Dobrý den,posílám na kontrolu sken,který jsem to po skenu vymazal a teťka tam nic není nicméne mám obavu aby se to znova neobjevilo tak mi prosím pomozte jak an to zda není třeba ješte nejak vyčistit PC,MOC děkuji.
tady je sken který jsem už vymazal,takže jak jsem psal je to OK.
# AdwCleaner v4.002 - Report created 29/10/2014 at 23:06:47
# Updated 27/10/2014 by Xplode
# Database : 2014-10-26.6
# Operating System : Windows 8.1 Pro with Media Center (64 bits)
# Username : Kostík a Irenočka - PC-POKOJÍČEK
# Running from : C:\Users\Kostík a Irenočka\AppData\Local\Temp\Rar$EXa0.428\adwcleaner_4.002.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Users\Kostík a Irenočka\AppData\Local\CrashRpt
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 cs)
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R180].txt - [920 octets] - [29/10/2014 23:06:47]
########## EOF - C:\AdwCleaner\AdwCleaner[R180].txt - [981 octets] ##########
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Sken AdwCleanerom
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sken AdwCleanerom
Zdravím!
ADW smazal 3 klíče AdWare Conduit. Pokud chcete PC dočistit, dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 , nebo FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
ADW smazal 3 klíče AdWare Conduit. Pokud chcete PC dočistit, dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 , nebo FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Dobrý den rudy,ozvu se zítra.Teťla jsem na ProBooku.Má žena spí v pokoji kde je PC taj ji nechci probudit.Zítra se ozvu a pošlu logy.Zatím nashle a MOC děkuji,že mi chcete pomoct.Zatím.
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sken AdwCleanerom
OK. Zítra večer tu budu. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Dobrý večer rudy,promiňte,ale dřív to nešlo jít na PC.Nejdřív vám posílám log ze skenu MalwareBytes Antimalware jelikož našel nejaké trojany tak jsem to už takéž smazal z PC.Tady je log a za chvíli vám pošlu ješte log RSIT
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 31. 10. 2014
Čas skenování: 13:26:02
Protokol: Sken MBam Anti-malware 31.10.2014.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.10.31.04
Databáze rootkitů: v2014.10.22.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: KostAk a IrenoÄ?ka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 327796
Uplynulý čas: 8 min, 29 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
Trojan.Pseudo.tmvwr, C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe, 2440, , [d4ed90875d1f37ffaa89c31826db926e]
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 1
Trojan.Pseudo.tmvwr, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TeamViewer9, , [d4ed90875d1f37ffaa89c31826db926e],
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 1
Trojan.Pseudo.tmvwr, C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe, , [d4ed90875d1f37ffaa89c31826db926e],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 31. 10. 2014
Čas skenování: 13:26:02
Protokol: Sken MBam Anti-malware 31.10.2014.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.10.31.04
Databáze rootkitů: v2014.10.22.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: KostAk a IrenoÄ?ka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 327796
Uplynulý čas: 8 min, 29 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
Trojan.Pseudo.tmvwr, C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe, 2440, , [d4ed90875d1f37ffaa89c31826db926e]
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 1
Trojan.Pseudo.tmvwr, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TeamViewer9, , [d4ed90875d1f37ffaa89c31826db926e],
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 1
Trojan.Pseudo.tmvwr, C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe, , [d4ed90875d1f37ffaa89c31826db926e],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Tady je RSIT log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kostík a Irenočka at 2014-10-31 22:33:13
Microsoft Windows 8.1 Pro s aplikací Media Center
System drive C: has 895 GB (94%) free of 954 GB
Total RAM: 8161 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:33:20, on 31. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Kostík a Irenočka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe" /MINIMIZED
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [icq] C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CyberLink Product - 2014/05/05 17:56:49 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files\WinArchiver\WAService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10271 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\WinArchiver\WAService.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
dashost.exe {1868060a-4c98-4e85-a281f8ca390f4a1f}
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4f8d35db-2118-42ef-8b59-335fc5a421ba -SystemEventPortName:HostProcess-107730d9-fba2-4e7c-a7a3-b3120d380b07 -IoCancelEventPortName:HostProcess-fd0a3f65-709a-4772-9b32-02716a870687 -NonStateChangingEventPortName:HostProcess-d5081735-8c97-45f7-b237-b60f6d0bb7a5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9be4b524-c023-4977-8ea8-08b12d7fbcb2 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
taskhostex.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
taskhost.exe $(Arg0)
"C:\Users\Kostík a Irenočka\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default
prefs.js - "browser.startup.homepage" - "https://www.e-quip.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default\searchplugins\
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-23 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-15 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-23 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-15 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe /MINIMIZED []
