-win.zip
2014-05-16 17:00 - 2014-02-03 09:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\.minecraft
2014-05-16 16:50 - 2014-05-16 16:49 - 24420851 _____ () C:\Users\Misa\Downloads\Minecraft mod.zip
2014-05-16 12:39 - 2014-02-01 15:23 - 00000000 ___RD () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 12:39 - 2014-02-01 15:23 - 00000000 ___RD () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 12:35 - 2014-04-30 21:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 21:03 - 2014-02-01 16:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 21:02 - 2014-02-01 16:07 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 20:14 - 2014-05-02 13:21 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-14 12:28 - 2014-05-14 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 12:28 - 2014-05-14 12:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 12:28 - 2014-04-16 12:52 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-11 20:58 - 2013-11-02 09:33 - 00000000 ____D () C:\Users\Misa\Desktop\MSTS NEW
2014-05-11 20:47 - 2014-05-11 19:44 - 00000000 ____D () C:\Users\Misa\Desktop\CR 310 MSTS
2014-05-11 19:48 - 2014-05-11 19:48 - 01299168 _____ (Josef Harkabus ) C:\Users\Misa\Downloads\CR_310.exe
2014-05-11 18:15 - 2012-05-21 16:06 - 00000685 _____ () C:\Users\Misa\Desktop\crash.txt
2014-05-11 16:53 - 2014-04-21 15:47 - 00000000 ____D () C:\Users\Misa\Documents\TrackMania
2014-05-11 16:04 - 2014-05-11 15:46 - 09292605 _____ () C:\Users\Misa\Downloads\MHD-simulator-2009.rar
2014-05-11 15:04 - 2014-05-11 14:49 - 34130777 _____ () C:\Users\Misa\Downloads\GLOBAL.ZIP
2014-05-11 10:28 - 2014-02-01 10:07 - 00000000 ____D () C:\Users\Misa\Desktop\Stara plocha
2014-05-10 18:45 - 2012-08-17 20:59 - 00000833 _____ () C:\Users\Misa\Desktop\Nargonuv LP Minecraft S02E16 - Enchant, koleje, bezpečnost.website
2014-05-09 17:58 - 2014-05-09 17:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-09 08:14 - 2014-05-15 15:28 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 13:38 - 2014-05-08 13:38 - 00000000 ____D () C:\ProgramData\RandoMPricea
2014-05-08 13:38 - 2014-05-01 16:55 - 00000000 ____D () C:\ProgramData\9592eb269e68befc

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 20:29

==================== End Of Log ============================

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v3.212 - Report created 07/06/2014 at 12:42:23
# Updated 05/06/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (64 bits)
# Username : Misa - MISA-PC
# Running from : C:\Users\Misa\Desktop\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : be0fb33b
[#] Service Deleted : Update wisen wizard
[#] Service Deleted : Util wisen wizard

***** [ Files / Folders ] *****

Folder Deleted : C:\Updater
Folder Deleted : C:\ProgramData\apn
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\RandoMPricea
Folder Deleted : C:\Program Files (x86)\supporter
[!] Folder Deleted : C:\Program Files (x86)\wisen wizard
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Misa\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Misa\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Misa\AppData\Local\genienext
Folder Deleted : C:\Users\Misa\AppData\Local\iMesh
Folder Deleted : C:\Users\Misa\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Misa\AppData\Local\torch
Folder Deleted : C:\Users\Misa\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Misa\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Misa\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Misa\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Users\Misa\Documents\Mobogenie
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\torch
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Misa\daemonprocess.txt
File Deleted : C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
File Deleted : C:\Users\Misa\Desktop\iMesh.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Key Deleted : HKLM\SOFTWARE\Classes\RRanndomPrice.RRanndomPrice
Key Deleted : HKLM\SOFTWARE\Classes\RRanndomPrice.RRanndomPrice.6.1
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{282B0E54-8981-49EB-9193-5910A1F6FD33}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{282B0E54-8981-49EB-9193-5910A1F6FD33}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B7449AB-D29B-1E46-A056-DBA6693C8729}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Imesh
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : [x64] HKCU\Software\Imesh
Key Deleted : [x64] HKCU\Software\Softonic
Key Deleted : [x64] HKCU\Software\Somoto
Key Deleted : [x64] HKCU\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1012&systemid=1&v=n11551-260&apn_uid=2204677299404357&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}

