VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Stále se opakující složka (vyřešeno)

https://forum.viry.cz:443/viewtopic.php?t=140030

Stránka 1 z 1

Stále se opakující složka (vyřešeno)

Napsal: 03 zář 2014 12:23
od virion
Před několika měsící jsem si na ploše vytvořil složku Pepíček_Album, kde jsem měl nějaké fotky. Poté jsem ji smazal. Ovšem když otevřu stránku knife.cz objeví se mi tato složka na ploše znovu (sama zde vznikne). Uvnitř této složky je podložka Oblíbené položky (nevím ale proč). Samozřejmě složku Pepíček_Album smažu, ale když další den otevřu knife.cz, objeví se na ploše znovu.


Logfile of random's system information tool 1.10 (written by random/random)
Run by kesik at 2014-09-03 13:17:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 778 GB (82%) free of 954 GB
Total RAM: 7126 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:17:28, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files\trend micro\kesik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6898 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3920.138048c0.1159072490 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3920 "\\.\pipe\gecko-crash-server-pipe.3920" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash1964.67A56E98.28247 --host-broker-channel=Flash1964.67A56E98.14174 --host-pid=1964 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=3008.0045F2B4.1876043758 --proxy-stub-channel=Flash1964.67A56E98.28247 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer

C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"D:\k_instalaci\WIN 7 64 BIT\programy\antiviry\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/advanced_search?"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2012-11-29 7406392]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-08-09 5263504]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 10:51:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-02 20:10:22 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-08-31 18:38:33 ----A---- C:\Windows\system32\win32k.sys
2014-08-31 18:38:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-31 18:38:32 ----A---- C:\Windows\system32\gdi32.dll
2014-08-13 07:58:41 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 07:58:41 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 07:58:41 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 07:58:41 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 07:58:40 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 07:58:39 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 07:58:30 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 07:58:30 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 07:38:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 07:38:51 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:38:45 ----A---- C:\Windows\system32\msi.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 07:38:44 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 07:38:44 ----A---- C:\Windows\system32\consent.exe
2014-08-13 07:38:44 ----A---- C:\Windows\system32\authui.dll
2014-08-13 07:38:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 07:38:41 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 07:38:41 ----A---- C:\Windows\system32\shell32.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 07:38:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 07:38:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 07:38:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 07:38:35 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 07:38:35 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 07:38:33 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:38:32 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 07:37:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 07:37:58 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-13 07:37:57 ----A---- C:\Windows\system32\aepdu.dll
2014-08-13 07:37:57 ----A---- C:\Windows\system32\aeinv.dll
2014-08-11 18:35:21 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2014-09-03 13:17:28 ----D---- C:\Windows\Prefetch
2014-09-03 13:17:27 ----D---- C:\Program Files\trend micro
2014-09-03 12:22:27 ----SHD---- C:\Windows\Installer
2014-09-03 12:21:58 ----D---- C:\Program Files (x86)\OpenOffice 4
2014-09-03 12:21:56 ----RSD---- C:\Windows\assembly
2014-09-03 12:21:36 ----RSD---- C:\Windows\Fonts
2014-09-03 12:20:43 ----SHD---- C:\System Volume Information
2014-09-03 12:18:21 ----D---- C:\Windows\Temp
2014-09-03 10:51:43 ----RD---- C:\Program Files (x86)
2014-09-03 09:59:29 ----D---- C:\Windows\system32\config
2014-09-03 09:42:56 ----D---- C:\Windows\System32
2014-09-03 09:42:56 ----D---- C:\Windows\inf
2014-09-03 09:42:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-03 09:40:09 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-03 09:38:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-02 08:09:34 ----D---- C:\Users\kesik\AppData\Roaming\vlc
2014-09-01 18:15:13 ----D---- C:\Users\kesik\AppData\Roaming\MyPhoneExplorer
2014-08-31 18:41:27 ----D---- C:\Windows\winsxs
2014-08-31 18:40:15 ----D---- C:\Windows\SysWOW64
2014-08-31 18:37:43 ----D---- C:\Windows\system32\catroot
2014-08-24 07:27:28 ----D---- C:\Windows\system32\catroot2
2014-08-13 12:20:18 ----D---- C:\Windows\rescache
2014-08-13 10:46:26 ----D---- C:\Windows\Microsoft.NET
2014-08-13 10:17:17 ----D---- C:\Windows\ehome
2014-08-13 10:17:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-13 10:17:11 ----D---- C:\Windows\system32\cs-CZ
2014-08-13 10:17:10 ----D---- C:\Windows\system32\drivers
2014-08-13 10:17:10 ----D---- C:\Program Files\Internet Explorer
2014-08-13 10:17:09 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 10:17:08 ----D---- C:\Windows\system32\en-US
2014-08-13 10:17:08 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 10:17:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-13 08:04:31 ----D---- C:\Windows\system32\MRT
2014-08-13 08:01:45 ----A---- C:\Windows\system32\MRT.exe
2014-08-13 07:58:03 ----SD---- C:\Windows\system32\CompatTel
2014-08-11 18:35:45 ----D---- C:\ProgramData\Oracle
2014-08-11 18:35:32 ----D---- C:\Program Files (x86)\Common Files
2014-08-11 18:35:14 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 athr;Wireless PCI Adapter Driver Service; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-11 1579520]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-07-19 110744]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2012-10-03 66360]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [2012-10-03 43832]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-08-03 2206352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-08-03 27792]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-03 114288]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-19 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