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"icq"=C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe [2014-10-04 35239432]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-23 5223016]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-31 22:33:13 ----D---- C:\rsit
2014-10-31 22:33:13 ----D---- C:\Program Files\trend micro
2014-10-29 19:34:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-28 17:58:00 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\HDX4 GmbH
2014-10-28 17:57:41 ----D---- C:\ProgramData\SuperEasy Software
2014-10-28 17:57:36 ----D---- C:\Program Files (x86)\SuperEasy Software
2014-10-23 18:47:59 ----D---- C:\WINDOWS\SYSWOW64\vbox
2014-10-23 18:47:59 ----D---- C:\WINDOWS\system32\vbox
2014-10-23 18:41:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-10-23 18:41:21 ----A---- C:\WINDOWS\avastSS.scr
2014-10-23 18:41:05 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2014-10-23 17:11:20 ----D---- C:\Program Files (x86)\Digiarty
2014-10-18 11:17:03 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\22077
2014-10-18 11:06:48 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\DVDFab9
2014-10-18 11:06:33 ----D---- C:\Program Files (x86)\DVDFab 9
2014-10-18 11:03:42 ----D---- C:\Program Files (x86)\YTD
2014-10-18 10:53:31 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\17466
2014-10-18 10:45:23 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\15872
2014-10-15 19:45:15 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\schannel.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-10-15 19:45:09 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-15 19:44:07 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 19:44:01 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 19:44:01 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 19:43:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 19:43:55 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 19:43:51 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 19:43:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 19:43:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 19:43:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-15 19:43:04 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 16:20:49 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-10-15 16:20:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-10-15 16:19:15 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-10-15 16:19:08 ----D---- C:\Program Files (x86)\Java
2014-10-08 17:05:15 ----D---- C:\Program Files (x86)\dreamboxEDIT
2014-10-04 12:44:45 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM
2014-10-04 12:39:52 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\SUPERAntiSpyware.com
2014-10-04 12:39:45 ----D---- C:\ProgramData\SUPERAntiSpyware.com
======List of files/folders modified in the last 1 month======
2014-10-31 22:33:18 ----D---- C:\WINDOWS\Prefetch
2014-10-31 22:33:13 ----D---- C:\Program Files
2014-10-31 22:13:18 ----SHD---- C:\System Volume Information
2014-10-31 22:13:14 ----RD---- C:\WINDOWS\System32
2014-10-31 22:08:23 ----D---- C:\WINDOWS\system32\drivers
2014-10-31 22:07:49 ----D---- C:\WINDOWS\Inf
2014-10-31 22:07:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-31 22:06:28 ----D---- C:\WINDOWS\Temp
2014-10-31 22:06:02 ----D---- C:\WINDOWS\system32\sru
2014-10-31 14:57:52 ----D---- C:\WINDOWS\debug
2014-10-31 14:57:52 ----D---- C:\Windows
2014-10-31 14:54:55 ----D---- C:\WINDOWS\SchCache
2014-10-31 13:36:16 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-31 13:18:45 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-10-31 13:09:02 ----D---- C:\Komplet záloha VTI - ak náhodou sa niečo vo VU+ Solo2 poškodí
2014-10-31 10:30:51 ----D---- C:\dvbdream
2014-10-30 12:43:12 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\vlc
2014-10-30 11:58:50 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BSplayer PRO
2014-10-30 11:58:24 ----D---- C:\Program Files (x86)\Webteh
2014-10-29 23:24:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 19:53:16 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Skype
2014-10-29 19:51:50 ----SHD---- C:\WINDOWS\Installer
2014-10-29 19:51:49 ----HD---- C:\Config.Msi
2014-10-29 19:51:39 ----RD---- C:\Program Files (x86)\Skype
2014-10-29 19:51:26 ----D---- C:\ProgramData\Skype
2014-10-29 19:51:22 ----D---- C:\WINDOWS\SysWOW64
2014-10-29 19:51:22 ----D---- C:\Program Files (x86)\Common Files
2014-10-29 19:34:26 ----RD---- C:\Program Files (x86)
2014-10-29 19:03:54 ----SD---- C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft
2014-10-29 18:40:02 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BitTorrent
2014-10-28 19:27:42 ----RSD---- C:\WINDOWS\assembly
2014-10-28 19:07:13 ----D---- C:\WINDOWS\Speech
2014-10-28 17:57:41 ----HD---- C:\ProgramData
2014-10-28 17:17:05 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Vso
2014-10-28 17:17:05 ----A---- C:\Users\Kostík a Irenočka\AppData\Roaming\inst.exe
2014-10-28 17:16:59 ----D---- C:\Program Files (x86)\VSO
2014-10-28 17:15:44 ----D---- C:\ProgramData\Freemake
2014-10-28 17:15:39 ----D---- C:\Program Files (x86)\Freemake
2014-10-28 09:43:48 ----HD---- C:\Program Files\WindowsApps
2014-10-28 09:43:48 ----D---- C:\WINDOWS\AppReadiness
2014-10-25 14:05:20 ----D---- C:\WINDOWS\system32\config
2014-10-25 13:58:10 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-25 13:45:28 ----D---- C:\WINDOWS\rescache
2014-10-25 11:40:14 ----D---- C:\Program Files\SUPERAntiSpyware
2014-10-23 18:41:31 ----D---- C:\WINDOWS\system32\Tasks
2014-10-23 17:14:12 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\AIMP3
2014-10-23 17:13:47 ----D---- C:\Program Files (x86)\AIMP3
2014-10-23 16:54:50 ----D---- C:\Program Files (x86)\The Bat!
