Dobry den. Neako sa mi do PC dostala vec z nazvom mystartsearch. Mal som to nainstalovane ( neviem ako sa to stalo ) v PC tak som to vymazal cez ovladacie paneli - odinstalovat programy ... No stale mi to zmenilo moju domovsku stranku vo vsetkych prehliadacoch na mystartsearch.com. Skusal som uz rozne navody ako tuto vec odstranit ale vzdy sa mi pri nasledujucom spusteny prehliadaca ( Chrome ) znova otvori ta stranka. Neviete neaky naozaj funkcny navod ako to dostat prec z PC? Neviem ci to pomoze ale prikladam aj svoj log vytvoreny cez HijackThis.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:03:43, on 7. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Pocket Navigator Installer 6.0] C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MaintainerSvc2.69.9464532 - Unknown owner - C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13050 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Havet - mystartsearch
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Havet - mystartsearch
Zdravim 
HJT uz je nekolik let zcela nedostatecny
Nahore je takovy veeelky oranzovy obdelnik, prectete si jej a dle toho dejte prislusny log
HJT uz je nekolik let zcela nedostatecny Nahore je takovy veeelky oranzovy obdelnik, prectete si jej a dle toho dejte prislusny log"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Havet - mystartsearch
Tu je ten novy log. Uz som sem raz pisal a zabudol som ze HJT sa uz nepouziva...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Majo at 2014-11-07 15:17:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 9 GB (11%) free of 80 GB
Total RAM: 8173 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:17:27, on 7. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Majo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Pocket Navigator Installer 6.0] C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MaintainerSvc2.69.9464532 - Unknown owner - C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13210 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
atieclxx
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE" /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
WLIDSvcM.exe 3404
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e872719-fc82-4999-908d-796b87faf021 -SystemEventPortName:HostProcess-d77f39aa-fdd0-48e9-a84d-70800df20377 -IoCancelEventPortName:HostProcess-249d1099-a7ff-4947-9249-9350fbe46e28 -NonStateChangingEventPortName:HostProcess-baf0119f-0d92-40ce-99fb-6f3949aa7c4d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4c6b0a2f-7f09-4344-8019-36ad985e5df7 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=hppp ... XXS1D45DD1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5916.0.1662007207\1033206746" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x683d --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.301.1001.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.2.1242265707\1587787239" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.4.1752376591\1018584314" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5916.11.1395210567\448479315" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.13.1850722914\255087202" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.14.2113060865\1028079876" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.18.1769728960\432173762" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.19.1729793230\587420538" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"D:\Instalacky\Programy\ochrana\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\CRGE.job - C:\Users\Majo\AppData\Roaming\CRGE.exe /infocmdline=slF/p/309KdRUQyIt8ushwrhGq/nKTob+1QlUv0t9+RBuuneF1pbTRa84CocSDKBvA8FQE6L4+y9GiC0qZHpbZ5yD0ouSCSbDr9BL+86YFDbzR0AqHiz5zyD28o95FsN80aQVTb4iC2ybfJyvDJtciJri2BpCOXfTZNN8WGFvJNmwaQrXkVrhC0cxD9POqSfKkciVLqjSWqOZ2fd5V165lTeYNjcnN4HEVRBQbbXkKSHNEygcbNIfe8wpnYqtep15oF/3sBFDgS9YkdV/XeZDX5HQGUpZJp69tBX9tyfKXKzrKK77+Prw2rTDuo7rV+uz2nYv2m0rwKE/cld9+1LOiALc5UcMWbtYepUTzUyDLq4vRYEoOOKOemJSTiCqZXQmpnUnK05VBMppxpsptPEK8BAbM1TLFZ2A/Rr5JLrYeOwgEzyBpw1ty2EwZVKJ0B3IvgSCb1XLeNzV/at+SRlDZ/GDsMFj79+S3Nh8fIqZ3EkZP2l4JPav0J8t/x+4VRs
C:\Windows\tasks\DFRBUA.job - C:\Users\Majo\AppData\Roaming\DFRBUA.exe /infocmdline=L2Wdoqww9lN7ET5az7WRmUevHfE6cWKYw7HKwehViwPFxSq9H+jbu4V32p8wwSX8/nv0mzclKt+ak7nM4Hl17BqVeqiBZyGUGfZQgjL89/JyyWqHS9p/+sOqX6DmSZwlY+bd1LpbIQ2Iv1xTwGP65PXnZbbSsk7r1OMZVFxIgHJFXrahwFxGZq/7v1lmqhIp7EOExb7yNjHS/iJ/+/2v6/scOXnGIMQh7GZgb5SdRdNk8a8Qy5ThRjCt0XUmhHwEOYqEOsNqGcadHWGzpIdzoq9sQRL3/jwoyZwJtjgJubwFKX2TW7xjV542GhNqbIbnlPCTXVRQM5SrqRiPfAEopwqvIxXuU6oWe6OjLv/MzYtnM2+IcvvBnbIzMcx3qoya0wggR3tQnT5qZ2oTcDNVaTaxVGSu13LzqiScN2yEbsTnSOYauWHbciyC8U3w1vBVxeqtgCyR6dajZbEApd8ulVmX/XNgKASyoN8+WG1DU9G1K1/VEUJ8XU8HGVswFqO5
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\
0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com
faststartff@gmail.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-29 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-09-16 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-29 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25 153240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-11-03 515464]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-29 462752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-09-16 1729232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-29 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 825184]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [2012-12-24 283232]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-28 1385808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-11-04 3618648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\raptrstub.exe [2014-08-20 55568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-02-14 1597864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-28 1385808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-08-30 979328]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"Pocket Navigator Installer 6.0"=C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-09-15 767200]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-11-07 15:16:57 ----A---- C:\TDSSKiller.3.0.0.40_07.11.2014_15.16.57_log.txt
2014-11-04 15:29:28 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-11-03 17:41:58 ----D---- C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c
2014-11-03 17:11:58 ----A---- C:\Windows\system32\drivers\{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64.sys
2014-11-03 16:12:36 ----A---- C:\Users\Majo\AppData\Roaming\DFRBUA.exe
2014-11-03 16:12:05 ----A---- C:\Users\Majo\AppData\Roaming\CRGE.exe
2014-11-03 16:11:55 ----D---- C:\Program Files (x86)\globalUpdate
2014-11-03 16:10:25 ----D---- C:\ProgramData\IePluginServices
2014-11-03 16:10:21 ----D---- C:\ProgramData\WindowsMangerProtect
2014-11-03 16:10:20 ----D---- C:\Program Files (x86)\SupTab
2014-11-03 16:09:44 ----D---- C:\Users\Majo\AppData\Roaming\MPMAN CR 100 USB user guide
2014-10-29 00:26:54 ----D---- C:\Users\Majo\AppData\Roaming\vlc
2014-10-29 00:21:17 ----A---- C:\Windows\system32\javaws.exe
2014-10-29 00:21:10 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-29 00:21:10 ----A---- C:\Windows\system32\javaw.exe
2014-10-29 00:21:10 ----A---- C:\Windows\system32\java.exe
2014-10-29 00:20:59 ----D---- C:\Program Files\Java
2014-10-29 00:20:44 ----D---- C:\NHLStreams
2014-10-29 00:19:15 ----D---- C:\Program Files\VideoLAN
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 07:48:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 07:48:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 07:48:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 07:48:30 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 07:48:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:48:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 07:48:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 07:48:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 07:48:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 07:48:29 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 07:48:29 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 07:48:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:48:29 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 07:48:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 07:48:28 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 07:48:26 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 07:48:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:48:25 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 07:48:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:48:25 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 07:48:22 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 07:48:20 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 07:48:20 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 07:48:20 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 07:48:20 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 07:48:20 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 07:48:20 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 07:48:14 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 07:48:14 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 07:48:14 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 07:48:13 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 07:48:12 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 07:48:12 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:48:12 ----A---- C:\Windows\system32\mf.dll
2014-10-15 07:48:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 07:48:11 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 07:48:11 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:48:10 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 07:48:10 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 07:48:10 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\winload.exe
2014-10-15 07:48:10 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 07:48:10 ----A---- C:\Windows\system32\ci.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 07:48:09 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:48:09 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\evr.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 07:48:08 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 07:48:07 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 07:48:07 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 07:48:07 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 07:48:07 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 07:48:01 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 07:48:01 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 07:48:01 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 07:43:11 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 07:43:11 ----A---- C:\Windows\system32\msi.dll
2014-10-15 07:43:03 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 07:42:58 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 07:42:58 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 07:42:54 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 07:42:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 07:42:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 07:42:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 07:42:54 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 07:42:54 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 07:42:46 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 07:42:46 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 07:42:45 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 07:42:45 ----A---- C:\Windows\system32\packager.dll
2014-10-10 01:43:43 ----RD---- C:\Program Files (x86)\Skype
======List of files/folders modified in the last 1 month======
2014-11-07 15:17:22 ----D---- C:\Windows\temp
2014-11-07 15:17:22 ----D---- C:\Program Files\trend micro
2014-11-07 15:15:54 ----D---- C:\Users\Majo\AppData\Roaming\uTorrent
2014-11-07 15:03:35 ----D---- C:\Windows\System32
2014-11-07 15:03:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-07 15:03:34 ----D---- C:\Windows\inf
2014-11-07 15:01:08 ----D---- C:\Windows\system32\config
2014-11-07 14:58:43 ----D---- C:\Windows\system32\Tasks
2014-11-07 14:58:39 ----D---- C:\Windows\Tasks
2014-11-07 14:58:32 ----D---- C:\Windows
2014-11-07 14:58:32 ----A---- C:\Windows\KMSEmulator.exe
2014-11-07 14:52:05 ----D---- C:\Users\Majo\AppData\Roaming\Winamp
2014-11-07 14:52:05 ----D---- C:\Users\Majo\AppData\Roaming\DAEMON Tools Lite
2014-11-07 14:51:47 ----D---- C:\Windows\Logs
2014-11-07 14:51:47 ----D---- C:\Windows\debug
2014-11-07 14:45:53 ----D---- C:\Windows\system32\drivers
2014-11-07 14:45:53 ----D---- C:\Windows\Prefetch
2014-11-07 13:31:41 ----D---- C:\ProgramData\Origin
2014-11-07 13:31:10 ----D---- C:\Program Files (x86)\Origin
2014-11-07 12:44:07 ----SHD---- C:\System Volume Information
2014-11-06 16:30:05 ----D---- C:\Windows\system32\FxsTmp
2014-11-04 16:16:01 ----SHD---- C:\Windows\Installer
2014-11-04 15:29:28 ----D---- C:\Program Files (x86)
2014-11-03 17:41:58 ----D---- C:\ProgramData
2014-11-03 17:11:59 ----A---- C:\Windows\win.ini
2014-11-03 16:12:06 ----D---- C:\Program Files (x86)\The KMPlayer
2014-11-01 23:22:03 ----D---- C:\ProgramData\CanonIJPLM
2014-10-30 17:11:10 ----D---- C:\Program Files (x86)\Opera
2014-10-29 20:38:21 ----D---- C:\Users\Majo\AppData\Roaming\Skype
2014-10-29 00:20:59 ----RD---- C:\Program Files
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 17:56:37 ----D---- C:\Windows\SYSWOW64\directx
2014-10-19 22:50:29 ----D---- C:\ProgramData\Microsoft Help
2014-10-19 22:49:12 ----RSD---- C:\Windows\assembly
2014-10-16 15:56:22 ----D---- C:\Windows\system32\NDF
2014-10-15 14:44:42 ----D---- C:\ProgramData\Package Cache
2014-10-15 10:41:39 ----D---- C:\Windows\Microsoft.NET
2014-10-15 09:59:55 ----D---- C:\Windows\system32\catroot2
2014-10-15 09:53:36 ----D---- C:\Windows\winsxs
2014-10-15 09:51:00 ----D---- C:\Windows\SysWOW64
2014-10-15 09:50:59 ----D---- C:\Program Files\Windows Media Player
2014-10-15 09:50:59 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 09:50:58 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-10-15 09:50:58 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 09:50:58 ----D---- C:\Windows\system32\sk-SK
2014-10-15 09:50:58 ----D---- C:\Windows\system32\en-US
2014-10-15 09:50:58 ----D---- C:\Windows\system32\Dism
2014-10-15 09:50:57 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 09:50:57 ----D---- C:\Windows\system32\Boot
2014-10-15 09:50:56 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 09:50:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 09:50:56 ----D---- C:\Program Files\Internet Explorer
2014-10-15 09:50:55 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 08:18:45 ----RSD---- C:\Windows\Fonts
2014-10-15 08:15:23 ----D---- C:\Windows\system32\MRT
2014-10-15 08:08:28 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 07:42:37 ----D---- C:\Windows\system32\catroot
2014-10-10 01:43:45 ----D---- C:\Program Files (x86)\Common Files
2014-10-10 01:43:42 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 {01ff3855-4a35-4386-a9e5-851a17533db4}Gw64;{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64; C:\Windows\system32\drivers\{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64.sys [2014-11-03 48824]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-16 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-09-15 16750080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-09-15 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-09-15 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-09-15 344064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 2530128]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-03 715656]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2011-02-07 138192]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 MaintainerSvc2.69.9464532;MaintainerSvc2.69.9464532; C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe [2014-11-07 123672]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-11-03 530408]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-12 116648]
S2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-04-13 20608]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-17 119408]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-11-04 1900400]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-14 543144]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Majo at 2014-11-07 15:17:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 9 GB (11%) free of 80 GB
Total RAM: 8173 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:17:27, on 7. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Majo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXS1D45DD1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Pocket Navigator Installer 6.0] C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MaintainerSvc2.69.9464532 - Unknown owner - C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13210 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
atieclxx
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE" /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
WLIDSvcM.exe 3404
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e872719-fc82-4999-908d-796b87faf021 -SystemEventPortName:HostProcess-d77f39aa-fdd0-48e9-a84d-70800df20377 -IoCancelEventPortName:HostProcess-249d1099-a7ff-4947-9249-9350fbe46e28 -NonStateChangingEventPortName:HostProcess-baf0119f-0d92-40ce-99fb-6f3949aa7c4d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4c6b0a2f-7f09-4344-8019-36ad985e5df7 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=hppp ... XXS1D45DD1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5916.0.1662007207\1033206746" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x683d --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.301.1001.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.2.1242265707\1587787239" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.4.1752376591\1018584314" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5916.11.1395210567\448479315" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.13.1850722914\255087202" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.14.2113060865\1028079876" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.18.1769728960\432173762" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5916.19.1729793230\587420538" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"D:\Instalacky\Programy\ochrana\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\CRGE.job - C:\Users\Majo\AppData\Roaming\CRGE.exe /infocmdline=slF/p/309KdRUQyIt8ushwrhGq/nKTob+1QlUv0t9+RBuuneF1pbTRa84CocSDKBvA8FQE6L4+y9GiC0qZHpbZ5yD0ouSCSbDr9BL+86YFDbzR0AqHiz5zyD28o95FsN80aQVTb4iC2ybfJyvDJtciJri2BpCOXfTZNN8WGFvJNmwaQrXkVrhC0cxD9POqSfKkciVLqjSWqOZ2fd5V165lTeYNjcnN4HEVRBQbbXkKSHNEygcbNIfe8wpnYqtep15oF/3sBFDgS9YkdV/XeZDX5HQGUpZJp69tBX9tyfKXKzrKK77+Prw2rTDuo7rV+uz2nYv2m0rwKE/cld9+1LOiALc5UcMWbtYepUTzUyDLq4vRYEoOOKOemJSTiCqZXQmpnUnK05VBMppxpsptPEK8BAbM1TLFZ2A/Rr5JLrYeOwgEzyBpw1ty2EwZVKJ0B3IvgSCb1XLeNzV/at+SRlDZ/GDsMFj79+S3Nh8fIqZ3EkZP2l4JPav0J8t/x+4VRs
C:\Windows\tasks\DFRBUA.job - C:\Users\Majo\AppData\Roaming\DFRBUA.exe /infocmdline=L2Wdoqww9lN7ET5az7WRmUevHfE6cWKYw7HKwehViwPFxSq9H+jbu4V32p8wwSX8/nv0mzclKt+ak7nM4Hl17BqVeqiBZyGUGfZQgjL89/JyyWqHS9p/+sOqX6DmSZwlY+bd1LpbIQ2Iv1xTwGP65PXnZbbSsk7r1OMZVFxIgHJFXrahwFxGZq/7v1lmqhIp7EOExb7yNjHS/iJ/+/2v6/scOXnGIMQh7GZgb5SdRdNk8a8Qy5ThRjCt0XUmhHwEOYqEOsNqGcadHWGzpIdzoq9sQRL3/jwoyZwJtjgJubwFKX2TW7xjV542GhNqbIbnlPCTXVRQM5SrqRiPfAEopwqvIxXuU6oWe6OjLv/MzYtnM2+IcvvBnbIzMcx3qoya0wggR3tQnT5qZ2oTcDNVaTaxVGSu13LzqiScN2yEbsTnSOYauWHbciyC8U3w1vBVxeqtgCyR6dajZbEApd8ulVmX/XNgKASyoN8+WG1DU9G1K1/VEUJ8XU8HGVswFqO5
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\
0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com
faststartff@gmail.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-29 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-09-16 2334416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-29 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25 153240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-11-03 515464]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-29 462752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-09-16 1729232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-29 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 825184]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [2012-12-24 283232]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-28 1385808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-11-04 3618648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\raptrstub.exe [2014-08-20 55568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-02-14 1597864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [2014-10-28 1385808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-08-30 979328]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"Pocket Navigator Installer 6.0"=C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-09-15 767200]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-11-07 15:16:57 ----A---- C:\TDSSKiller.3.0.0.40_07.11.2014_15.16.57_log.txt
2014-11-04 15:29:28 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-11-03 17:41:58 ----D---- C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c
2014-11-03 17:11:58 ----A---- C:\Windows\system32\drivers\{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64.sys
2014-11-03 16:12:36 ----A---- C:\Users\Majo\AppData\Roaming\DFRBUA.exe
2014-11-03 16:12:05 ----A---- C:\Users\Majo\AppData\Roaming\CRGE.exe
2014-11-03 16:11:55 ----D---- C:\Program Files (x86)\globalUpdate
2014-11-03 16:10:25 ----D---- C:\ProgramData\IePluginServices
2014-11-03 16:10:21 ----D---- C:\ProgramData\WindowsMangerProtect
2014-11-03 16:10:20 ----D---- C:\Program Files (x86)\SupTab
2014-11-03 16:09:44 ----D---- C:\Users\Majo\AppData\Roaming\MPMAN CR 100 USB user guide
2014-10-29 00:26:54 ----D---- C:\Users\Majo\AppData\Roaming\vlc
2014-10-29 00:21:17 ----A---- C:\Windows\system32\javaws.exe
2014-10-29 00:21:10 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-29 00:21:10 ----A---- C:\Windows\system32\javaw.exe
2014-10-29 00:21:10 ----A---- C:\Windows\system32\java.exe
2014-10-29 00:20:59 ----D---- C:\Program Files\Java
2014-10-29 00:20:44 ----D---- C:\NHLStreams
2014-10-29 00:19:15 ----D---- C:\Program Files\VideoLAN
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 07:48:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 07:48:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:48:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 07:48:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 07:48:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 07:48:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 07:48:30 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 07:48:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:48:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 07:48:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 07:48:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 07:48:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 07:48:29 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 07:48:29 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 07:48:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:48:29 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 07:48:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 07:48:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 07:48:28 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 07:48:27 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 07:48:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 07:48:26 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 07:48:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:48:25 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 07:48:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:48:25 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 07:48:22 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 07:48:20 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 07:48:20 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 07:48:20 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 07:48:20 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 07:48:20 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 07:48:20 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 07:48:14 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 07:48:14 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 07:48:14 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 07:48:13 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 07:48:12 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 07:48:12 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:48:12 ----A---- C:\Windows\system32\mf.dll
2014-10-15 07:48:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 07:48:11 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 07:48:11 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:48:10 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 07:48:10 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 07:48:10 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\winload.exe
2014-10-15 07:48:10 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 07:48:10 ----A---- C:\Windows\system32\ci.dll
2014-10-15 07:48:10 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 07:48:09 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 07:48:09 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:48:09 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\evr.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 07:48:09 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 07:48:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 07:48:08 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:48:08 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 07:48:07 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 07:48:07 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 07:48:07 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 07:48:07 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 07:48:07 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 07:48:01 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 07:48:01 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 07:48:01 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 07:43:11 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 07:43:11 ----A---- C:\Windows\system32\msi.dll
2014-10-15 07:43:03 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 07:42:58 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 07:42:58 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 07:42:54 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 07:42:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 07:42:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 07:42:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:42:54 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 07:42:54 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 07:42:54 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 07:42:46 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 07:42:46 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 07:42:45 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 07:42:45 ----A---- C:\Windows\system32\packager.dll
2014-10-10 01:43:43 ----RD---- C:\Program Files (x86)\Skype
======List of files/folders modified in the last 1 month======
2014-11-07 15:17:22 ----D---- C:\Windows\temp
2014-11-07 15:17:22 ----D---- C:\Program Files\trend micro
2014-11-07 15:15:54 ----D---- C:\Users\Majo\AppData\Roaming\uTorrent
2014-11-07 15:03:35 ----D---- C:\Windows\System32
2014-11-07 15:03:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-07 15:03:34 ----D---- C:\Windows\inf
2014-11-07 15:01:08 ----D---- C:\Windows\system32\config
2014-11-07 14:58:43 ----D---- C:\Windows\system32\Tasks
2014-11-07 14:58:39 ----D---- C:\Windows\Tasks
2014-11-07 14:58:32 ----D---- C:\Windows
2014-11-07 14:58:32 ----A---- C:\Windows\KMSEmulator.exe
2014-11-07 14:52:05 ----D---- C:\Users\Majo\AppData\Roaming\Winamp
2014-11-07 14:52:05 ----D---- C:\Users\Majo\AppData\Roaming\DAEMON Tools Lite
2014-11-07 14:51:47 ----D---- C:\Windows\Logs
2014-11-07 14:51:47 ----D---- C:\Windows\debug
2014-11-07 14:45:53 ----D---- C:\Windows\system32\drivers
2014-11-07 14:45:53 ----D---- C:\Windows\Prefetch
2014-11-07 13:31:41 ----D---- C:\ProgramData\Origin
2014-11-07 13:31:10 ----D---- C:\Program Files (x86)\Origin
2014-11-07 12:44:07 ----SHD---- C:\System Volume Information
2014-11-06 16:30:05 ----D---- C:\Windows\system32\FxsTmp
2014-11-04 16:16:01 ----SHD---- C:\Windows\Installer
2014-11-04 15:29:28 ----D---- C:\Program Files (x86)
2014-11-03 17:41:58 ----D---- C:\ProgramData
2014-11-03 17:11:59 ----A---- C:\Windows\win.ini
2014-11-03 16:12:06 ----D---- C:\Program Files (x86)\The KMPlayer
2014-11-01 23:22:03 ----D---- C:\ProgramData\CanonIJPLM
2014-10-30 17:11:10 ----D---- C:\Program Files (x86)\Opera
2014-10-29 20:38:21 ----D---- C:\Users\Majo\AppData\Roaming\Skype
2014-10-29 00:20:59 ----RD---- C:\Program Files
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 17:56:37 ----D---- C:\Windows\SYSWOW64\directx
2014-10-19 22:50:29 ----D---- C:\ProgramData\Microsoft Help
2014-10-19 22:49:12 ----RSD---- C:\Windows\assembly
2014-10-16 15:56:22 ----D---- C:\Windows\system32\NDF
2014-10-15 14:44:42 ----D---- C:\ProgramData\Package Cache
2014-10-15 10:41:39 ----D---- C:\Windows\Microsoft.NET
2014-10-15 09:59:55 ----D---- C:\Windows\system32\catroot2
2014-10-15 09:53:36 ----D---- C:\Windows\winsxs
2014-10-15 09:51:00 ----D---- C:\Windows\SysWOW64
2014-10-15 09:50:59 ----D---- C:\Program Files\Windows Media Player
2014-10-15 09:50:59 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 09:50:58 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-10-15 09:50:58 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 09:50:58 ----D---- C:\Windows\system32\sk-SK
2014-10-15 09:50:58 ----D---- C:\Windows\system32\en-US
2014-10-15 09:50:58 ----D---- C:\Windows\system32\Dism
2014-10-15 09:50:57 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 09:50:57 ----D---- C:\Windows\system32\Boot
2014-10-15 09:50:56 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 09:50:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 09:50:56 ----D---- C:\Program Files\Internet Explorer
2014-10-15 09:50:55 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 08:18:45 ----RSD---- C:\Windows\Fonts
2014-10-15 08:15:23 ----D---- C:\Windows\system32\MRT
2014-10-15 08:08:28 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 07:42:37 ----D---- C:\Windows\system32\catroot
2014-10-10 01:43:45 ----D---- C:\Program Files (x86)\Common Files
2014-10-10 01:43:42 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 {01ff3855-4a35-4386-a9e5-851a17533db4}Gw64;{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64; C:\Windows\system32\drivers\{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64.sys [2014-11-03 48824]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-16 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-09-15 16750080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-09-15 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-09-15 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-09-15 344064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 2530128]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-03 715656]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2011-02-07 138192]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 MaintainerSvc2.69.9464532;MaintainerSvc2.69.9464532; C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe [2014-11-07 123672]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-11-03 530408]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-12 116648]
S2 RadeonPro Support Service;RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-04-13 20608]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-17 119408]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-11-04 1900400]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-14 543144]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Havet - mystartsearch
Predpokladam ze na ESET mate radne zakoupenou licenci?? Dejte i tento log C:\TDSSKiller.3.0.0.40_07.11.2014_15.16.57_log.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Havet - mystartsearch
Ano.. Tu je Log 
)
15:16:57.0850 0x1448 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:17:13.0649 0x1448 EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
15:17:13.0661 0x096c Deinitialize success
)15:16:57.0850 0x1448 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:17:13.0649 0x1448 EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
15:17:13.0661 0x096c Deinitialize success
Re: Havet - mystartsearch
Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Havet - mystartsearch
Log Adw Cleaner.. Ten druhy scan este prebieha
# AdwCleaner v3.311 - Report created 07/11/2014 at 16:43:08
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Majo - MAJO-PC
# Running from : C:\Users\Majo\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
Service Deleted : {01ff3855-4a35-4386-a9e5-851a17533db4}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Majo\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\Extensions\faststartff@gmail.com
File Deleted : C:\Windows\System32\drivers\{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64.sys
File Deleted : C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : DTChk
Task Deleted : DTReg
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v31.0 (x86 sk)
[ File : C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
-\\ Google Chrome v38.0.2125.111
[ File : C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [22281 octets] - [07/10/2014 15:45:04]
AdwCleaner[R1].txt - [1219 octets] - [07/10/2014 16:21:20]
AdwCleaner[R2].txt - [1218 octets] - [07/10/2014 16:28:35]
AdwCleaner[R3].txt - [6968 octets] - [07/11/2014 16:41:44]
AdwCleaner[S0].txt - [21793 octets] - [07/10/2014 15:49:48]
AdwCleaner[S1].txt - [1373 octets] - [07/10/2014 16:24:43]
AdwCleaner[S2].txt - [1240 octets] - [07/10/2014 16:34:29]
AdwCleaner[S3].txt - [5611 octets] - [07/11/2014 16:43:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [5671 octets] ##########
# AdwCleaner v3.311 - Report created 07/11/2014 at 16:43:08
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Majo - MAJO-PC
# Running from : C:\Users\Majo\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect
Service Deleted : {01ff3855-4a35-4386-a9e5-851a17533db4}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Majo\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\Extensions\faststartff@gmail.com
File Deleted : C:\Windows\System32\drivers\{01ff3855-4a35-4386-a9e5-851a17533db4}Gw64.sys
File Deleted : C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : DTChk
Task Deleted : DTReg
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v31.0 (x86 sk)
[ File : C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
-\\ Google Chrome v38.0.2125.111
[ File : C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [22281 octets] - [07/10/2014 15:45:04]
AdwCleaner[R1].txt - [1219 octets] - [07/10/2014 16:21:20]
AdwCleaner[R2].txt - [1218 octets] - [07/10/2014 16:28:35]
AdwCleaner[R3].txt - [6968 octets] - [07/11/2014 16:41:44]
AdwCleaner[S0].txt - [21793 octets] - [07/10/2014 15:49:48]
AdwCleaner[S1].txt - [1373 octets] - [07/10/2014 16:24:43]
AdwCleaner[S2].txt - [1240 octets] - [07/10/2014 16:34:29]
AdwCleaner[S3].txt - [5611 octets] - [07/11/2014 16:43:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [5671 octets] ##########
Re: Havet - mystartsearch
Uz to tu nemam! Prikladam este zoek log
Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by Majo on pi 07. 11. 2014 at 16:48:17,63.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Majo\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
7. 11. 2014 16:50:20 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A6A3483D-D5BE-4193-8D68-9CAA51CC6C17} deleted successfully