*************************

AdwCleaner[R0].txt - [10701 octets] - [07/06/2014 12:25:49]
AdwCleaner[S0].txt - [10531 octets] - [07/06/2014 12:42:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10592 octets] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Misa at 2014-06-13 10:24:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 180 GB (47%) free of 382 GB
Total RAM: 3959 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:24:22, on 13.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\trend micro\Misa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13014
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: wisen wizard - {d7bbe586-f42a-454b-9794-776b57483a40} - C:\Program Files (x86)\wisen wizard\wisenwizardBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncauyhcSrv] C:\Windows\system32\mncauyhc.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Launcher6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
O4 - HKLM\..\Run: [DocuPrint 6015N RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnctsxdSrv] C:\Windows\system32\mnctsxd.vbe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SystemProc] C:\Users\Public\Other\run_shc.lnk
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: MacroWorks 3.1.lnk = C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe

--
End of file - 8706 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
WLIDSvcM.exe 2116
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
\??\C:\Windows\system32\conhost.exe "583119490764945644-12535107071490833968-9405019339025857391666187235-1290015923
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
\??\C:\Windows\system32\conhost.exe "-71822207683046309413791459741610958398-21253336201883315552-1950784705600361270
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
WicaInventory.exe /apps /fast /ext "exe,sys" /output "C:\Windows\TEMP\CompatTelemetryLogs\WICA_Programs_MISA-PC.xml" /log "C:\Windows\TEMP\CompatTelemetryLogs" "C:\Windows\system32\CompatTel"
\??\C:\Windows\system32\conhost.exe "1050479228-176087161-13765720921780957103625328834-1072520522-653702343955793701
"C:\Users\Misa\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7bbe586-f42a-454b-9794-776b57483a40}]
wisen wizard - C:\Program Files (x86)\wisen wizard\wisenwizardBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"SystemProc"=C:\Users\Public\Other\run_shc.lnk []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-05-02 3588952]
"uTorrent"=C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1271376]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"mncauyhcSrv"=C:\Windows\system32\mncauyhc.vbe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Launcher6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-05-19 2571264]
"DocuPrint 6015N RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2011-05-23 355840]
"StatusAutoRun6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2011-05-23 4477440]
"MSStp"=C:\Windows\inf\msstp.vbe [2014-03-05 1584]
"mnctsxdSrv"=C:\Windows\system32\mnctsxd.vbe []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-05-13 3814736]