2014-10-22 16:57:23 ----D---- C:\Program Files\WinRAR
2014-10-22 15:48:07 ----D---- C:\WINDOWS\Tasks
2014-10-19 11:04:46 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\YouTube Downloader
2014-10-18 10:21:36 ----D---- C:\WINDOWS\WinSxS
2014-10-17 17:31:38 ----D---- C:\WINDOWS\system32\catroot
2014-10-15 19:57:27 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-15 19:57:27 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-15 19:57:27 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ToastData
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-15 19:57:26 ----D---- C:\WINDOWS\MediaViewer
2014-10-15 19:57:26 ----D---- C:\WINDOWS\FileManager
2014-10-15 19:57:26 ----D---- C:\WINDOWS\Camera
2014-10-15 19:57:26 ----D---- C:\WINDOWS\apppatch
2014-10-15 19:53:28 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 19:53:04 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 19:52:33 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 19:45:37 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-15 19:45:29 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-15 19:44:40 ----D---- C:\WINDOWS\system32\catroot2
2014-10-15 16:19:29 ----D---- C:\ProgramData\Oracle
2014-10-08 19:39:13 ----D---- C:\ProgramData\Ashampoo
2014-10-08 19:38:00 ----D---- C:\Program Files (x86)\Ashampoo
2014-10-08 19:37:13 ----D---- C:\Program Files (x86)\AVS4YOU
2014-10-08 17:40:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-04 12:26:57 ----D---- C:\Program Files (x86)\WinToUSB
2014-10-03 17:17:44 ----D---- C:\Program Files (x86)\Xilisoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;@oem1.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2014-10-23 449936]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-10-23 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-10-23 267632]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-10-23 28184]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-10-23 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-10-31 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-10-23 436624]
R1 Eve;@oem22.inf,%EVE_Desc%;EVE Protocol Driver; C:\WINDOWS\system32\DRIVERS\eve.sys [2014-04-10 41304]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-10-23 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-10-31 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-10-23 116728]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-10-23 270728]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 dvdfab;dvdfab; C:\WINDOWS\system32\drivers\dvdfab.sys [2011-08-15 79232]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 - ovladač I pro síťová připojení PCI Express; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PciSPorts;@oem4.inf,%PCI.SerialPort%;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 TBS6928_64;@oem23.inf,%DISPLAY_NAME%;TBS 6928 DVBS/S2 service; C:\WINDOWS\system32\DRIVERS\TBS6928_64.sys [2012-12-19 1934792]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 dot4;@oem6.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem7.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem6.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;@oem11.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem12.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-10-01 64216]
S3 nmwcd;@oem13.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem18.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-23 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-10-23 104416]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-10-23 4012248]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2014/05/05 17:56:49; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2013-04-02 247768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 267440]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\WINDOWS\ehome\ehRecvr.exe [2013-11-14 697856]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\WINDOWS\ehome\ehsched.exe [2013-11-14 176128]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-29 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-02 244904]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kostík a Irenočka at 2014-10-31 22:33:13
Microsoft Windows 8.1 Pro s aplikací Media Center
System drive C: has 895 GB (94%) free of 954 GB
Total RAM: 8161 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:33:20, on 31. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Kostík a Irenočka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe" /MINIMIZED
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [icq] C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CyberLink Product - 2014/05/05 17:56:49 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files\WinArchiver\WAService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10271 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\WinArchiver\WAService.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
dashost.exe {1868060a-4c98-4e85-a281f8ca390f4a1f}
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4f8d35db-2118-42ef-8b59-335fc5a421ba -SystemEventPortName:HostProcess-107730d9-fba2-4e7c-a7a3-b3120d380b07 -IoCancelEventPortName:HostProcess-fd0a3f65-709a-4772-9b32-02716a870687 -NonStateChangingEventPortName:HostProcess-d5081735-8c97-45f7-b237-b60f6d0bb7a5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9be4b524-c023-4977-8ea8-08b12d7fbcb2 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
taskhostex.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
taskhost.exe $(Arg0)
"C:\Users\Kostík a Irenočka\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default
prefs.js - "browser.startup.homepage" - "https://www.e-quip.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default\searchplugins\
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-23 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-15 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-23 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-15 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe /MINIMIZED []
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"icq"=C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe [2014-10-04 35239432]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-23 5223016]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-31 22:33:13 ----D---- C:\rsit
2014-10-31 22:33:13 ----D---- C:\Program Files\trend micro
2014-10-29 19:34:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-28 17:58:00 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\HDX4 GmbH
2014-10-28 17:57:41 ----D---- C:\ProgramData\SuperEasy Software
2014-10-28 17:57:36 ----D---- C:\Program Files (x86)\SuperEasy Software
2014-10-23 18:47:59 ----D---- C:\WINDOWS\SYSWOW64\vbox
2014-10-23 18:47:59 ----D---- C:\WINDOWS\system32\vbox
2014-10-23 18:41:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-10-23 18:41:21 ----A---- C:\WINDOWS\avastSS.scr
2014-10-23 18:41:05 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2014-10-23 17:11:20 ----D---- C:\Program Files (x86)\Digiarty
2014-10-18 11:17:03 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\22077
2014-10-18 11:06:48 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\DVDFab9
2014-10-18 11:06:33 ----D---- C:\Program Files (x86)\DVDFab 9
2014-10-18 11:03:42 ----D---- C:\Program Files (x86)\YTD
2014-10-18 10:53:31 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\17466
2014-10-18 10:45:23 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\15872
2014-10-15 19:45:15 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\schannel.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-10-15 19:45:09 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-15 19:44:07 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 19:44:01 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 19:44:01 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 19:43:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 19:43:55 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 19:43:51 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 19:43:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 19:43:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 19:43:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-15 19:43:04 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 16:20:49 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-10-15 16:20:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-10-15 16:19:15 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-10-15 16:19:08 ----D---- C:\Program Files (x86)\Java