HKEY_USERS\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_USERS\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\prefs.js:
Added to C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs_201407.11._1700_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Battle.net deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\mystartsearch.xml deleted
C:\PROGRA~2\SopCast deleted
C:\Users\Majo\AppData\Roaming\burnaware.ini deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\defaulttab deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Majo\AppData\Local\avgchrome deleted
C:\windows\SysNative\Tasks\89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-5 deleted
C:\windows\SysNative\Tasks\89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-6 deleted
C:\windows\SysNative\Tasks\89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-7 deleted
C:\Users\Majo\AppData\LocalLow\surfcanyon deleted
C:\Windows\tasks\CRGE.job deleted
C:\windows\SysNative\tasks\CRGE deleted
C:\Windows\tasks\DFRBUA.job deleted
C:\windows\SysNative\tasks\DFRBUA deleted
C:\windows\SysNative\tasks\temp_89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-2 deleted
C:\windows\SysNative\tasks\temp_89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-6 deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Majo\AppData\Roaming\CRGE.exe deleted
C:\Users\Majo\AppData\Roaming\DFRBUA.exe deleted
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com deleted
"C:\Users\Majo\AppData\Roaming\CRGE" deleted
"C:\Users\Majo\AppData\Roaming\DFRBUA" deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chromium Look ======================
Bob Marley - Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\alpnhingmddeadgmgjbfefmaanaeifak
AdBlock - Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Majo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Majo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Mcx1-MAJO-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Majo\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=273 folders=61 41063667 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Majo\AppData\Local\Temp will be emptied at reboot
C:\Users\Mcx1-MAJO-PC\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Majo\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on pi 07. 11. 2014 at 17:04:02,08 ======================
Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by Majo on pi 07. 11. 2014 at 16:48:17,63.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Majo\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
7. 11. 2014 16:50:20 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A6A3483D-D5BE-4193-8D68-9CAA51CC6C17} deleted successfully
HKEY_USERS\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_USERS\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\prefs.js:
Added to C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs_201407.11._1700_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\Battle.net deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\mystartsearch.xml deleted
C:\PROGRA~2\SopCast deleted
C:\Users\Majo\AppData\Roaming\burnaware.ini deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\defaulttab deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Majo\AppData\Local\avgchrome deleted
C:\windows\SysNative\Tasks\89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-5 deleted
C:\windows\SysNative\Tasks\89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-6 deleted
C:\windows\SysNative\Tasks\89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-7 deleted
C:\Users\Majo\AppData\LocalLow\surfcanyon deleted
C:\Windows\tasks\CRGE.job deleted
C:\windows\SysNative\tasks\CRGE deleted
C:\Windows\tasks\DFRBUA.job deleted
C:\windows\SysNative\tasks\DFRBUA deleted
C:\windows\SysNative\tasks\temp_89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-2 deleted
C:\windows\SysNative\tasks\temp_89d4da5d-cc3f-4b02-acc7-6cd00e5003e3-6 deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Majo\AppData\Roaming\CRGE.exe deleted
C:\Users\Majo\AppData\Roaming\DFRBUA.exe deleted
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com deleted
"C:\Users\Majo\AppData\Roaming\CRGE" deleted
"C:\Users\Majo\AppData\Roaming\DFRBUA" deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chromium Look ======================
Bob Marley - Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\alpnhingmddeadgmgjbfefmaanaeifak
AdBlock - Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Majo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Majo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Mcx1-MAJO-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Majo\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=273 folders=61 41063667 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Majo\AppData\Local\Temp will be emptied at reboot
C:\Users\Mcx1-MAJO-PC\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Majo\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on pi 07. 11. 2014 at 17:04:02,08 ======================
Re: Havet - mystartsearch
Ak by som sa mohol este opytat.. Ten AdwClener mozem spustit hocikedy? Akoze tak preventivne preskenovat PC? Alebo mi viete odporucit neake ine programy na ochranu ? )
)Re: Havet - mystartsearch
Na ochranu staci antivir a rozum = neklikat na kdejakou blikajici a skakajici blbinu, cist co se instaluje jako doplnky AdwCleaner muzete, ale je to ucelovy skener Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Havet - mystartsearch
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014
Ran by Majo (administrator) on MAJO-PC on 08-11-2014 10:31:51
Running from C:\Users\Majo\Desktop
Loaded Profile: Majo (Available profiles: Majo & Mcx1-MAJO-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [Pocket Navigator Installer 6.0] => C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-12-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [uTorrent] => C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25E9201D678FCE01
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-10-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-07]
CHR Extension: (Dokumenty Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]
CHR Extension: (Disk Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]
CHR Extension: (YouTube) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-12]
CHR Extension: (Hľadať v Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-12]
CHR Extension: (Tabuľky Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-07]
CHR Extension: (AdBlock) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-06]
CHR Extension: (Peňaženka Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.)
R2 MaintainerSvc2.69.9464532; C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe [123672 2014-11-08] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-04] (Electronic Arts)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-04-13] (Mr. John aka japamd) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-16] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 10:31 - 2014-11-08 10:32 - 00018013 _____ () C:\Users\Majo\Desktop\FRST.txt
2014-11-08 10:31 - 2014-11-08 10:31 - 00000000 ____D () C:\FRST
2014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload
2014-11-08 10:29 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Desktop\FRST64.exe
2014-11-08 10:28 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Downloads\FRST64.exe
2014-11-07 17:17 - 2014-11-07 17:17 - 00000000 ____D () C:\Users\Majo\Documents\Sports Interactive
2014-11-07 17:16 - 2014-11-07 17:16 - 00000857 _____ () C:\Users\Majo\Desktop\ehm2007.exe - odkaz.lnk
2014-11-07 17:10 - 2014-11-07 17:10 - 00015536 _____ () C:\Users\Majo\Downloads\[CzT]NHL_Eastside_Hockey_Manager_2007_Soupisky_CSD.torrent
2014-11-07 17:03 - 2014-11-07 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-07 16:49 - 2014-11-07 17:04 - 00011741 _____ () C:\zoek-results.log
2014-11-07 16:48 - 2014-11-07 17:00 - 00000000 ____D () C:\zoek_backup
2014-11-07 16:47 - 2014-11-07 16:47 - 01294848 _____ () C:\Users\Majo\Desktop\zoek.exe
2014-11-07 16:47 - 2014-11-07 16:47 - 00005791 _____ () C:\Users\Majo\Desktop\Nový textový dokument (2).txt
2014-11-07 16:44 - 2014-11-07 17:03 - 00000878 _____ () C:\Windows\PFRO.log
2014-11-07 16:40 - 2014-11-07 16:40 - 01375089 _____ () C:\Users\Majo\Desktop\adwcleaner_3.311.exe
2014-11-07 14:56 - 2014-11-08 10:10 - 00000224 _____ () C:\Windows\setupact.log
2014-11-07 14:56 - 2014-11-07 14:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:45 - 2014-11-07 14:45 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Majo\Desktop\sh-remover.exe
2014-11-07 14:25 - 2014-11-07 14:25 - 03054059 _____ () C:\Users\Majo\Desktop\[CzT]NBA_2K15_2014_.torrent
2014-11-07 14:19 - 2014-11-07 14:19 - 00013978 _____ () C:\Users\Majo\Desktop\[CzT]NHL_Eastside_Hockey_Manager_2007_CZ_.torrent
2014-11-06 20:57 - 2014-11-06 20:57 - 00522240 _____ (OldTimer Tools) C:\Users\Majo\Desktop\OTM.exe
2014-11-06 20:13 - 2014-11-06 20:13 - 00000000 ____D () C:\Users\Majo\Desktop\Marta
2014-11-04 15:29 - 2014-11-04 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-04 15:29 - 2014-11-04 15:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-03 18:56 - 2014-11-03 18:56 - 00014179 _____ () C:\Users\Majo\Desktop\[CzT]Zloba_Kralovna_cerne_magie_Maleficent_2014_CZ_.torrent
2014-11-03 17:41 - 2014-11-08 10:11 - 00000000 ____D () C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c
2014-11-03 16:09 - 2014-11-03 16:09 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\MPMAN CR 100 USB user guide
2014-11-03 16:08 - 2014-11-03 16:08 - 00693720 _____ (Live Soft Action S.R.L.) C:\Users\Majo\Desktop\MPMAN CR 100 USB user guide provided through pdfretriever.com.exe
2014-10-29 20:48 - 2014-10-29 20:48 - 00016305 _____ () C:\Users\Majo\Desktop\[CzT]Pamatkari_The_Monuments_Men_2014_CZ_.torrent
2014-10-29 20:47 - 2014-10-29 20:47 - 00030589 _____ () C:\Users\Majo\Desktop\[CzT]Pamatkari_The_Monuments_Men_2014_CZ_720pHD_.torrent
2014-10-29 20:46 - 2014-10-29 20:47 - 00006662 _____ () C:\Users\Majo\Desktop\The-Monuments-Men-2014-BRRip-XviD-AC3.srt
2014-10-29 11:49 - 2014-10-29 11:49 - 00018242 _____ () C:\Users\Majo\Desktop\[CzT]Doupe_Brick_Mansions_2014_CZ_.torrent
2014-10-29 00:48 - 2014-10-29 00:48 - 00000624 _____ () C:\Users\Majo\Desktop\mapleleafs_hd_ipad (1).m3u8
2014-10-29 00:26 - 2014-11-03 01:36 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\vlc
2014-10-29 00:23 - 2014-10-29 00:23 - 00010431 _____ () C:\Users\Majo\Desktop\hockey (3).luac
2014-10-29 00:23 - 2014-10-29 00:23 - 00010431 _____ () C:\Users\Majo\Desktop\hockey (2).luac
2014-10-29 00:21 - 2014-10-29 00:21 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-29 00:21 - 2014-10-29 00:21 - 00000000 ____D () C:\Users\Majo\Desktop\1414194257320
2014-10-29 00:20 - 2014-10-29 00:21 - 00000000 ____D () C:\NHLStreams
2014-10-29 00:20 - 2014-10-29 00:20 - 00013219 _____ () C:\Users\Majo\Desktop\1414194257320.zip
2014-10-29 00:20 - 2014-10-29 00:20 - 00000000 ____D () C:\Program Files\Java
2014-10-29 00:19 - 2014-11-03 01:32 - 00000915 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-29 00:19 - 2014-10-29 00:19 - 31029672 _____ (Oracle Corporation) C:\Users\Majo\Desktop\jre-7u71-windows-x64 (1).exe
2014-10-29 00:19 - 2014-10-29 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-29 00:19 - 2014-10-29 00:19 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-29 00:18 - 2014-10-29 00:18 - 24658468 _____ () C:\Users\Majo\Desktop\vlc-2.1.5-win64 (1).exe
2014-10-28 19:09 - 2014-10-28 19:09 - 00018595 _____ () C:\Users\Majo\Desktop\[CzT]Vsechny_cesty_vedou_do_hrobu_A_Million_Ways_to_Die_in_the_West_2014_CZ_.torrent
2014-10-28 19:00 - 2014-10-28 19:00 - 00019552 _____ () C:\Users\Majo\Desktop\[CzT]Godzilla_2014_CZ_.torrent
2014-10-27 17:56 - 2014-10-27 17:56 - 00000688 _____ () C:\Users\Public\Desktop\World of Warplanes.lnk
2014-10-27 17:55 - 2014-10-27 17:55 - 09499176 _____ (Wargaming.net ) C:\Users\Majo\Desktop\WoWP_internet_install_eu.exe
2014-10-27 17:31 - 2014-11-03 19:21 - 00000000 ____D () C:\Users\Majo\Desktop\el-suvereno-kral-vs-joker
2014-10-27 17:29 - 2014-10-27 17:30 - 172480743 _____ () C:\Users\Majo\Desktop\el-suvereno-kral-vs-joker.rar
2014-10-23 15:52 - 2014-10-23 15:52 - 00001019 _____ () C:\Users\Majo\Desktop\Sherlock Holmes Crimes and Punishments.lnk
2014-10-23 15:52 - 2014-10-23 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes Crimes and Punishments
2014-10-22 17:29 - 2014-10-22 17:33 - 00000000 ____D () C:\Users\Majo\Documents\CARS
2014-10-22 17:29 - 2014-10-22 17:29 - 00000000 ____D () C:\Users\Majo\Documents\wmd_symbol_cache
2014-10-22 17:20 - 2014-10-22 17:20 - 00000691 _____ () C:\Users\Public\Desktop\Project Cars build 829 x64.lnk
2014-10-22 17:20 - 2014-10-22 17:20 - 00000000 ____D () C:\Users\Public\Desktop x32
2014-10-22 17:20 - 2014-10-22 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Cars build 829
2014-10-22 15:49 - 2014-10-22 15:49 - 00041698 _____ () C:\Users\Majo\Desktop\[CzT]Sherlock_Holmes_Zlocin_a_trest_2014_CZ_EN_.torrent
2014-10-22 15:37 - 2014-10-22 15:37 - 00062637 _____ () C:\Users\Majo\Desktop\[CzT]Project_Cars_Build_829_2014_.torrent
2014-10-22 01:04 - 2014-10-22 01:04 - 21936564 _____ () C:\Users\Majo\Desktop\vlc-2.1.5-win64.7z
2014-10-22 01:04 - 2014-10-22 01:04 - 21936564 _____ () C:\Users\Majo\Desktop\vlc-2.1.5-win64 (1).7z
2014-10-22 01:04 - 2014-10-22 01:04 - 00000000 ____D () C:\Users\Majo\Desktop\vlc-2.1.5-win64
2014-10-22 00:26 - 2014-10-22 00:26 - 00000624 _____ () C:\Users\Majo\Desktop\mapleleafs_hd_ipad.m3u8
2014-10-22 00:26 - 2014-10-22 00:26 - 00000616 _____ () C:\Users\Majo\Desktop\islanders_hd_ipad.m3u8
2014-10-22 00:26 - 2014-10-22 00:26 - 00000616 _____ () C:\Users\Majo\Desktop\islanders_hd_ipad (1).m3u8
2014-10-22 00:10 - 2014-11-02 23:00 - 00000188 _____ () C:\Users\Majo\Desktop\streams.bat
2014-10-22 00:04 - 2014-10-22 00:04 - 00000000 ____D () C:\Users\Majo\Desktop\1413069307983
2014-10-22 00:04 - 2014-10-22 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 00:03 - 2014-10-22 00:03 - 31029672 _____ (Oracle Corporation) C:\Users\Majo\Desktop\jre-7u71-windows-x64.exe
2014-10-22 00:03 - 2014-10-22 00:03 - 00012941 _____ () C:\Users\Majo\Desktop\1413069307983.zip
2014-10-17 13:57 - 2014-10-17 13:57 - 00336336 _____ () C:\Users\Majo\Desktop\Orange_doklad_FR_20141010_CN0206550311_3033217327.zip
2014-10-17 13:57 - 2014-10-17 13:57 - 00000000 ____D () C:\Users\Majo\Desktop\Orange_doklad_FR_20141010_CN0206550311_3033217327
2014-10-15 14:44 - 2014-10-20 11:23 - 00000736 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2014-10-15 14:44 - 2014-10-15 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2014-10-15 07:48 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:48 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:48 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:48 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:48 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:48 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:48 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:48 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:48 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:48 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:48 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:48 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:48 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:48 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:48 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:48 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:48 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:48 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:48 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:48 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:48 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:48 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:48 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:48 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:48 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:48 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:48 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:48 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:48 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:48 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:48 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:48 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:48 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:48 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:48 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:48 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:48 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:48 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:48 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:48 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:48 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:48 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:48 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:48 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:48 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:48 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:48 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:48 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:48 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:48 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:48 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:48 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:48 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:48 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:48 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:48 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:48 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:48 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:48 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:48 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:48 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:48 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:48 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:48 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:48 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:48 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:48 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:48 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:48 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:48 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:48 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:48 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:48 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:48 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:48 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:48 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:48 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:48 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:48 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:48 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:48 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:48 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:48 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:48 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:48 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:48 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:48 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:48 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:48 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:48 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:48 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:48 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:48 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:48 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:48 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:43 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:43 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:43 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 07:42 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:42 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:42 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:42 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:42 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:42 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:42 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:42 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:42 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:42 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:42 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:42 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-11 13:14 - 2014-11-08 10:12 - 00002756 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2014-10-10 01:43 - 2014-10-10 01:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-10 01:43 - 2014-10-10 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 10:31 - 2012-10-12 22:05 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\uTorrent
2014-11-08 10:20 - 2014-05-06 21:03 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job
2014-11-08 10:16 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 10:16 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 10:15 - 2009-07-14 06:13 - 00006394 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 10:14 - 2013-08-08 20:18 - 00000000 ____D () C:\Users\Majo\AppData\Local\LogMeIn Hamachi
2014-11-08 10:13 - 2012-10-12 12:05 - 01944195 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 10:12 - 2012-10-12 12:50 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-11-08 10:12 - 2012-10-12 12:50 - 00000214 _____ () C:\Windows\Tasks\AutoKMS.job
2014-11-08 10:11 - 2012-10-12 13:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 10:11 - 2012-10-12 12:49 - 00078848 _____ () C:\Windows\KMSEmulator.exe
2014-11-08 10:10 - 2014-05-06 21:03 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job
2014-11-08 10:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 17:51 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 17:17 - 2012-10-28 20:18 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\Sports Interactive
2014-11-07 17:13 - 2012-10-12 13:10 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\DAEMON Tools Lite
2014-11-07 17:04 - 2013-10-29 18:38 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-07 17:04 - 2013-05-27 19:39 - 00000008 __RSH () C:\Users\Majo\ntuser.pol
2014-11-07 17:04 - 2012-10-12 12:09 - 00000000 ____D () C:\Users\Majo
2014-11-07 17:00 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-07 17:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-07 16:46 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-07 16:44 - 2013-01-29 15:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-07 16:43 - 2014-10-07 15:45 - 00000000 ____D () C:\AdwCleaner
2014-11-07 16:41 - 2014-10-05 18:32 - 00000753 _____ () C:\Users\Majo\Desktop\Nový textový dokument.txt
2014-11-07 15:17 - 2014-10-07 18:28 - 00000000 ____D () C:\Program Files\trend micro
2014-11-07 14:52 - 2012-12-24 10:49 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\Winamp
2014-11-07 13:31 - 2013-07-14 14:03 - 00000000 ____D () C:\ProgramData\Origin
2014-11-07 13:31 - 2013-07-14 14:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-04 16:25 - 2013-07-14 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-04 15:29 - 2014-06-25 13:35 - 00000886 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-11-03 18:32 - 2014-07-28 11:51 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-03 18:32 - 2014-07-28 11:51 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-03 18:32 - 2012-10-12 13:13 - 00002255 _____ () C:\Users\Majo\Desktop\Google Chrome.lnk
2014-11-03 18:32 - 2012-10-12 12:09 - 00001413 _____ () C:\Users\Majo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-03 17:11 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2014-11-03 16:12 - 2012-12-26 13:46 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-11-01 23:22 - 2013-10-06 22:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-30 17:11 - 2014-10-01 16:09 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1391278517
2014-10-30 17:11 - 2014-02-01 19:15 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-29 20:38 - 2013-02-17 20:40 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\Skype
2014-10-28 06:34 - 2012-10-12 13:11 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 17:56 - 2014-01-12 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
2014-10-27 17:56 - 2012-12-20 19:18 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-27 15:01 - 2014-09-27 09:17 - 00000000 ____D () C:\Users\Majo\Documents\FIFA 15
2014-10-23 15:52 - 2012-11-01 15:49 - 00000000 ____D () C:\Users\Majo\Documents\My Games
2014-10-19 22:50 - 2014-03-04 21:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-19 22:50 - 2012-10-12 12:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-19 10:15 - 2014-05-06 21:03 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0
2014-10-19 10:15 - 2014-05-06 21:03 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553
2014-10-18 05:14 - 2009-07-14 06:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-16 15:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-15 09:56 - 2012-10-12 12:09 - 00111520 _____ () C:\Users\Majo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 09:56 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-15 09:56 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-15 09:53 - 2009-07-14 05:45 - 00436664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 09:50 - 2014-05-06 22:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 08:15 - 2013-08-09 20:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 08:08 - 2012-11-23 00:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-10 01:43 - 2013-02-17 20:40 - 00000000 ____D () C:\ProgramData\Skype
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 15:01
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:78.03 GB) (Free:8.27 GB) NTFS
Drive d: () (Fixed) (Total:853.39 GB) (Free:46.59 GB) NTFS
Available physical RAM: 5457.41 MB
Total physical RAM: 8173.43 MB
Percentage of memory in use: 33%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CA5EC093)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=853.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Majo\Desktop" je 1279 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr
C:\PROGRA~2\Raptr\raptrstub.exe --startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Majo (administrator) on MAJO-PC on 08-11-2014 10:31:51
Running from C:\Users\Majo\Desktop
Loaded Profile: Majo (Available profiles: Majo & Mcx1-MAJO-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [Pocket Navigator Installer 6.0] => C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-12-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [uTorrent] => C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25E9201D678FCE01
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-10-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-07]
CHR Extension: (Dokumenty Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]
CHR Extension: (Disk Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]
CHR Extension: (YouTube) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-12]
CHR Extension: (Hľadať v Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-12]
CHR Extension: (Tabuľky Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-07]
CHR Extension: (AdBlock) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-06]
CHR Extension: (Peňaženka Google) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Majo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.)
R2 MaintainerSvc2.69.9464532; C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c\maintainer.exe [123672 2014-11-08] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-04] (Electronic Arts)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-04-13] (Mr. John aka japamd) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-16] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 10:31 - 2014-11-08 10:32 - 00018013 _____ () C:\Users\Majo\Desktop\FRST.txt
2014-11-08 10:31 - 2014-11-08 10:31 - 00000000 ____D () C:\FRST
2014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload
2014-11-08 10:29 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Desktop\FRST64.exe
2014-11-08 10:28 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Downloads\FRST64.exe
2014-11-07 17:17 - 2014-11-07 17:17 - 00000000 ____D () C:\Users\Majo\Documents\Sports Interactive
2014-11-07 17:16 - 2014-11-07 17:16 - 00000857 _____ () C:\Users\Majo\Desktop\ehm2007.exe - odkaz.lnk
2014-11-07 17:10 - 2014-11-07 17:10 - 00015536 _____ () C:\Users\Majo\Downloads\[CzT]NHL_Eastside_Hockey_Manager_2007_Soupisky_CSD.torrent
2014-11-07 17:03 - 2014-11-07 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-07 16:49 - 2014-11-07 17:04 - 00011741 _____ () C:\zoek-results.log
2014-11-07 16:48 - 2014-11-07 17:00 - 00000000 ____D () C:\zoek_backup
2014-11-07 16:47 - 2014-11-07 16:47 - 01294848 _____ () C:\Users\Majo\Desktop\zoek.exe
2014-11-07 16:47 - 2014-11-07 16:47 - 00005791 _____ () C:\Users\Majo\Desktop\Nový textový dokument (2).txt
2014-11-07 16:44 - 2014-11-07 17:03 - 00000878 _____ () C:\Windows\PFRO.log
2014-11-07 16:40 - 2014-11-07 16:40 - 01375089 _____ () C:\Users\Majo\Desktop\adwcleaner_3.311.exe
2014-11-07 14:56 - 2014-11-08 10:10 - 00000224 _____ () C:\Windows\setupact.log
2014-11-07 14:56 - 2014-11-07 14:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:45 - 2014-11-07 14:45 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Majo\Desktop\sh-remover.exe
2014-11-07 14:25 - 2014-11-07 14:25 - 03054059 _____ () C:\Users\Majo\Desktop\[CzT]NBA_2K15_2014_.torrent
2014-11-07 14:19 - 2014-11-07 14:19 - 00013978 _____ () C:\Users\Majo\Desktop\[CzT]NHL_Eastside_Hockey_Manager_2007_CZ_.torrent
2014-11-06 20:57 - 2014-11-06 20:57 - 00522240 _____ (OldTimer Tools) C:\Users\Majo\Desktop\OTM.exe
2014-11-06 20:13 - 2014-11-06 20:13 - 00000000 ____D () C:\Users\Majo\Desktop\Marta
2014-11-04 15:29 - 2014-11-04 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-04 15:29 - 2014-11-04 15:29 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-03 18:56 - 2014-11-03 18:56 - 00014179 _____ () C:\Users\Majo\Desktop\[CzT]Zloba_Kralovna_cerne_magie_Maleficent_2014_CZ_.torrent
2014-11-03 17:41 - 2014-11-08 10:11 - 00000000 ____D () C:\ProgramData\843b4758-3acb-424f-b9d5-728e4257d28c
2014-11-03 16:09 - 2014-11-03 16:09 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\MPMAN CR 100 USB user guide
2014-11-03 16:08 - 2014-11-03 16:08 - 00693720 _____ (Live Soft Action S.R.L.) C:\Users\Majo\Desktop\MPMAN CR 100 USB user guide provided through pdfretriever.com.exe
2014-10-29 20:48 - 2014-10-29 20:48 - 00016305 _____ () C:\Users\Majo\Desktop\[CzT]Pamatkari_The_Monuments_Men_2014_CZ_.torrent
2014-10-29 20:47 - 2014-10-29 20:47 - 00030589 _____ () C:\Users\Majo\Desktop\[CzT]Pamatkari_The_Monuments_Men_2014_CZ_720pHD_.torrent
2014-10-29 20:46 - 2014-10-29 20:47 - 00006662 _____ () C:\Users\Majo\Desktop\The-Monuments-Men-2014-BRRip-XviD-AC3.srt
2014-10-29 11:49 - 2014-10-29 11:49 - 00018242 _____ () C:\Users\Majo\Desktop\[CzT]Doupe_Brick_Mansions_2014_CZ_.torrent
2014-10-29 00:48 - 2014-10-29 00:48 - 00000624 _____ () C:\Users\Majo\Desktop\mapleleafs_hd_ipad (1).m3u8
2014-10-29 00:26 - 2014-11-03 01:36 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\vlc
2014-10-29 00:23 - 2014-10-29 00:23 - 00010431 _____ () C:\Users\Majo\Desktop\hockey (3).luac
2014-10-29 00:23 - 2014-10-29 00:23 - 00010431 _____ () C:\Users\Majo\Desktop\hockey (2).luac
2014-10-29 00:21 - 2014-10-29 00:21 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-29 00:21 - 2014-10-29 00:21 - 00000000 ____D () C:\Users\Majo\Desktop\1414194257320
2014-10-29 00:20 - 2014-10-29 00:21 - 00000000 ____D () C:\NHLStreams
2014-10-29 00:20 - 2014-10-29 00:20 - 00013219 _____ () C:\Users\Majo\Desktop\1414194257320.zip
2014-10-29 00:20 - 2014-10-29 00:20 - 00000000 ____D () C:\Program Files\Java
2014-10-29 00:19 - 2014-11-03 01:32 - 00000915 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-29 00:19 - 2014-10-29 00:19 - 31029672 _____ (Oracle Corporation) C:\Users\Majo\Desktop\jre-7u71-windows-x64 (1).exe
2014-10-29 00:19 - 2014-10-29 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-29 00:19 - 2014-10-29 00:19 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-29 00:18 - 2014-10-29 00:18 - 24658468 _____ () C:\Users\Majo\Desktop\vlc-2.1.5-win64 (1).exe
2014-10-28 19:09 - 2014-10-28 19:09 - 00018595 _____ () C:\Users\Majo\Desktop\[CzT]Vsechny_cesty_vedou_do_hrobu_A_Million_Ways_to_Die_in_the_West_2014_CZ_.torrent
2014-10-28 19:00 - 2014-10-28 19:00 - 00019552 _____ () C:\Users\Majo\Desktop\[CzT]Godzilla_2014_CZ_.torrent
2014-10-27 17:56 - 2014-10-27 17:56 - 00000688 _____ () C:\Users\Public\Desktop\World of Warplanes.lnk
2014-10-27 17:55 - 2014-10-27 17:55 - 09499176 _____ (Wargaming.net ) C:\Users\Majo\Desktop\WoWP_internet_install_eu.exe
2014-10-27 17:31 - 2014-11-03 19:21 - 00000000 ____D () C:\Users\Majo\Desktop\el-suvereno-kral-vs-joker
2014-10-27 17:29 - 2014-10-27 17:30 - 172480743 _____ () C:\Users\Majo\Desktop\el-suvereno-kral-vs-joker.rar
2014-10-23 15:52 - 2014-10-23 15:52 - 00001019 _____ () C:\Users\Majo\Desktop\Sherlock Holmes Crimes and Punishments.lnk
2014-10-23 15:52 - 2014-10-23 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes Crimes and Punishments
2014-10-22 17:29 - 2014-10-22 17:33 - 00000000 ____D () C:\Users\Majo\Documents\CARS
2014-10-22 17:29 - 2014-10-22 17:29 - 00000000 ____D () C:\Users\Majo\Documents\wmd_symbol_cache
2014-10-22 17:20 - 2014-10-22 17:20 - 00000691 _____ () C:\Users\Public\Desktop\Project Cars build 829 x64.lnk
2014-10-22 17:20 - 2014-10-22 17:20 - 00000000 ____D () C:\Users\Public\Desktop x32
2014-10-22 17:20 - 2014-10-22 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Cars build 829
2014-10-22 15:49 - 2014-10-22 15:49 - 00041698 _____ () C:\Users\Majo\Desktop\[CzT]Sherlock_Holmes_Zlocin_a_trest_2014_CZ_EN_.torrent
2014-10-22 15:37 - 2014-10-22 15:37 - 00062637 _____ () C:\Users\Majo\Desktop\[CzT]Project_Cars_Build_829_2014_.torrent
2014-10-22 01:04 - 2014-10-22 01:04 - 21936564 _____ () C:\Users\Majo\Desktop\vlc-2.1.5-win64.7z
2014-10-22 01:04 - 2014-10-22 01:04 - 21936564 _____ () C:\Users\Majo\Desktop\vlc-2.1.5-win64 (1).7z
2014-10-22 01:04 - 2014-10-22 01:04 - 00000000 ____D () C:\Users\Majo\Desktop\vlc-2.1.5-win64
2014-10-22 00:26 - 2014-10-22 00:26 - 00000624 _____ () C:\Users\Majo\Desktop\mapleleafs_hd_ipad.m3u8
2014-10-22 00:26 - 2014-10-22 00:26 - 00000616 _____ () C:\Users\Majo\Desktop\islanders_hd_ipad.m3u8
2014-10-22 00:26 - 2014-10-22 00:26 - 00000616 _____ () C:\Users\Majo\Desktop\islanders_hd_ipad (1).m3u8
2014-10-22 00:10 - 2014-11-02 23:00 - 00000188 _____ () C:\Users\Majo\Desktop\streams.bat
2014-10-22 00:04 - 2014-10-22 00:04 - 00000000 ____D () C:\Users\Majo\Desktop\1413069307983
2014-10-22 00:04 - 2014-10-22 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 00:03 - 2014-10-22 00:03 - 31029672 _____ (Oracle Corporation) C:\Users\Majo\Desktop\jre-7u71-windows-x64.exe
2014-10-22 00:03 - 2014-10-22 00:03 - 00012941 _____ () C:\Users\Majo\Desktop\1413069307983.zip
2014-10-17 13:57 - 2014-10-17 13:57 - 00336336 _____ () C:\Users\Majo\Desktop\Orange_doklad_FR_20141010_CN0206550311_3033217327.zip
2014-10-17 13:57 - 2014-10-17 13:57 - 00000000 ____D () C:\Users\Majo\Desktop\Orange_doklad_FR_20141010_CN0206550311_3033217327
2014-10-15 14:44 - 2014-10-20 11:23 - 00000736 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2014-10-15 14:44 - 2014-10-15 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2014-10-15 07:48 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:48 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:48 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:48 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:48 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:48 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 07:48 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:48 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:48 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:48 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:48 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:48 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:48 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:48 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:48 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:48 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:48 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:48 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:48 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:48 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:48 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:48 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:48 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:48 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:48 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:48 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:48 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:48 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:48 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:48 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:48 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:48 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:48 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:48 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:48 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:48 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:48 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:48 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:48 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:48 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:48 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:48 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:48 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:48 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:48 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:48 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:48 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:48 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:48 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:48 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:48 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:48 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:48 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:48 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:48 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:48 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:48 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:48 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:48 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:48 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:48 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:48 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:48 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:48 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:48 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:48 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:48 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:48 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:48 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:48 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:48 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:48 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:48 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:48 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:48 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:48 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:48 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:48 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:48 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:48 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:48 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:48 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:48 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:48 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:48 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:48 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:48 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:48 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:48 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:48 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:48 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:48 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:48 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:48 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:48 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:48 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:48 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:48 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:43 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:43 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:43 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 07:42 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:42 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:42 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:42 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:42 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:42 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:42 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:42 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:42 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:42 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:42 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:42 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:42 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-11 13:14 - 2014-11-08 10:12 - 00002756 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2014-10-10 01:43 - 2014-10-10 01:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-10 01:43 - 2014-10-10 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-08 10:31 - 2012-10-12 22:05 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\uTorrent
2014-11-08 10:20 - 2014-05-06 21:03 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job
2014-11-08 10:16 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 10:16 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 10:15 - 2009-07-14 06:13 - 00006394 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 10:14 - 2013-08-08 20:18 - 00000000 ____D () C:\Users\Majo\AppData\Local\LogMeIn Hamachi
2014-11-08 10:13 - 2012-10-12 12:05 - 01944195 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 10:12 - 2012-10-12 12:50 - 00000218 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-11-08 10:12 - 2012-10-12 12:50 - 00000214 _____ () C:\Windows\Tasks\AutoKMS.job
2014-11-08 10:11 - 2012-10-12 13:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 10:11 - 2012-10-12 12:49 - 00078848 _____ () C:\Windows\KMSEmulator.exe
2014-11-08 10:10 - 2014-05-06 21:03 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job
2014-11-08 10:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 17:51 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 17:17 - 2012-10-28 20:18 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\Sports Interactive
2014-11-07 17:13 - 2012-10-12 13:10 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\DAEMON Tools Lite
2014-11-07 17:04 - 2013-10-29 18:38 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-07 17:04 - 2013-05-27 19:39 - 00000008 __RSH () C:\Users\Majo\ntuser.pol
2014-11-07 17:04 - 2012-10-12 12:09 - 00000000 ____D () C:\Users\Majo
2014-11-07 17:00 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-07 17:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-07 16:46 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-07 16:44 - 2013-01-29 15:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-07 16:43 - 2014-10-07 15:45 - 00000000 ____D () C:\AdwCleaner
2014-11-07 16:41 - 2014-10-05 18:32 - 00000753 _____ () C:\Users\Majo\Desktop\Nový textový dokument.txt
2014-11-07 15:17 - 2014-10-07 18:28 - 00000000 ____D () C:\Program Files\trend micro
2014-11-07 14:52 - 2012-12-24 10:49 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\Winamp
2014-11-07 13:31 - 2013-07-14 14:03 - 00000000 ____D () C:\ProgramData\Origin
2014-11-07 13:31 - 2013-07-14 14:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-04 16:25 - 2013-07-14 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-04 15:29 - 2014-06-25 13:35 - 00000886 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-11-03 18:32 - 2014-07-28 11:51 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-03 18:32 - 2014-07-28 11:51 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-03 18:32 - 2012-10-12 13:13 - 00002255 _____ () C:\Users\Majo\Desktop\Google Chrome.lnk
2014-11-03 18:32 - 2012-10-12 12:09 - 00001413 _____ () C:\Users\Majo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-03 17:11 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2014-11-03 16:12 - 2012-12-26 13:46 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-11-01 23:22 - 2013-10-06 22:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-30 17:11 - 2014-10-01 16:09 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1391278517
2014-10-30 17:11 - 2014-02-01 19:15 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-29 20:38 - 2013-02-17 20:40 - 00000000 ____D () C:\Users\Majo\AppData\Roaming\Skype
2014-10-28 06:34 - 2012-10-12 13:11 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 17:56 - 2014-01-12 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
2014-10-27 17:56 - 2012-12-20 19:18 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-27 15:01 - 2014-09-27 09:17 - 00000000 ____D () C:\Users\Majo\Documents\FIFA 15
2014-10-23 15:52 - 2012-11-01 15:49 - 00000000 ____D () C:\Users\Majo\Documents\My Games
2014-10-19 22:50 - 2014-03-04 21:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-19 22:50 - 2012-10-12 12:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-19 10:15 - 2014-05-06 21:03 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0
2014-10-19 10:15 - 2014-05-06 21:03 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553
2014-10-18 05:14 - 2009-07-14 06:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-16 15:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-15 09:56 - 2012-10-12 12:09 - 00111520 _____ () C:\Users\Majo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 09:56 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-15 09:56 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-15 09:53 - 2009-07-14 05:45 - 00436664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 09:50 - 2014-05-06 22:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-15 09:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 08:15 - 2013-08-09 20:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 08:08 - 2012-11-23 00:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-10 01:43 - 2013-02-17 20:40 - 00000000 ____D () C:\ProgramData\Skype
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 15:01
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:78.03 GB) (Free:8.27 GB) NTFS
Drive d: () (Fixed) (Total:853.39 GB) (Free:46.59 GB) NTFS
Available physical RAM: 5457.41 MB
Total physical RAM: 8173.43 MB
Percentage of memory in use: 33%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CA5EC093)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=853.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Majo\Desktop" je 1279 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr
C:\PROGRA~2\Raptr\raptrstub.exe --startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Havet - mystartsearch
Dobre dakujem.
Re: Havet - mystartsearch
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Pocket Navigator Installer 6.0] => C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.) HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-12-24] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [uTorrent] => C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.) BootExecute: autocheck autochk * sdnclean64.exe HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25E9201D678FCE01 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com [Not Found] FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found] FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi [Not Found] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X] C:\Windows\AutoKMS 2014-11-08 10:31 - 2014-11-08 10:32 - 00018013 _____ () C:\Users\Majo\Desktop\FRST.txt 014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe 2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload 2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload 2014-11-08 10:28 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Downloads\FRST64.exe 2014-11-07 17:03 - 2014-11-07 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-11-07 16:49 - 2014-11-07 17:04 - 00011741 _____ () C:\zoek-results.log 2014-11-07 16:48 - 2014-11-07 17:00 - 00000000 ____D () C:\zoek_backup 2014-11-07 16:47 - 2014-11-07 16:47 - 01294848 _____ () C:\Users\Majo\Desktop\zoek.exe 2014-11-07 16:47 - 2014-11-07 16:47 - 00005791 _____ () C:\Users\Majo\Desktop\Nový textový dokument (2).txt 2014-11-07 16:44 - 2014-11-07 17:03 - 00000878 _____ () C:\Windows\PFRO.log 2014-11-07 16:40 - 2014-11-07 16:40 - 01375089 _____ () C:\Users\Majo\Desktop\adwcleaner_3.311.exe 2014-11-07 14:56 - 2014-11-08 10:10 - 00000224 _____ () C:\Windows\setupact.log 2014-11-07 14:56 - 2014-11-07 14:56 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-07 14:45 - 2014-11-07 14:45 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Majo\Desktop\sh-remover.exe 2014-11-06 20:57 - 2014-11-06 20:57 - 00522240 _____ (OldTimer Tools) C:\Users\Majo\Desktop\OTM.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => C:\Program Files (x86)\Google\Update REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Havet - mystartsearch
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-11-2014 01
Ran by Majo at 2014-11-08 20:21:09 Run:1
Running from C:\Users\Majo\Desktop
Loaded Profile: Majo (Available profiles: Majo & Mcx1-MAJO-PC)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Pocket Navigator Installer 6.0] => C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-12-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [uTorrent] => C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25E9201D678FCE01
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi [Not Found]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
C:\Windows\AutoKMS
2014-11-08 10:31 - 2014-11-08 10:32 - 00018013 _____ () C:\Users\Majo\Desktop\FRST.txt
014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload
2014-11-08 10:28 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Downloads\FRST64.exe
2014-11-07 17:03 - 2014-11-07 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-07 16:49 - 2014-11-07 17:04 - 00011741 _____ () C:\zoek-results.log
2014-11-07 16:48 - 2014-11-07 17:00 - 00000000 ____D () C:\zoek_backup
2014-11-07 16:47 - 2014-11-07 16:47 - 01294848 _____ () C:\Users\Majo\Desktop\zoek.exe
2014-11-07 16:47 - 2014-11-07 16:47 - 00005791 _____ () C:\Users\Majo\Desktop\Nový textový dokument (2).txt
2014-11-07 16:44 - 2014-11-07 17:03 - 00000878 _____ () C:\Windows\PFRO.log
2014-11-07 16:40 - 2014-11-07 16:40 - 01375089 _____ () C:\Users\Majo\Desktop\adwcleaner_3.311.exe
2014-11-07 14:56 - 2014-11-08 10:10 - 00000224 _____ () C:\Windows\setupact.log
2014-11-07 14:56 - 2014-11-07 14:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:45 - 2014-11-07 14:45 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Majo\Desktop\sh-remover.exe
2014-11-06 20:57 - 2014-11-06 20:57 - 00522240 _____ (OldTimer Tools) C:\Users\Majo\Desktop\OTM.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => C:\Program Files (x86)\Google\Update
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Pocket Navigator Installer 6.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000 => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com not found.
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com not found.
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi not found.
catchme => Service deleted successfully.
ew_hwusbdev => Service deleted successfully.
gdrv => Service deleted successfully.
huawei_enumerator => Service deleted successfully.
hwdatacard => Service deleted successfully.
RTHDMIAzAudService => Service deleted successfully.
C:\Windows\AutoKMS => Moved successfully.
"C:\Users\Majo\Desktop\FRST.txt" => File/Directory not found.
014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe => Error: No automatic fix found for this entry.
C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload => Moved successfully.
C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload => Moved successfully.
C:\Users\Majo\Downloads\FRST64.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Majo\Desktop\zoek.exe => Moved successfully.
C:\Users\Majo\Desktop\Nový textový dokument (2).txt => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Users\Majo\Desktop\adwcleaner_3.311.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Majo\Desktop\sh-remover.exe => Moved successfully.
C:\Users\Majo\Desktop\OTM.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 278.4 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ran by Majo at 2014-11-08 20:21:09 Run:1
Running from C:\Users\Majo\Desktop
Loaded Profile: Majo (Available profiles: Majo & Mcx1-MAJO-PC)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Pocket Navigator Installer 6.0] => C:\Program Files (x86)\Navigator11\Setup Utility\clickertray.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-12-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\...\Run: [uTorrent] => C:\Users\Majo\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-28] (BitTorrent Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x25E9201D678FCE01
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi [Not Found]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
C:\Windows\AutoKMS
2014-11-08 10:31 - 2014-11-08 10:32 - 00018013 _____ () C:\Users\Majo\Desktop\FRST.txt
014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload
2014-11-08 10:29 - 2014-11-08 10:29 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload
2014-11-08 10:28 - 2014-11-08 10:28 - 02115072 _____ (Farbar) C:\Users\Majo\Downloads\FRST64.exe
2014-11-07 17:03 - 2014-11-07 16:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-07 16:49 - 2014-11-07 17:04 - 00011741 _____ () C:\zoek-results.log
2014-11-07 16:48 - 2014-11-07 17:00 - 00000000 ____D () C:\zoek_backup
2014-11-07 16:47 - 2014-11-07 16:47 - 01294848 _____ () C:\Users\Majo\Desktop\zoek.exe
2014-11-07 16:47 - 2014-11-07 16:47 - 00005791 _____ () C:\Users\Majo\Desktop\Nový textový dokument (2).txt
2014-11-07 16:44 - 2014-11-07 17:03 - 00000878 _____ () C:\Windows\PFRO.log
2014-11-07 16:40 - 2014-11-07 16:40 - 01375089 _____ () C:\Users\Majo\Desktop\adwcleaner_3.311.exe
2014-11-07 14:56 - 2014-11-08 10:10 - 00000224 _____ () C:\Windows\setupact.log
2014-11-07 14:56 - 2014-11-07 14:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:45 - 2014-11-07 14:45 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Majo\Desktop\sh-remover.exe
2014-11-06 20:57 - 2014-11-06 20:57 - 00522240 _____ (OldTimer Tools) C:\Users\Majo\Desktop\OTM.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => C:\Program Files (x86)\Google\Update
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Pocket Navigator Installer 6.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000 => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => value deleted successfully.
HKU\S-1-5-21-10045416-4287872468-1430362162-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-10045416-4287872468-1430362162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\faststartff@gmail.com not found.
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com not found.
C:\Users\Majo\AppData\Roaming\Mozilla\Firefox\Profiles\ki6qkx0d.default\extensions\{01ff3855-4a35-4386-a9e5-851a17533db4}.xpi not found.
catchme => Service deleted successfully.
ew_hwusbdev => Service deleted successfully.
gdrv => Service deleted successfully.
huawei_enumerator => Service deleted successfully.
hwdatacard => Service deleted successfully.
RTHDMIAzAudService => Service deleted successfully.
C:\Windows\AutoKMS => Moved successfully.
"C:\Users\Majo\Desktop\FRST.txt" => File/Directory not found.
014-11-08 10:30 - 2014-11-08 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Majo\Desktop\FRSTLauncher.exe => Error: No automatic fix found for this entry.
C:\Users\Majo\Downloads\Nepotvrdené 398771.crdownload => Moved successfully.
C:\Users\Majo\Downloads\Nepotvrdené 259959.crdownload => Moved successfully.
C:\Users\Majo\Downloads\FRST64.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Majo\Desktop\zoek.exe => Moved successfully.
C:\Users\Majo\Desktop\Nový textový dokument (2).txt => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Users\Majo\Desktop\adwcleaner_3.311.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Majo\Desktop\sh-remover.exe => Moved successfully.
C:\Users\Majo\Desktop\OTM.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf696642b75553.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6966435d0da0.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f =========
Operácia sa úspešne dokončila.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 278.4 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Havet - mystartsearch
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?