C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MacroWorks 3.1.lnk - C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-12 17:31:55 ----SHD---- C:\$RECYCLE.BIN
2014-06-12 17:04:51 ----SD---- C:\ComboFix
2014-06-11 14:36:52 ----D---- C:\OMSI 2
2014-06-11 13:14:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-11 13:14:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-11 13:14:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-11 13:14:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:14:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-11 13:14:18 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 13:14:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:14:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-11 13:14:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-11 13:14:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-11 13:14:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 13:14:17 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:14:17 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-11 13:14:17 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 13:14:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-11 13:14:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-11 13:14:16 ----A---- C:\Windows\system32\iesetup.dll
2014-06-11 13:14:16 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-11 13:14:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 13:14:15 ----A---- C:\Windows\system32\iernonce.dll
2014-06-11 13:14:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 13:14:14 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-11 13:14:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:14:12 ----A---- C:\Windows\system32\msrating.dll
2014-06-11 13:14:12 ----A---- C:\Windows\system32\mshtml.dll
2014-06-11 13:06:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 13:06:00 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 12:52:12 ----A---- C:\Windows\system32\aepdu.dll
2014-06-11 12:52:11 ----A---- C:\Windows\system32\aeinv.dll
2014-06-07 12:31:00 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-07 12:25:46 ----D---- C:\AdwCleaner
2014-06-07 11:20:16 ----D---- C:\FRST
2014-06-07 11:17:20 ----D---- C:\rsit
2014-06-07 11:17:20 ----D---- C:\Program Files\trend micro
2014-06-01 10:27:11 ----A---- C:\Windows\wp.INI
2014-06-01 10:14:25 ----D---- C:\Worms2
2014-06-01 10:13:12 ----A---- C:\Windows\SYSWOW64\KMVIDC32.DLL
2014-06-01 09:49:23 ----D---- C:\Worms Armageddon
2014-05-31 23:05:35 ----D---- C:\Worms World Party
2014-05-31 19:42:30 ----D---- C:\Program Files (x86)\Worms Revolution
2014-05-28 13:52:56 ----D---- C:\Program Files\Bus Simulator
2014-05-21 17:11:18 ----D---- C:\ProgramData\EA Core
2014-05-21 17:11:16 ----D---- C:\ProgramData\EA Logs
2014-05-18 19:46:43 ----D---- C:\Users\Misa\AppData\Roaming\Synthesia
2014-05-18 19:46:22 ----D---- C:\Program Files (x86)\Synthesia
2014-05-18 12:33:17 ----D---- C:\Windows\Sun
2014-05-18 11:36:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\java.exe
2014-05-15 15:29:02 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 15:29:00 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 15:28:25 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 15:28:23 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 15:28:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 15:28:22 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 15:28:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 15:28:22 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 15:28:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 15:28:21 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 15:28:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 15:28:20 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 15:28:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 15:28:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:28:19 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 15:28:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 15:28:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 15:28:18 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 15:28:18 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 15:28:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 15:28:17 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 15:28:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 15:28:17 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 15:28:17 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 15:28:17 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 12:28:54 ----D---- C:\Program Files (x86)\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2014-06-13 10:24:01 ----D---- C:\Windows\temp
2014-06-13 10:22:02 ----D---- C:\Users\Misa\AppData\Roaming\Skype
2014-06-13 10:21:59 ----D---- C:\ProgramData\Origin
2014-06-13 10:21:33 ----D---- C:\Users\Misa\AppData\Roaming\uTorrent
2014-06-13 10:19:27 ----D---- C:\Program Files (x86)\Origin
2014-06-13 10:18:12 ----D---- C:\ProgramData\NVIDIA
2014-06-12 17:05:45 ----D---- C:\Windows\system32\config
2014-06-12 17:03:57 ----D---- C:\Windows\system32\drivers
2014-06-12 09:09:14 ----D---- C:\Windows\winsxs
2014-06-12 09:07:25 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-12 09:07:25 ----D---- C:\Windows\SysWOW64
2014-06-12 09:07:25 ----D---- C:\Program Files\Internet Explorer
2014-06-12 09:07:24 ----D---- C:\Windows\system32\en-US
2014-06-12 09:07:24 ----D---- C:\Windows\System32
2014-06-12 09:07:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-12 09:07:23 ----D---- C:\Windows\system32\DriverStore
2014-06-12 08:52:10 ----D---- C:\Windows\system32\MRT
2014-06-12 08:49:42 ----A---- C:\Windows\system32\MRT.exe
2014-06-12 08:45:32 ----SD---- C:\Windows\system32\CompatTel
2014-06-12 08:45:02 ----SHD---- C:\System Volume Information
2014-06-12 08:44:58 ----D---- C:\Windows\system32\catroot2
2014-06-11 12:52:08 ----D---- C:\Windows\system32\catroot
2014-06-08 10:31:10 ----D---- C:\Program Files (x86)\Steam
2014-06-07 12:43:46 ----A---- C:\Windows\win.ini
2014-06-07 12:42:27 ----D---- C:\Program Files (x86)\wisen wizard
2014-06-07 12:42:26 ----RD---- C:\Program Files (x86)
2014-06-07 12:42:26 ----D---- C:\ProgramData
2014-06-07 12:08:39 ----D---- C:\Windows\system32\NDF
2014-06-07 11:21:39 ----D---- C:\Windows
2014-06-07 11:17:20 ----RD---- C:\Program Files
2014-06-07 10:59:45 ----D---- C:\Program Files (x86)\Google
2014-06-07 10:56:01 ----SHD---- C:\Windows\Installer
2014-06-07 10:51:27 ----D---- C:\Windows\Tasks
2014-06-07 10:51:27 ----D---- C:\Windows\system32\Tasks
2014-06-07 10:42:19 ----D---- C:\Qoobox
2014-06-07 08:48:09 ----D---- C:\ProgramData\Skype
2014-06-07 08:48:07 ----RD---- C:\Program Files (x86)\Skype
2014-06-07 08:48:07 ----D---- C:\Program Files (x86)\Common Files
2014-06-01 12:09:51 ----D---- C:\Windows\Microsoft.NET
2014-06-01 12:09:03 ----RSD---- C:\Windows\assembly
2014-05-31 23:05:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-31 12:02:10 ----D---- C:\Windows\system32\wdi
2014-05-22 08:49:49 ----SD---- C:\Users\Misa\AppData\Roaming\Microsoft
2014-05-21 13:04:59 ----D---- C:\Program Files (x86)\Origin Games
2014-05-18 12:04:55 ----A---- C:\Windows\system.ini
2014-05-18 12:04:32 ----D---- C:\Windows\system32\drivers\etc
2014-05-18 11:54:10 ----D---- C:\Windows\SYSWOW64\drivers
2014-05-18 11:54:10 ----D---- C:\Windows\AppPatch
2014-05-18 11:36:29 ----D---- C:\ProgramData\Oracle
2014-05-18 11:36:12 ----D---- C:\Program Files (x86)\Java
2014-05-18 11:23:06 ----D---- C:\Users\Misa\AppData\Roaming\Seznam.cz
2014-05-16 17:00:18 ----D---- C:\Users\Misa\AppData\Roaming\.minecraft
2014-05-16 12:35:51 ----D---- C:\Windows\system32\cs-CZ
2014-05-14 20:14:55 ----D---- C:\ProgramData\Electronic Arts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64;{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64; C:\Windows\system32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys [2014-04-29 61120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-09 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 2228048]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 377616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XRNADB;XRcnStatutsDatabase; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [2011-05-23 95232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\wisen wizard
C:\Windows\inf\msstp.vbe
C:\Windows\system32\mnctsxd.vbe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7bbe586-f42a-454b-9794-776b57483a40}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"MSStp"=-
"mnctsxdSrv"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Pročjste jako laik spouštěl ComboFix? Hodláte si nabořit systém, nebo některou z aplikací?