2014-10-08 17:05:15 ----D---- C:\Program Files (x86)\dreamboxEDIT
2014-10-04 12:44:45 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM
2014-10-04 12:39:52 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\SUPERAntiSpyware.com
2014-10-04 12:39:45 ----D---- C:\ProgramData\SUPERAntiSpyware.com
======List of files/folders modified in the last 1 month======
2014-10-31 22:33:18 ----D---- C:\WINDOWS\Prefetch
2014-10-31 22:33:13 ----D---- C:\Program Files
2014-10-31 22:13:18 ----SHD---- C:\System Volume Information
2014-10-31 22:13:14 ----RD---- C:\WINDOWS\System32
2014-10-31 22:08:23 ----D---- C:\WINDOWS\system32\drivers
2014-10-31 22:07:49 ----D---- C:\WINDOWS\Inf
2014-10-31 22:07:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-31 22:06:28 ----D---- C:\WINDOWS\Temp
2014-10-31 22:06:02 ----D---- C:\WINDOWS\system32\sru
2014-10-31 14:57:52 ----D---- C:\WINDOWS\debug
2014-10-31 14:57:52 ----D---- C:\Windows
2014-10-31 14:54:55 ----D---- C:\WINDOWS\SchCache
2014-10-31 13:36:16 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-31 13:18:45 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-10-31 13:09:02 ----D---- C:\Komplet záloha VTI - ak náhodou sa niečo vo VU+ Solo2 poškodí
2014-10-31 10:30:51 ----D---- C:\dvbdream
2014-10-30 12:43:12 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\vlc
2014-10-30 11:58:50 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BSplayer PRO
2014-10-30 11:58:24 ----D---- C:\Program Files (x86)\Webteh
2014-10-29 23:24:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 19:53:16 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Skype
2014-10-29 19:51:50 ----SHD---- C:\WINDOWS\Installer
2014-10-29 19:51:49 ----HD---- C:\Config.Msi
2014-10-29 19:51:39 ----RD---- C:\Program Files (x86)\Skype
2014-10-29 19:51:26 ----D---- C:\ProgramData\Skype
2014-10-29 19:51:22 ----D---- C:\WINDOWS\SysWOW64
2014-10-29 19:51:22 ----D---- C:\Program Files (x86)\Common Files
2014-10-29 19:34:26 ----RD---- C:\Program Files (x86)
2014-10-29 19:03:54 ----SD---- C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft
2014-10-29 18:40:02 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BitTorrent
2014-10-28 19:27:42 ----RSD---- C:\WINDOWS\assembly
2014-10-28 19:07:13 ----D---- C:\WINDOWS\Speech
2014-10-28 17:57:41 ----HD---- C:\ProgramData
2014-10-28 17:17:05 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Vso
2014-10-28 17:17:05 ----A---- C:\Users\Kostík a Irenočka\AppData\Roaming\inst.exe
2014-10-28 17:16:59 ----D---- C:\Program Files (x86)\VSO
2014-10-28 17:15:44 ----D---- C:\ProgramData\Freemake
2014-10-28 17:15:39 ----D---- C:\Program Files (x86)\Freemake
2014-10-28 09:43:48 ----HD---- C:\Program Files\WindowsApps
2014-10-28 09:43:48 ----D---- C:\WINDOWS\AppReadiness
2014-10-25 14:05:20 ----D---- C:\WINDOWS\system32\config
2014-10-25 13:58:10 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-25 13:45:28 ----D---- C:\WINDOWS\rescache
2014-10-25 11:40:14 ----D---- C:\Program Files\SUPERAntiSpyware
2014-10-23 18:41:31 ----D---- C:\WINDOWS\system32\Tasks
2014-10-23 17:14:12 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\AIMP3
2014-10-23 17:13:47 ----D---- C:\Program Files (x86)\AIMP3
2014-10-23 16:54:50 ----D---- C:\Program Files (x86)\The Bat!
2014-10-22 16:57:23 ----D---- C:\Program Files\WinRAR
2014-10-22 15:48:07 ----D---- C:\WINDOWS\Tasks
2014-10-19 11:04:46 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\YouTube Downloader
2014-10-18 10:21:36 ----D---- C:\WINDOWS\WinSxS
2014-10-17 17:31:38 ----D---- C:\WINDOWS\system32\catroot
2014-10-15 19:57:27 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-15 19:57:27 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-15 19:57:27 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ToastData
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-15 19:57:26 ----D---- C:\WINDOWS\MediaViewer
2014-10-15 19:57:26 ----D---- C:\WINDOWS\FileManager
2014-10-15 19:57:26 ----D---- C:\WINDOWS\Camera
2014-10-15 19:57:26 ----D---- C:\WINDOWS\apppatch
2014-10-15 19:53:28 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 19:53:04 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 19:52:33 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 19:45:37 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-15 19:45:29 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-15 19:44:40 ----D---- C:\WINDOWS\system32\catroot2
2014-10-15 16:19:29 ----D---- C:\ProgramData\Oracle
2014-10-08 19:39:13 ----D---- C:\ProgramData\Ashampoo
2014-10-08 19:38:00 ----D---- C:\Program Files (x86)\Ashampoo
2014-10-08 19:37:13 ----D---- C:\Program Files (x86)\AVS4YOU
2014-10-08 17:40:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-04 12:26:57 ----D---- C:\Program Files (x86)\WinToUSB
2014-10-03 17:17:44 ----D---- C:\Program Files (x86)\Xilisoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;@oem1.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2014-10-23 449936]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-10-23 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-10-23 267632]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-10-23 28184]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-10-23 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-10-31 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-10-23 436624]
R1 Eve;@oem22.inf,%EVE_Desc%;EVE Protocol Driver; C:\WINDOWS\system32\DRIVERS\eve.sys [2014-04-10 41304]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-10-23 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-10-31 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-10-23 116728]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-10-23 270728]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 dvdfab;dvdfab; C:\WINDOWS\system32\drivers\dvdfab.sys [2011-08-15 79232]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 - ovladač I pro síťová připojení PCI Express; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PciSPorts;@oem4.inf,%PCI.SerialPort%;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 TBS6928_64;@oem23.inf,%DISPLAY_NAME%;TBS 6928 DVBS/S2 service; C:\WINDOWS\system32\DRIVERS\TBS6928_64.sys [2012-12-19 1934792]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 dot4;@oem6.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem7.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem6.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;@oem11.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem12.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-10-01 64216]
S3 nmwcd;@oem13.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem18.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-23 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-10-23 104416]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-10-23 4012248]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2014/05/05 17:56:49; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2013-04-02 247768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 267440]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\WINDOWS\ehome\ehRecvr.exe [2013-11-14 697856]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\WINDOWS\ehome\ehsched.exe [2013-11-14 176128]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-29 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-02 244904]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sken AdwCleanerom
Soubor nalezený ADW je regurlérní, nemažte. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Dobrý den Rudy,omlouvám se,ale byl jsem celej týden pracovně indisponovaný,nemĚl jsem na nic šas tak jsem rád že je víkend.OTM jsem udělal jak jste radili a posílám nový RSIT log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kostík a Irenočka at 2014-11-08 11:08:34
Microsoft Windows 8.1 Pro s aplikací Media Center
System drive C: has 895 GB (94%) free of 954 GB
Total RAM: 8161 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:38, on 8. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files\trend micro\Kostík a Irenočka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe" /MINIMIZED
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [icq] C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Skype Click to Call Updater (c2cautoupdatesvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (file missing)
O23 - Service: Skype Click to Call PNR Service (c2cpnrsvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (file missing)
O23 - Service: CyberLink Product - 2014/05/05 17:56:49 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files\WinArchiver\WAService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10310 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\WinArchiver\WAService.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
dashost.exe {be75ff0c-ae7a-48c6-992915132800f114}
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
taskeng.exe {6E05660B-888A-4B64-BBCB-A9B76FF72159}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cae72151-8c44-44e9-b673-5d4c988ead4c -SystemEventPortName:HostProcess-11e2b8d1-562a-4dea-b187-592668af71e8 -IoCancelEventPortName:HostProcess-1d927220-0b9b-47e1-b9fe-9d1bfbe468dc -NonStateChangingEventPortName:HostProcess-4a517db8-cd21-4837-b795-a3b46dbe825c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d6d5b882-f449-406a-9212-d2cf48f505f6 -DeviceGroupId:WpdFsGroup
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 556 580 592 65536 588
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
ngservice.exe pipeserver
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Kostík a Irenočka\Desktop\RSITx64.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default
prefs.js - "browser.startup.homepage" - "https://www.e-quip.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default\searchplugins\
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-23 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-15 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-23 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-15 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe /MINIMIZED []
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"icq"=C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe [2014-10-04 35239432]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-31 5223016]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-08 11:08:34 ----D---- C:\rsit
2014-11-08 11:03:50 ----D---- C:\_OTM
2014-10-31 22:33:13 ----D---- C:\Program Files\trend micro
2014-10-29 19:34:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-28 17:58:00 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\HDX4 GmbH
2014-10-28 17:57:41 ----D---- C:\ProgramData\SuperEasy Software
2014-10-28 17:57:36 ----D---- C:\Program Files (x86)\SuperEasy Software
2014-10-23 18:47:59 ----D---- C:\WINDOWS\SYSWOW64\vbox
2014-10-23 18:47:59 ----D---- C:\WINDOWS\system32\vbox
2014-10-23 18:41:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-10-23 18:41:21 ----A---- C:\WINDOWS\avastSS.scr
2014-10-23 18:41:05 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2014-10-23 17:11:20 ----D---- C:\Program Files (x86)\Digiarty
2014-10-18 11:17:03 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\22077
2014-10-18 11:06:48 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\DVDFab9
2014-10-18 11:06:33 ----D---- C:\Program Files (x86)\DVDFab 9
2014-10-18 11:03:42 ----D---- C:\Program Files (x86)\YTD
2014-10-18 10:53:31 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\17466
2014-10-18 10:45:23 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\15872
2014-10-15 19:45:15 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\schannel.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-10-15 19:45:09 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-15 19:44:07 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 19:44:01 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 19:44:01 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 19:43:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 19:43:55 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 19:43:51 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 19:43:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 19:43:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 19:43:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-15 19:43:04 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 16:20:49 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-10-15 16:20:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-10-15 16:19:15 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-10-15 16:19:08 ----D---- C:\Program Files (x86)\Java
======List of files/folders modified in the last 1 month======
2014-11-08 11:07:20 ----D---- C:\WINDOWS\Prefetch
2014-11-08 11:06:56 ----D---- C:\WINDOWS\Temp
2014-11-08 11:06:24 ----D---- C:\WINDOWS\system32\drivers
2014-11-08 11:06:09 ----D---- C:\Windows
2014-11-08 11:03:51 ----RD---- C:\Program Files (x86)\Skype
2014-11-08 11:03:51 ----D---- C:\WINDOWS\Tasks
2014-11-08 11:02:09 ----D---- C:\WINDOWS\system32\sru
2014-11-08 10:57:13 ----D---- C:\WINDOWS\AppReadiness
2014-11-01 01:14:00 ----D---- C:\dvbdream
2014-11-01 00:23:10 ----RD---- C:\WINDOWS\System32
2014-11-01 00:23:10 ----D---- C:\WINDOWS\Inf
2014-11-01 00:23:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-31 23:24:00 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\vlc
2014-10-31 23:21:59 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\YouTube Downloader
2014-10-31 22:33:13 ----D---- C:\Program Files
2014-10-31 22:13:18 ----SHD---- C:\System Volume Information
2014-10-31 14:57:52 ----D---- C:\WINDOWS\debug
2014-10-31 14:54:55 ----D---- C:\WINDOWS\SchCache
2014-10-31 13:36:16 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-31 13:18:45 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-10-31 13:09:02 ----D---- C:\Komplet záloha VTI - ak náhodou sa niečo vo VU+ Solo2 poškodí
2014-10-30 11:58:50 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BSplayer PRO
2014-10-30 11:58:24 ----D---- C:\Program Files (x86)\Webteh
2014-10-29 23:24:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 19:53:16 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Skype
2014-10-29 19:51:50 ----SHD---- C:\WINDOWS\Installer
2014-10-29 19:51:49 ----HD---- C:\Config.Msi
2014-10-29 19:51:26 ----D---- C:\ProgramData\Skype
2014-10-29 19:51:22 ----D---- C:\WINDOWS\SysWOW64
2014-10-29 19:51:22 ----D---- C:\Program Files (x86)\Common Files
2014-10-29 19:34:26 ----RD---- C:\Program Files (x86)
2014-10-29 19:03:54 ----SD---- C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft
2014-10-29 18:40:02 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BitTorrent
2014-10-28 19:27:42 ----RSD---- C:\WINDOWS\assembly
2014-10-28 19:07:13 ----D---- C:\WINDOWS\Speech
2014-10-28 17:57:41 ----HD---- C:\ProgramData
2014-10-28 17:17:05 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Vso
2014-10-28 17:17:05 ----A---- C:\Users\Kostík a Irenočka\AppData\Roaming\inst.exe
2014-10-28 17:16:59 ----D---- C:\Program Files (x86)\VSO
2014-10-28 17:15:44 ----D---- C:\ProgramData\Freemake
2014-10-28 17:15:39 ----D---- C:\Program Files (x86)\Freemake
2014-10-28 09:43:48 ----HD---- C:\Program Files\WindowsApps
2014-10-25 14:05:20 ----D---- C:\WINDOWS\system32\config
2014-10-25 13:58:10 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-25 13:45:28 ----D---- C:\WINDOWS\rescache
2014-10-25 11:40:14 ----D---- C:\Program Files\SUPERAntiSpyware
2014-10-23 18:41:31 ----D---- C:\WINDOWS\system32\Tasks
2014-10-23 17:14:12 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\AIMP3
2014-10-23 17:13:47 ----D---- C:\Program Files (x86)\AIMP3
2014-10-23 16:54:50 ----D---- C:\Program Files (x86)\The Bat!
2014-10-22 16:57:23 ----D---- C:\Program Files\WinRAR
2014-10-18 10:21:36 ----D---- C:\WINDOWS\WinSxS
2014-10-17 17:31:38 ----D---- C:\WINDOWS\system32\catroot
2014-10-15 19:57:27 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-15 19:57:27 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-15 19:57:27 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ToastData
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-15 19:57:26 ----D---- C:\WINDOWS\MediaViewer
2014-10-15 19:57:26 ----D---- C:\WINDOWS\FileManager
2014-10-15 19:57:26 ----D---- C:\WINDOWS\Camera
2014-10-15 19:57:26 ----D---- C:\WINDOWS\apppatch
2014-10-15 19:53:28 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 19:53:04 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 19:52:33 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 19:45:37 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-15 19:45:29 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-15 19:44:40 ----D---- C:\WINDOWS\system32\catroot2
2014-10-15 16:19:29 ----D---- C:\ProgramData\Oracle
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;@oem1.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2014-10-23 449936]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-10-23 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-10-23 267632]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-10-23 28184]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-10-23 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-10-31 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-10-23 436624]
R1 Eve;@oem22.inf,%EVE_Desc%;EVE Protocol Driver; C:\WINDOWS\system32\DRIVERS\eve.sys [2014-04-10 41304]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-10-23 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-10-31 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-10-23 116728]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-10-23 270728]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 dvdfab;dvdfab; C:\WINDOWS\system32\drivers\dvdfab.sys [2011-08-15 79232]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 - ovladač I pro síťová připojení PCI Express; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PciSPorts;@oem4.inf,%PCI.SerialPort%;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 TBS6928_64;@oem23.inf,%DISPLAY_NAME%;TBS 6928 DVBS/S2 service; C:\WINDOWS\system32\DRIVERS\TBS6928_64.sys [2012-12-19 1934792]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 dot4;@oem6.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem7.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem6.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;@oem11.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem12.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-10-01 64216]
S3 nmwcd;@oem13.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem18.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-23 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-10-23 104416]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-10-23 4012248]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe /service []
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe /service []
S2 CLKMSVC10_38F51D56;CyberLink Product - 2014/05/05 17:56:49; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2013-04-02 247768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 267440]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\WINDOWS\ehome\ehRecvr.exe [2013-11-14 697856]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\WINDOWS\ehome\ehsched.exe [2013-11-14 176128]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-29 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-02 244904]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kostík a Irenočka at 2014-11-08 11:08:34
Microsoft Windows 8.1 Pro s aplikací Media Center
System drive C: has 895 GB (94%) free of 954 GB
Total RAM: 8161 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:38, on 8. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files\trend micro\Kostík a Irenočka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe" /MINIMIZED
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [icq] C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Skype Click to Call Updater (c2cautoupdatesvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (file missing)
O23 - Service: Skype Click to Call PNR Service (c2cpnrsvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (file missing)
O23 - Service: CyberLink Product - 2014/05/05 17:56:49 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files\WinArchiver\WAService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10310 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\WinArchiver\WAService.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
dashost.exe {be75ff0c-ae7a-48c6-992915132800f114}
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
taskeng.exe {6E05660B-888A-4B64-BBCB-A9B76FF72159}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cae72151-8c44-44e9-b673-5d4c988ead4c -SystemEventPortName:HostProcess-11e2b8d1-562a-4dea-b187-592668af71e8 -IoCancelEventPortName:HostProcess-1d927220-0b9b-47e1-b9fe-9d1bfbe468dc -NonStateChangingEventPortName:HostProcess-4a517db8-cd21-4837-b795-a3b46dbe825c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d6d5b882-f449-406a-9212-d2cf48f505f6 -DeviceGroupId:WpdFsGroup
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 556 580 592 65536 588
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
ngservice.exe pipeserver
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Kostík a Irenočka\Desktop\RSITx64.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default
prefs.js - "browser.startup.homepage" - "https://www.e-quip.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.215 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_215.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\befc6021.default\searchplugins\
Google.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-23 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-15 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-23 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-15 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Kostík a Irenočka\Desktop\µTorrent 3.4.2 Build 33870 setup.exe /MINIMIZED []
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"icq"=C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe [2014-10-04 35239432]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-31 5223016]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-08 11:08:34 ----D---- C:\rsit
2014-11-08 11:03:50 ----D---- C:\_OTM
2014-10-31 22:33:13 ----D---- C:\Program Files\trend micro
2014-10-29 19:34:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-28 17:58:00 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\HDX4 GmbH
2014-10-28 17:57:41 ----D---- C:\ProgramData\SuperEasy Software
2014-10-28 17:57:36 ----D---- C:\Program Files (x86)\SuperEasy Software
2014-10-23 18:47:59 ----D---- C:\WINDOWS\SYSWOW64\vbox
2014-10-23 18:47:59 ----D---- C:\WINDOWS\system32\vbox
2014-10-23 18:41:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-10-23 18:41:21 ----A---- C:\WINDOWS\avastSS.scr
2014-10-23 18:41:05 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2014-10-23 17:11:20 ----D---- C:\Program Files (x86)\Digiarty
2014-10-18 11:17:03 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\22077
2014-10-18 11:06:48 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\DVDFab9
2014-10-18 11:06:33 ----D---- C:\Program Files (x86)\DVDFab 9
2014-10-18 11:03:42 ----D---- C:\Program Files (x86)\YTD
2014-10-18 10:53:31 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\17466
2014-10-18 10:45:23 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\15872
2014-10-15 19:45:15 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 19:45:14 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\twinui.dll
2014-10-15 19:45:12 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\localspl.dll
2014-10-15 19:45:11 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\schannel.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 19:45:10 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-10-15 19:45:09 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-10-15 19:45:09 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\untfs.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 19:45:08 ----A---- C:\WINDOWS\system32\certcli.dll
2014-10-15 19:44:07 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 19:44:01 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 19:44:01 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 19:43:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 19:43:55 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 19:43:51 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 19:43:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 19:43:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 19:43:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 19:43:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 19:43:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 19:43:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 19:43:42 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 19:43:40 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-15 19:43:05 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-15 19:43:04 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-15 19:43:02 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 16:20:49 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-10-15 16:20:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-10-15 16:20:31 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-10-15 16:19:15 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-10-15 16:19:13 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-10-15 16:19:08 ----D---- C:\Program Files (x86)\Java
======List of files/folders modified in the last 1 month======
2014-11-08 11:07:20 ----D---- C:\WINDOWS\Prefetch
2014-11-08 11:06:56 ----D---- C:\WINDOWS\Temp
2014-11-08 11:06:24 ----D---- C:\WINDOWS\system32\drivers
2014-11-08 11:06:09 ----D---- C:\Windows
2014-11-08 11:03:51 ----RD---- C:\Program Files (x86)\Skype
2014-11-08 11:03:51 ----D---- C:\WINDOWS\Tasks
2014-11-08 11:02:09 ----D---- C:\WINDOWS\system32\sru
2014-11-08 10:57:13 ----D---- C:\WINDOWS\AppReadiness
2014-11-01 01:14:00 ----D---- C:\dvbdream
2014-11-01 00:23:10 ----RD---- C:\WINDOWS\System32
2014-11-01 00:23:10 ----D---- C:\WINDOWS\Inf
2014-11-01 00:23:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-31 23:24:00 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\vlc
2014-10-31 23:21:59 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\YouTube Downloader
2014-10-31 22:33:13 ----D---- C:\Program Files
2014-10-31 22:13:18 ----SHD---- C:\System Volume Information
2014-10-31 14:57:52 ----D---- C:\WINDOWS\debug
2014-10-31 14:54:55 ----D---- C:\WINDOWS\SchCache
2014-10-31 13:36:16 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-31 13:18:45 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-10-31 13:09:02 ----D---- C:\Komplet záloha VTI - ak náhodou sa niečo vo VU+ Solo2 poškodí
2014-10-30 11:58:50 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BSplayer PRO
2014-10-30 11:58:24 ----D---- C:\Program Files (x86)\Webteh
2014-10-29 23:24:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 19:53:16 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Skype
2014-10-29 19:51:50 ----SHD---- C:\WINDOWS\Installer
2014-10-29 19:51:49 ----HD---- C:\Config.Msi
2014-10-29 19:51:26 ----D---- C:\ProgramData\Skype
2014-10-29 19:51:22 ----D---- C:\WINDOWS\SysWOW64
2014-10-29 19:51:22 ----D---- C:\Program Files (x86)\Common Files
2014-10-29 19:34:26 ----RD---- C:\Program Files (x86)
2014-10-29 19:03:54 ----SD---- C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft
2014-10-29 18:40:02 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\BitTorrent
2014-10-28 19:27:42 ----RSD---- C:\WINDOWS\assembly
2014-10-28 19:07:13 ----D---- C:\WINDOWS\Speech
2014-10-28 17:57:41 ----HD---- C:\ProgramData
2014-10-28 17:17:05 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\Vso
2014-10-28 17:17:05 ----A---- C:\Users\Kostík a Irenočka\AppData\Roaming\inst.exe
2014-10-28 17:16:59 ----D---- C:\Program Files (x86)\VSO
2014-10-28 17:15:44 ----D---- C:\ProgramData\Freemake
2014-10-28 17:15:39 ----D---- C:\Program Files (x86)\Freemake
2014-10-28 09:43:48 ----HD---- C:\Program Files\WindowsApps
2014-10-25 14:05:20 ----D---- C:\WINDOWS\system32\config
2014-10-25 13:58:10 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-25 13:45:28 ----D---- C:\WINDOWS\rescache
2014-10-25 11:40:14 ----D---- C:\Program Files\SUPERAntiSpyware
2014-10-23 18:41:31 ----D---- C:\WINDOWS\system32\Tasks
2014-10-23 17:14:12 ----D---- C:\Users\Kostík a Irenočka\AppData\Roaming\AIMP3
2014-10-23 17:13:47 ----D---- C:\Program Files (x86)\AIMP3
2014-10-23 16:54:50 ----D---- C:\Program Files (x86)\The Bat!
2014-10-22 16:57:23 ----D---- C:\Program Files\WinRAR
2014-10-18 10:21:36 ----D---- C:\WINDOWS\WinSxS
2014-10-17 17:31:38 ----D---- C:\WINDOWS\system32\catroot
2014-10-15 19:57:27 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-15 19:57:27 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-15 19:57:27 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ToastData
2014-10-15 19:57:26 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-15 19:57:26 ----D---- C:\WINDOWS\MediaViewer
2014-10-15 19:57:26 ----D---- C:\WINDOWS\FileManager
2014-10-15 19:57:26 ----D---- C:\WINDOWS\Camera
2014-10-15 19:57:26 ----D---- C:\WINDOWS\apppatch
2014-10-15 19:53:28 ----D---- C:\WINDOWS\CbsTemp
2014-10-15 19:53:04 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 19:52:33 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 19:45:37 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-15 19:45:29 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-15 19:44:40 ----D---- C:\WINDOWS\system32\catroot2
2014-10-15 16:19:29 ----D---- C:\ProgramData\Oracle
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;@oem1.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2014-10-23 449936]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-10-23 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-10-23 267632]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-10-23 28184]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-10-23 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-10-31 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-10-23 436624]
R1 Eve;@oem22.inf,%EVE_Desc%;EVE Protocol Driver; C:\WINDOWS\system32\DRIVERS\eve.sys [2014-04-10 41304]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-10-23 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-10-31 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-10-23 116728]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-10-23 270728]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 dvdfab;dvdfab; C:\WINDOWS\system32\drivers\dvdfab.sys [2011-08-15 79232]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 - ovladač I pro síťová připojení PCI Express; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PciSPorts;@oem4.inf,%PCI.SerialPort%;High-Speed PCI Serial Port; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 TBS6928_64;@oem23.inf,%DISPLAY_NAME%;TBS 6928 DVBS/S2 service; C:\WINDOWS\system32\DRIVERS\TBS6928_64.sys [2012-12-19 1934792]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 dot4;@oem6.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem7.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem6.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 FTDIBUS;@oem11.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;@oem12.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-10-01 64216]
S3 nmwcd;@oem13.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem18.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-23 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-10-23 104416]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-10-23 4012248]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe /service []
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe /service []
S2 CLKMSVC10_38F51D56;CyberLink Product - 2014/05/05 17:56:49; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2013-04-02 247768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 267440]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\WINDOWS\ehome\ehRecvr.exe [2013-11-14 697856]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\WINDOWS\ehome\ehsched.exe [2013-11-14 176128]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-29 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-02 244904]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sken AdwCleanerom
Dvouklikem na soubor C:\Program Files\trend micro\Kostík a Irenočka.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Všechno dělám jak jste mi napsal,ale nejak to nejde.Posílám screen
- Přílohy
-
- 1.rar
- (502.82 KiB) Staženo 96 x
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Už je to OK,musel jsem pustit jako správce
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sken AdwCleanerom
PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
PROBLÉM,Nejede mi otevřít Windows Store 8.1 po vašem čištení ani nijaké aplikace z 3D plochy????Co z tím??
Zůstavá asi jedno vrátit systém zpět,neboť neco z registrů ja asi v háji.Win8 je na tohleto čitění háklivý to jsem si všimnul i v ProBooku co jsem čistil z vyoskom a musel jsem dát systém zpět a pak už to bylo OK.Co z tím mám teťka dělat,nedostanu se ani do mailu co mám na 3D ploche.Komplet všechno mi na 3D ploche padá,nic nejde otevřít.
Zůstavá asi jedno vrátit systém zpět,neboť neco z registrů ja asi v háji.Win8 je na tohleto čitění háklivý to jsem si všimnul i v ProBooku co jsem čistil z vyoskom a musel jsem dát systém zpět a pak už to bylo OK.Co z tím mám teťka dělat,nedostanu se ani do mailu co mám na 3D ploche.Komplet všechno mi na 3D ploche padá,nic nejde otevřít.
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sken AdwCleanerom
Tady asi opravdu pomůže jen obnova systému. Problém s windiws store už jsem jednou řešil a nakonec nic jiného nezbylo. Stav signalizuje poškozený systém, neboť pokud mažu něco, co s tím nesouvisí a ono se něco jiného znefunkční, bývá to systémová chyba.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kostik123456
- Návštěvník
- Příspěvky: 173
- Registrován: 21 dub 2014 09:39
Re: Sken AdwCleanerom
Dobrý den,rudy všechno je OK po vrácení systému,ale mám tady jeden další problém který se před tím vůbec nevyskytoval.AdwCleaner 4.100 my po opětovním vymazání(něco v Google Chrome-softonic 
)a novem skenu zasa a zasa dokola najde v Chrromu nejakého paznechta.Už jsem z teho na nervy a nevím jak to vymazat.Prikladám log.Nedá se to nejak vymazat cez regedit??
# AdwCleaner v4.100 - Report created 08/11/2014 at 16:09:19
# Updated 08/11/2014 by Xplode
# Database : 2014-11-07.1
# Operating System : Windows 8.1 Pro with Media Center (64 bits)
# Username : Kostík a Irenočka - PC-POKOJÍČEK
# Running from : C:\Users\Kostík a Irenočka\AppData\Local\Temp\Rar$EXa0.610\adwcleaner_4.100.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.3 (x86 cs)
-\\ Google Chrome v38.0.2125.111
[C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R188].txt - [849 octets] - [08/11/2014 16:09:19]
########## EOF - C:\AdwCleaner\AdwCleaner[R188].txt - [910 octets] ##########
)a novem skenu zasa a zasa dokola najde v Chrromu nejakého paznechta.Už jsem z teho na nervy a nevím jak to vymazat.Prikladám log.Nedá se to nejak vymazat cez regedit??# AdwCleaner v4.100 - Report created 08/11/2014 at 16:09:19
# Updated 08/11/2014 by Xplode
# Database : 2014-11-07.1
# Operating System : Windows 8.1 Pro with Media Center (64 bits)
# Username : Kostík a Irenočka - PC-POKOJÍČEK
# Running from : C:\Users\Kostík a Irenočka\AppData\Local\Temp\Rar$EXa0.610\adwcleaner_4.100.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.3 (x86 cs)
-\\ Google Chrome v38.0.2125.111
[C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R188].txt - [849 octets] - [08/11/2014 16:09:19]
########## EOF - C:\AdwCleaner\AdwCleaner[R188].txt - [910 octets] ##########
Přispějete na provoz fóra?