Re: Stále se opakující složka

Napsal: 03 zář 2014 17:09
od Rudy
Zdravím!
Není mi sice jasné, jak je toto možné, ale zkusíme PC vyčistit. Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Stále se opakující složka

Napsal: 03 zář 2014 19:43
od virion
Tak ještě upřesním, že se složka obnovuje i při spuštění IE (skoro ho nepoužívám).
Je uložena ve složce C:\Users\kesik\Contacts\Desktop. Vůbec netuším jakou může mít souvislost složka a internetové prohlížeče...


# AdwCleaner v3.309 - Report created 03/09/2014 at 20:30:34
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kesik - KESIK-PC
# Running from : C:\Users\kesik\Contacts\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\YourFileDownloader

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v32.0 (x86 cs)

[ File : C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1220 octets] - [03/09/2014 20:29:44]
AdwCleaner[S0].txt - [1143 octets] - [03/09/2014 20:30:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1203 octets] ##########

Re: Stále se opakující složka

Napsal: 03 zář 2014 19:59
od Rudy
Dejte nový log RSIT.

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:17
od virion
Logfile of random's system information tool 1.10 (written by random/random)
Run by kesik at 2014-09-03 21:17:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 777 GB (82%) free of 954 GB
Total RAM: 7126 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:18, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\kesik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6587 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\k_instalaci\WIN 7 64 BIT\programy\antiviry\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/advanced_search?"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2012-11-29 7406392]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-08-09 5263504]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 20:29:40 ----D---- C:\AdwCleaner
2014-09-03 10:51:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-02 20:10:22 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-08-31 18:38:33 ----A---- C:\Windows\system32\win32k.sys
2014-08-31 18:38:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-31 18:38:32 ----A---- C:\Windows\system32\gdi32.dll
2014-08-13 07:58:41 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 07:58:41 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 07:58:41 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 07:58:41 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 07:58:40 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 07:58:39 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 07:58:30 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 07:58:30 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 07:38:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 07:38:51 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:38:45 ----A---- C:\Windows\system32\msi.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 07:38:44 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 07:38:44 ----A---- C:\Windows\system32\consent.exe
2014-08-13 07:38:44 ----A---- C:\Windows\system32\authui.dll
2014-08-13 07:38:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 07:38:41 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 07:38:41 ----A---- C:\Windows\system32\shell32.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 07:38:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 07:38:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 07:38:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 07:38:35 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 07:38:35 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 07:38:33 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:38:32 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 07:37:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 07:37:58 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-13 07:37:57 ----A---- C:\Windows\system32\aepdu.dll
2014-08-13 07:37:57 ----A---- C:\Windows\system32\aeinv.dll
2014-08-11 18:35:21 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2014-09-03 21:17:17 ----D---- C:\Program Files\trend micro
2014-09-03 21:08:29 ----D---- C:\Windows\Prefetch
2014-09-03 20:45:44 ----D---- C:\Windows\system32\config
2014-09-03 20:36:47 ----D---- C:\Windows\System32
2014-09-03 20:36:47 ----D---- C:\Windows\inf
2014-09-03 20:36:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-03 20:34:42 ----D---- C:\Windows\Temp
2014-09-03 20:33:35 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-03 20:26:09 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-03 12:22:27 ----SHD---- C:\Windows\Installer
2014-09-03 12:21:58 ----D---- C:\Program Files (x86)\OpenOffice 4
2014-09-03 12:21:56 ----RSD---- C:\Windows\assembly
2014-09-03 12:21:36 ----RSD---- C:\Windows\Fonts
2014-09-03 12:20:43 ----SHD---- C:\System Volume Information
2014-09-03 10:51:43 ----RD---- C:\Program Files (x86)
2014-09-02 08:09:34 ----D---- C:\Users\kesik\AppData\Roaming\vlc
2014-09-01 18:15:13 ----D---- C:\Users\kesik\AppData\Roaming\MyPhoneExplorer
2014-08-31 18:41:27 ----D---- C:\Windows\winsxs
2014-08-31 18:40:15 ----D---- C:\Windows\SysWOW64
2014-08-31 18:37:43 ----D---- C:\Windows\system32\catroot
2014-08-24 07:27:28 ----D---- C:\Windows\system32\catroot2
2014-08-13 12:20:18 ----D---- C:\Windows\rescache
2014-08-13 10:46:26 ----D---- C:\Windows\Microsoft.NET
2014-08-13 10:17:17 ----D---- C:\Windows\ehome
2014-08-13 10:17:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-13 10:17:11 ----D---- C:\Windows\system32\cs-CZ
2014-08-13 10:17:10 ----D---- C:\Windows\system32\drivers
2014-08-13 10:17:10 ----D---- C:\Program Files\Internet Explorer
2014-08-13 10:17:09 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 10:17:08 ----D---- C:\Windows\system32\en-US
2014-08-13 10:17:08 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 10:17:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-13 08:04:31 ----D---- C:\Windows\system32\MRT
2014-08-13 08:01:45 ----A---- C:\Windows\system32\MRT.exe
2014-08-13 07:58:03 ----SD---- C:\Windows\system32\CompatTel
2014-08-11 18:35:45 ----D---- C:\ProgramData\Oracle
2014-08-11 18:35:32 ----D---- C:\Program Files (x86)\Common Files
2014-08-11 18:35:14 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 athr;Wireless PCI Adapter Driver Service; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-11 1579520]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-07-19 110744]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2012-10-03 66360]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [2012-10-03 43832]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-08-03 2206352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-08-03 27792]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-03 114288]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-19 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:22
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:28
od virion
Složka bohužel vyskočila znovu.