Logfile of random's system information tool 1.10 (written by random/random)
Run by Misa at 2014-06-16 11:09:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 159 GB (42%) free of 382 GB
Total RAM: 3959 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:09:49, on 16.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Misa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13014
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mncauyhcSrv] C:\Windows\system32\mncauyhc.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Launcher6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
O4 - HKLM\..\Run: [DocuPrint 6015N RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SystemProc] C:\Users\Public\Other\run_shc.lnk
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [SystemProc] C:\Users\Public\Other\run_shc.lnk (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\Run: [uTorrent] "C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2638994720-480925200-2635197728-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: MacroWorks 3.1.lnk = C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe

--
End of file - 9643 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
WLIDSvcM.exe 320
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\06162014_105802.log
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe"

"C:\Windows\System32\WScript.exe" "C:\Windows\System32\mncauyhc.vbe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
\??\C:\Windows\system32\conhost.exe "-279630622502699045-612017422-1490189152245048452-716930086-1622895824-275738274
\??\C:\Windows\system32\conhost.exe "13669843810591373811047436632-773155491765777191-917897332118605570-49440449
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4876.0.934669555\1680938821" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x0a2d --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2702 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/Label=Stable3:SkipWhitelist=Enabled:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderAlwaysControl=Enabled:SkipHTTPS=Enabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4876.3.832508605\116207066" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/Label=Stable3:SkipWhitelist=Enabled:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderAlwaysControl=Enabled:SkipHTTPS=Enabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4876.9.738438452\1807208535" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/Label=Stable3:SkipWhitelist=Enabled:LocalPredictor=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=3:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderAlwaysControl=Enabled:SkipHTTPS=Enabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4876.10.758683653\761172218" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Misa\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"SystemProc"=C:\Users\Public\Other\run_shc.lnk []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-05-02 3588952]
"uTorrent"=C:\Users\Misa\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1271376]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mncauyhcSrv"=C:\Windows\system32\mncauyhc.vbe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Launcher6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-05-19 2571264]
"DocuPrint 6015N RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2011-05-23 355840]
"StatusAutoRun6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2011-05-23 4477440]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-05-13 3814736]

C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MacroWorks 3.1.lnk - C:\Program Files (x86)\PI Engineering\MacroWorks 3.1\MacroWorks 3r.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-16 10:58:02 ----D---- C:\_OTM
2014-06-13 10:47:13 ----D---- C:\extinct
2014-06-13 10:40:37 ----D---- C:\Users\Misa\AppData\Roaming\Microsoft Games
2014-06-13 10:33:31 ----D---- C:\ProgramData\Microsoft Games
2014-06-12 17:31:55 ----SHD---- C:\$RECYCLE.BIN
2014-06-12 17:04:51 ----SD---- C:\ComboFix
2014-06-11 14:36:52 ----D---- C:\OMSI 2
2014-06-11 13:14:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-11 13:14:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-11 13:14:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:14:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-11 13:14:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:14:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-11 13:14:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-11 13:14:18 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 13:14:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:14:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-11 13:14:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-11 13:14:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-11 13:14:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 13:14:17 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:14:17 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-11 13:14:17 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 13:14:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-11 13:14:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-11 13:14:16 ----A---- C:\Windows\system32\iesetup.dll
2014-06-11 13:14:16 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-11 13:14:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-11 13:14:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 13:14:15 ----A---- C:\Windows\system32\iernonce.dll
2014-06-11 13:14:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 13:14:14 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 13:14:14 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 13:14:13 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-11 13:14:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:14:12 ----A---- C:\Windows\system32\msrating.dll
2014-06-11 13:14:12 ----A---- C:\Windows\system32\mshtml.dll
2014-06-11 13:06:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 13:06:00 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 12:59:20 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 12:59:20 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 12:58:32 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 12:58:32 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 12:58:32 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 12:58:32 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 12:58:32 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 12:58:32 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 12:58:32 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 12:58:32 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 12:52:12 ----A---- C:\Windows\system32\aepdu.dll
2014-06-11 12:52:11 ----A---- C:\Windows\system32\aeinv.dll
2014-06-07 12:31:00 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-07 12:25:46 ----D---- C:\AdwCleaner
2014-06-07 11:20:16 ----D---- C:\FRST
2014-06-07 11:17:20 ----D---- C:\rsit
2014-06-07 11:17:20 ----D---- C:\Program Files\trend micro
2014-06-01 10:27:11 ----A---- C:\Windows\wp.INI
2014-06-01 10:14:25 ----D---- C:\Worms2
2014-06-01 10:13:12 ----A---- C:\Windows\SYSWOW64\KMVIDC32.DLL
2014-06-01 09:49:23 ----D---- C:\Worms Armageddon
2014-05-31 23:05:35 ----D---- C:\Worms World Party
2014-05-31 19:42:30 ----D---- C:\Program Files (x86)\Worms Revolution
2014-05-28 13:52:56 ----D---- C:\Program Files\Bus Simulator
2014-05-21 17:11:18 ----D---- C:\ProgramData\EA Core
2014-05-21 17:11:16 ----D---- C:\ProgramData\EA Logs
2014-05-18 19:46:43 ----D---- C:\Users\Misa\AppData\Roaming\Synthesia
2014-05-18 19:46:22 ----D---- C:\Program Files (x86)\Synthesia
2014-05-18 12:33:17 ----D---- C:\Windows\Sun
2014-05-18 11:36:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-05-18 11:36:12 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2014-06-16 11:09:48 ----D---- C:\Windows\temp
2014-06-16 11:08:45 ----D---- C:\Users\Misa\AppData\Roaming\Skype
2014-06-16 11:08:02 ----D---- C:\Program Files (x86)\Origin
2014-06-16 11:08:01 ----D---- C:\Users\Misa\AppData\Roaming\uTorrent
2014-06-16 10:59:55 ----D---- C:\ProgramData\NVIDIA
2014-06-16 10:59:07 ----D---- C:\Windows\system32\config
2014-06-16 10:58:50 ----D---- C:\Windows
2014-06-16 10:58:03 ----RD---- C:\Program Files (x86)
2014-06-16 10:58:03 ----D---- C:\Windows\Tasks
2014-06-16 10:58:03 ----D---- C:\Windows\SysWOW64
2014-06-16 10:58:03 ----D---- C:\Windows\inf
2014-06-16 10:55:11 ----D---- C:\Program Files (x86)\Steam
2014-06-16 09:26:51 ----D---- C:\ProgramData\Origin
2014-06-13 13:09:42 ----D---- C:\Windows\winsxs
2014-06-13 13:08:31 ----D---- C:\Windows\System32
2014-06-13 10:58:11 ----SHD---- C:\System Volume Information
2014-06-13 10:57:59 ----SHD---- C:\Windows\Installer
2014-06-13 10:46:25 ----D---- C:\Windows\system32\Tasks
2014-06-13 10:40:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-13 10:40:28 ----D---- C:\Program Files (x86)\Common Files
2014-06-13 10:33:31 ----D---- C:\ProgramData
2014-06-13 10:26:57 ----D---- C:\Program Files (x86)\Microsoft Games
2014-06-12 17:03:57 ----D---- C:\Windows\system32\drivers
2014-06-12 09:07:25 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-12 09:07:25 ----D---- C:\Program Files\Internet Explorer
2014-06-12 09:07:24 ----D---- C:\Windows\system32\en-US
2014-06-12 09:07:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-12 09:07:23 ----D---- C:\Windows\system32\DriverStore
2014-06-12 08:52:10 ----D---- C:\Windows\system32\MRT
2014-06-12 08:49:42 ----A---- C:\Windows\system32\MRT.exe
2014-06-12 08:45:32 ----SD---- C:\Windows\system32\CompatTel
2014-06-12 08:44:58 ----D---- C:\Windows\system32\catroot2
2014-06-11 12:52:08 ----D---- C:\Windows\system32\catroot
2014-06-07 12:43:46 ----A---- C:\Windows\win.ini
2014-06-07 12:08:39 ----D---- C:\Windows\system32\NDF
2014-06-07 11:17:20 ----RD---- C:\Program Files
2014-06-07 10:59:45 ----D---- C:\Program Files (x86)\Google
2014-06-07 10:42:19 ----D---- C:\Qoobox
2014-06-07 08:48:09 ----D---- C:\ProgramData\Skype
2014-06-07 08:48:07 ----RD---- C:\Program Files (x86)\Skype
2014-06-01 12:09:51 ----D---- C:\Windows\Microsoft.NET
2014-06-01 12:09:03 ----RSD---- C:\Windows\assembly
2014-05-31 12:02:10 ----D---- C:\Windows\system32\wdi
2014-05-22 08:49:49 ----SD---- C:\Users\Misa\AppData\Roaming\Microsoft
2014-05-21 13:04:59 ----D---- C:\Program Files (x86)\Origin Games
2014-05-18 12:04:55 ----A---- C:\Windows\system.ini
2014-05-18 12:04:32 ----D---- C:\Windows\system32\drivers\etc
2014-05-18 11:54:10 ----D---- C:\Windows\SYSWOW64\drivers
2014-05-18 11:54:10 ----D---- C:\Windows\AppPatch
2014-05-18 11:36:29 ----D---- C:\ProgramData\Oracle
2014-05-18 11:36:12 ----D---- C:\Program Files (x86)\Java
2014-05-18 11:23:06 ----D---- C:\Users\Misa\AppData\Roaming\Seznam.cz

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64;{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64; C:\Windows\system32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys [2014-04-29 61120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-09 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 2228048]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 377616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XRNADB;XRcnStatutsDatabase; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [2011-05-23 95232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-06-10 542400]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Snažil jsem se ho spustit, protože mi počítač vždycky z toho nejhoršího stavu dostane

oflo píše:Snažil jsem se ho spustit, protože mi počítač vždycky z toho nejhoršího stavu dostane

To je možné, jenže my pak máme problém s identifikací, neboť CF zamete stopy po příp. nákaze, a log RSIT je pak obvykle k ničemu. Navíc (jak píši výše), může mít pro systém zhoubné následky.

Nákaza se vrací, udělějte nový sken CF a dejte log.