All processes killed
========== FILES ==========
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj folder moved successfully.
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources folder moved successfully.
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\MacOS folder moved successfully.
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents folder moved successfully.
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin folder moved successfully.
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins folder moved successfully.
C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: kesik
->Temp folder emptied: 139596335 bytes
->Temporary Internet Files folder emptied: 300500 bytes
->Java cache emptied: 546421 bytes
->FireFox cache emptied: 36343074 bytes
->Flash cache emptied: 506 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24621364 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40104 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78213 bytes
RecycleBin emptied: 263549155 bytes

Total Files Cleaned = 444,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: kesik
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09032014_212432

Files moved on Reboot...
C:\Users\kesik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\kesik\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:28
od virion
Logfile of random's system information tool 1.10 (written by random/random)
Run by kesik at 2014-09-03 21:27:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 778 GB (82%) free of 954 GB
Total RAM: 7126 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:27:16, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\trend micro\kesik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6414 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\09032014_212432.log
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"D:\k_instalaci\WIN 7 64 BIT\programy\antiviry\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kesik\AppData\Roaming\Mozilla\Firefox\Profiles\pzujx4y3.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/advanced_search?"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2012-11-29 7406392]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-08-09 5263504]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 21:24:32 ----D---- C:\_OTM
2014-09-03 20:29:40 ----D---- C:\AdwCleaner
2014-09-03 10:51:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-02 20:10:22 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-08-31 18:38:33 ----A---- C:\Windows\system32\win32k.sys
2014-08-31 18:38:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-31 18:38:32 ----A---- C:\Windows\system32\gdi32.dll
2014-08-13 07:58:41 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 07:58:41 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 07:58:41 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 07:58:41 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 07:58:40 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 07:58:39 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 07:58:30 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 07:58:30 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 07:38:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 07:38:51 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-13 07:38:47 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:38:45 ----A---- C:\Windows\system32\msi.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 07:38:44 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 07:38:44 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 07:38:44 ----A---- C:\Windows\system32\consent.exe
2014-08-13 07:38:44 ----A---- C:\Windows\system32\authui.dll
2014-08-13 07:38:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 07:38:41 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 07:38:41 ----A---- C:\Windows\system32\shell32.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 07:38:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 07:38:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 07:38:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 07:38:38 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 07:38:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 07:38:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:38:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 07:38:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 07:38:36 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 07:38:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 07:38:35 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 07:38:35 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 07:38:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 07:38:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 07:38:33 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:38:32 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:38:32 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 07:37:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 07:37:58 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-13 07:37:57 ----A---- C:\Windows\system32\aepdu.dll
2014-08-13 07:37:57 ----A---- C:\Windows\system32\aeinv.dll
2014-08-11 18:35:21 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-11 18:35:19 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2014-09-03 21:27:15 ----D---- C:\Program Files\trend micro
2014-09-03 21:26:38 ----D---- C:\Windows\Temp
2014-09-03 21:25:08 ----D---- C:\Windows\system32\config
2014-09-03 21:25:08 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-03 21:24:30 ----D---- C:\Windows\Prefetch
2014-09-03 20:36:47 ----D---- C:\Windows\System32
2014-09-03 20:36:47 ----D---- C:\Windows\inf
2014-09-03 20:36:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-03 20:26:09 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-03 12:22:27 ----SHD---- C:\Windows\Installer
2014-09-03 12:21:58 ----D---- C:\Program Files (x86)\OpenOffice 4
2014-09-03 12:21:56 ----RSD---- C:\Windows\assembly
2014-09-03 12:21:36 ----RSD---- C:\Windows\Fonts
2014-09-03 12:20:43 ----SHD---- C:\System Volume Information
2014-09-03 10:51:43 ----RD---- C:\Program Files (x86)
2014-09-02 08:09:34 ----D---- C:\Users\kesik\AppData\Roaming\vlc
2014-09-01 18:15:13 ----D---- C:\Users\kesik\AppData\Roaming\MyPhoneExplorer
2014-08-31 18:41:27 ----D---- C:\Windows\winsxs
2014-08-31 18:40:15 ----D---- C:\Windows\SysWOW64
2014-08-31 18:37:43 ----D---- C:\Windows\system32\catroot
2014-08-24 07:27:28 ----D---- C:\Windows\system32\catroot2
2014-08-13 12:20:18 ----D---- C:\Windows\rescache
2014-08-13 10:46:26 ----D---- C:\Windows\Microsoft.NET
2014-08-13 10:17:17 ----D---- C:\Windows\ehome
2014-08-13 10:17:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-13 10:17:11 ----D---- C:\Windows\system32\cs-CZ
2014-08-13 10:17:10 ----D---- C:\Windows\system32\drivers
2014-08-13 10:17:10 ----D---- C:\Program Files\Internet Explorer
2014-08-13 10:17:09 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 10:17:08 ----D---- C:\Windows\system32\en-US
2014-08-13 10:17:08 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 10:17:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-13 08:04:31 ----D---- C:\Windows\system32\MRT
2014-08-13 08:01:45 ----A---- C:\Windows\system32\MRT.exe
2014-08-13 07:58:03 ----SD---- C:\Windows\system32\CompatTel
2014-08-11 18:35:45 ----D---- C:\ProgramData\Oracle
2014-08-11 18:35:32 ----D---- C:\Program Files (x86)\Common Files
2014-08-11 18:35:14 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 athr;Wireless PCI Adapter Driver Service; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-11 1579520]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-07-19 110744]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2012-10-03 66360]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [2012-10-03 43832]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-08-03 2206352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-08-03 27792]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-03 114288]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-19 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:35
od Rudy
Znovu spusťte OTM tímto skriptem:
:files
C:\Users\kesik\Contacts

:commands
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC.

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:39
od virion
Ehm, to mi smaže zástupce z plochy?

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:46
od Rudy
Aha. Všiml jsem si, že máte poněkud divné umístění Plochy - C:\Users\kesik\Contacts. Standardně by měla být v C:\Users\kesik\Desktop. V tom asi bude tem problém. Nevím, jak se stalo, že se plocha dostala do složky Contacts. OTM skript nespouštějte.

Re: Stále se opakující složka

Napsal: 03 zář 2014 20:51
od virion
Když je přesunu do složky Desktop, tak mi skoro všechny zmizí.

Re: Stále se opakující složka

Napsal: 03 zář 2014 21:18
od Rudy
Tak to nevím proč. Ta složka, co se vám stále objevuje, má zřejmě něco společného se složkou contacts a proto to tak funguje. Kdyby jste měl klasicky C:\Users\kesik\Desktop, zřejmě by se bylo po problému.

Re: Stále se opakující složka

Napsal: 04 zář 2014 11:38
od virion
Tak sem nakonec zjistil, že hlavní problém byl v tom, že v oné složce byla právě podložka Oblíbené položky, na které odkazoval soudruh registr. Tam sem příslušné záznamy upravil a vypadá to, že už všechno běží správně.
Vyřešeno.

Re: Stále se opakující složka (vyřešeno)

Napsal: 04 zář 2014 17:07
od Rudy
Tak to jsem rád.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz