Preventivní kontrola

[Max_cz]

Dobrý večer,

prosím o preventivní kontrolu logu, děkuji

Logfile of random's system information tool 1.08 (written by random/random)
Run by Max_cz at 2014-11-17 16:59:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 2 GB (2%) free of 100 GB
Total RAM: 11877 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:59, on 17.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\WhatPulse2\whatpulse.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Max_cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DBE2F43EE8D8F6F39A423576B63A7CDE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Boxcryptor.exe] "C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Age2 Config.lnk = ?
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA9323A2-DCEA-480D-BFDA-455AA9721669}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\windows\syswow64\guard32.dll ,C:\Windows\SysWOW64\nvinit.dll
O21 - SSODL: EldosMountNotificator-cbfs4 - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565} - C:\Windows\SysWOW64\cbfsMntNtf4.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565} - C:\Windows\SysWOW64\cbfsMntNtf4.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\38.0.2125.9\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\38.0.2125.9\remoting_host.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11892 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8b694a35-85bb-416f-91c4-37983ccbb53f -SystemEventPortName:HostProcess-f9d8d3b1-6e4d-49ef-84c7-45a3b12cfa53 -IoCancelEventPortName:HostProcess-fecb8199-6eb2-470f-a3ab-731b499e2920 -NonStateChangingEventPortName:HostProcess-efa5a2c8-976f-4bff-a422-d28c2a1b149f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c809bd01-8e25-42e5-9934-d93840abbed3 -DeviceGroupId:
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 28428832
\??\C:\Windows\system32\conhost.exe "751680131-1784151206-1782652319-1283490552-190750389368196975010193261151790145577
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {F1436772-3A2E-480D-90A8-C5C6F2AFF714}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\38.0.2125.9\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\38.0.2125.9\remoting_host.exe" --type=host --daemon-pipe=676
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="740.0.138830476\642079527" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=DomRel-Enable/enable/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="740.1.1253868918\667283050" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/ --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="740.2.2027647607\2123693475" /prefetch:673131151
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss bea3cee7-10f4-4941-81f6-696a162be303 1
\??\C:\Windows\system32\conhost.exe "636171269-15230778351307745351176336969211781272871871177297408807511069906727
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "2005453688-12807125921565584470-339481897-1657567736-44293136617380260281193309787
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
WLIDSvcM.exe 4600
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6240 CREDAT:275457 /prefetch:2
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-529706889-675040250-4031740840-10003_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-529706889-675040250-4031740840-10003 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
taskeng.exe {9ECFD6E2-E34C-4EC9-99E4-D0D078502469}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe" --shortcut
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Windows\system32\SearchFilterHost.exe" 0 820 824 832 65536 828
"C:\Users\Max_cz\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2014-06-20 295712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"=C:\Program Files (x86)\WhatPulse2\whatpulse.exe [2013-05-03 3039744]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-03-15 1516496]
"GoogleChromeAutoLaunch_DBE2F43EE8D8F6F39A423576B63A7CDE"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-10-22 854344]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"Boxcryptor.exe"=C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [2014-09-02 1063680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2014-10-17 437760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-30 55808]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-13 291608]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

C:\Users\Max_cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Age2 Config.lnk - C:\Program Files (x86)\Age Of Empires 2 & The Conquerors Expansion - Full Game\Data\Aconfig.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
EldosMountNotificator-cbfs4 - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565} - C:\Windows\system32\cbfsMntNtf4.dll [2013-11-15 183080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565} - C:\Windows\system32\cbfsMntNtf4.dll [2013-11-15 183080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"3212083974"=0x504B03047ECDE67B068374BFB5110000004000003B52047F42E5F13FFC79C52065C1BE89B50CD7B4769F60289BFBD984D14110F2D01270B16FC2706B1EDA5D73993A9F916003041E5B35D296126857F9E7251C73D3EFC09701D8D7ADC4610818404E80E342F284FC326FAFF9639EBA1E04B3742F5A9CFF01382A0C43DD64F0C5C72F17491D19AA604C54BAFD81DAB7660098606BC53B2CCFAFCC763E85AF893E2EC927770A5A8FBD749F1FADC9CAC3E32ED081F17F670C361341DCA6E6AAB22F35F8A01BF20D6F281379604DDF2B2D3AAB0475420EA35140CBD4850B5B37D2E0E582569D37AC0AEBFD63622E501F2BF5152FCF27CAACEFC4626FB241DBDA40EF0B12DD6F0AD67E93DFDC1861004081B9D72C75BB44BE9D1E27106103C35A24C81ABFA9A1F77CED3C0382BB7B0CD5005CFD4D9C12BAA0359AFBEE313FE071AFE8703BD92ABE22A0D51F3044C7410D9D6C7AA0337D9B7BBD1F3442DABD7B34DCF6888C18894965A7AC6702C9711F3905F590405B7002133BE6023C1376BB44873357A9555695625CD61A62343DC8928E685FEAE8E040D066B19FAE8E6B1F52EC94EB23382A36F982A5FE7B913C1707AA98145196E1168940B87181ECC84A3D074875B1AA306314B7D0FD77AC5602E656A4FE5F7D1276767A2614E2DE7E291B7729A58732F442E9C09842E7D8E44EB4B81D4A33BB5A0EE4A734289B6D99E87C21BF0248F522B38F8E69C3229F88BE9B8747500A03FE71AF6356476805E77DA5ACF4597917CD0632C1E257EA8EB53847066E8108E99D0FB556B2BF72BB5BED5792373C6486720619E15B5D9810F5783760949E5343C6DD4877637867BEFD768B439297D7E821CFC4BA3980F1CA2279A2E6A459470C6FF28FA2CA7236E81B6E2A1B5C349BCF4729C24388385F42302C6F8475F44F7BA90A1B7E1E10A48047D41BC1136DC51B40CFC85C09AE83F8BA3B01E359FB0241367E5168F48EFC6AF1EF1DC6B0DF6E69B29323CC1CBE73E39F3069C15AB38087A2FDB508518193F867710C6B378AF2F25A8DDCE72F0D61E19E47877F68B78B3E8AF452B22CC5BEA2AC107474689639D23E2789E4D34FD424BEDA096ED4F091B9CCF2E3D041FD6606795D3A09CD04B5ED2AF5BA71F4A01CAE89A4933FB1E08B129138CED63229F7ED9574131F0C0ECE1C5928ED9D4376DE50DDF379DBFC33DC0EB000B6098DE6F92BCE503ADFC75541BF4A6BEC97B298773EF65B60B177214313FC1508ABE30FDE7B48836D334F61047CF5BFF2093E8F380A7986AD8FFA5AC6A8EDB4392968ACAEEA2B0F2889A80D78B30648B4612E6DF2311CBF0FC50B7CAAF81E3E531A821B2A072D2FD2A9BF12170EA48EE2039A61EC4DC1671BDF2B2817786BF981D04F8CCA7771F08808CC38E04856FA22716B10F175786CD6B2E2AFF3B638F4C411E3C0851232DB04FDCBF6648EBAC7169FB7FC75C9D8AF98133F8DAA18E26BCA983977CE3B322106050FF575C707B8808C8A51DD02758ABF52B1DD5101562D5B93BB2461FFE9DCE06E52E2B27E8488DDB006F2783460F435CDF3CB6D1371A91F65497DE6E9B81D63064AF1E5AB31BE290B80A530DE6B094F5042726BF8AA46CD4652B9CB71F89CDD25CA682E6C9E25023C06FA538CA4F3DBC7738F35C0C0912C9CB16F43C8CFFB97981C0032F0C745974F620339D7CBE4C59ADEA630F92D6E6990532F427E795D4D2F6BB18FC35798B4948CAF7E2864D81ADABF22C1AB59AACD406454BAF9FFF5FFC88A35BDE96672513C1A297BA6E16BA1B7805392373FCBA9A2F3FDDA7D165B57560ADAA570693659196630B6519EE9012B76BF73FDBE807085BE5FDEB9EDC93E574396113A80ED04FCA4F572AE01EB8279A4DC9F902BD5CD206223C98DA8FC6F80EDAD25254B831B176CFCB7B83C74F63D1279EC6C69E208B3DD8B30D279ACA6238820E794D7AFED9DE063B8F9B88AC294D08E650CE9B617F6904821BFC7BE177583A90A88AA450FA2E35F6619AA39CF29632DB166D56361E17D5845C71E43B7B2EA63EADE16377FDFC5D51AB1F31CC78D9C1F31D0816C78A25A8A68BA87070B732D9F315E454DCA738C2370B5019765CAADB6B4E8226E83439487DAFBA93EA941E3B7FCB9029F846CA2D702153AC85B91BB8CB296A29662EA2617AF463DC719588CFB7A4E2E68D165ACF08EA0477376661AA1D5377931FBBFB2673C01F7573D2C8201DE8F82810FC456F633D00CA6281F8E991A75979227D2CEDF7400C9D3022CA75278518FAA2CDC4921EC58C2B1EF1D305ADD4C5DD65572F8934F5FD610B3C9DD0DBA0CABC93D46D489B7FA5E676E6A4ED2A5884D179125B9DBCE16A0D8893FCA9DB16DBDE23927CF5711A9917F5FA99DAB133665CA5648BCB61EC2B0EE013944F619E8D14B77D18B489EEBDCA6A57328B40F2C3B2562EEEBE8D67AA29C9884BE2FC81299EB03D257F1CBD26ECAB2C9BA1C843CDFE266BFFE68FE6D2A621FB08319D4D8C78EF4D32322593FB7F8D31B8B19B6CE0D6F0F23BB677643E385EA4F790CF9C6027D8635E95C3EC8AB6D45CBF86D7F2E90D4CD6604DAD3A7AEC95A9CD4621E8668B6D23559044C318528DE2358561CC518E8F2DB291705B5F28B55F0D4FFB19C0B674C84EA3944F0B3F2DAC4A4424ED634B3C93061AA252B1CF059ACE6BD182252F78B21B4416FF9317B04AE61E96EBD96519FC17C5E7612B61554D407AAFDA3799134C8AF4D3EE71354275C769E200DB6FA418CC1C7F3FACBBDEEE35A09E7922525D3CD8BF905678982FD350C19E2EFAB677CB7E465D307FA45BA289532B05BC1DB528C37A61682A555796E61ABE00771D9E9084DF6E5226405522276C7C4AD732A47FD2D0AD1312F71C87021D6E6C07CEB88F53A02EA382957A40FF9CDA815A07298BB3FB48396EE4A1E09894FED5D323267720A369652E125DF77777C75C063FE5C4A4FB18EA9501EF64D82894CE9917BC2D43F10EA1ABCDA1895CCEBA18D1DD0501F63045F0D21E3E1C815FF7B5801CF57A1CB02E4B08742721F172BC756FC4D04BCC6D1C7F1C52BEA83915AF2BF303545A55FF3E601E90AE848CC2AEFBD6880300FBD986A78DA992AD85FB75DA1DAA397DF86E9FE1DBD314AFBF27CBB03BF73D772E7F51EC3D0EB33B50000F1A632245394E0FE98B46891623E6334A4A849E0C5CC9403CC053FD5DA65453B895A0A023F9A4EC8955A41E8F951AE2204DE5FFFB571B2DD29C098B3E7577106F40D39C900E5A1A950330394C8FDDFDC48E6CCAD178B475F440373B950F2BE32CE823F39B2C7AEB524F264460557F26A82211B154B31DFF46765C478AE98E2363F21E28A763CB47BD9CFE4BDAC59B82D7F8BB04D94D65390961B359D61214612E95EEE709CB43CF5F004C54AFDFE78CF7520E3F84EF06F358531EB1D84F49D60ECAF1D4F38AE648EE978B60C6C81B8C833245D0D9F843B7C18C69FA242FD62858779119C115BF332B8DCDE8B66BA55F4175594E1AD2301AF04EC66A9BB71B20FFAD342FBE5E9689142E44C6DDA4BD5929CCF37D5C2B49BEF503B1BC229101123B21772EF939277024CEF39498C44C7FC3E6B7C01C7CDD4A247E758D3AD00D56031A5C7F8ED6DD3F944EF95CB8A98C9F129FDDFB75B2E6E4EB68CC6668AE9706623C58201CF12F027FA0532CB3DA087246E907CA3E3E6CB920FDB3196D404DBB97A667634E67580E231D92D097406F3EC39F62C356B6829FB46DDAB514A4EC7C05B40A4345ED0CC1E003C64EF5173F0771956613397CD5B1D3FAE80F856021BBE38D5B34AB0E476B91FA9A5304B6F38280429930394ACFDBBD4EBDC433E520197142BACF7B87BBDC05CB40FED6BEC2D700D940AF55112506FF365D97CF7B7E9F7A008981DA053C04F3742A6624772D3B6408936C1E3D7704B8BB2A3DF870D468979C46BD733CAA71CAE29010BE57953E149C7C10B81A2690DE5F873C3795BC04ADC4341EE5A5627AB85B70F08F32F1B361BCC834BEFBB3DEE2133EDF1761555CF48E826481D71161955E35094AD217909373981FEF5621176D54C69E4CC72262928E061600C95928D683CD7490E26A8E5AA1AB37AF0D440AC85D26F3557A02FB26BD48DEE04290E3D7B9FEBEBB59294FB0F6E06FED08145856BF52F806C83867EE6B7768DA5F7D6B5787422A3B62EDC670DF90CEB18144D37F549C234DF7E7679D7E00A52CCB77D426881C5E4B3AE86217764664777C0FE81F4AEFD1814C2F66B1F28823F5CB8E6F8F993343D2FD5F9FF88582957460D3EFAFEB5429D23573809BFB2AEB29AB44C2E1EAD93B11EAFAEE46E2888DC1CC2105C6A7999979741486E8D0FFB88D6CD7634E80800A09294EBAC8B4766DC02E2EAC4E6A8330D978C275E19D2C64C48D3162B29A71921449745F9E0BC7CF55CDEE56989ADE2BBB2791BB431833A05D59434DE364B750A2DAE8A37782428EFB41030702FC277181070503D90B230F5807684AC38E4A9C3000B71A8D6CA83F9AB864344269C559DBDFA36766787A3996E496AACB4CA56EDAB9C2BFD92BFF2414AFD0CBF5FB69E6649FAAC544AAEC33C1BE404D50703BC57ECBA53CEBF665AB7A6DE87051F6F9DC47AF14018CBF7878E03522F87B58EB82056BD4853EB3DF2ABF7D14ADD5ED7325E58EF12F4EF6BC7D158AC2CB07CD3CA032E2AA8D99BB31F4FA8DCB37415B61E71DD8E09F2F079E31797A209C65D617B108FE82F95DDD79A5B91BDB076CE8F11E8D07ED92D17B908DC9389C6CE92A48B8335E4C1E8F6EE4DDB207B15DC20E04E50FC5489E060E3BD114BB7AA16A755685A6061C308A46A3ACC746542C0228897C4B203B85B4ACAA87AA134E07CBEDA2EB4284A6CFE35EB3516C4E4739DCA0A8358BB5FD96A636BAF2B962819FE2591011B3158CD54E5972206D26D7D5B31613791B3A805D75771D70015A63F9C3D9FE9DB6561445B8C7F2D051F88C72FB3D57847D3E75EC58F3FE4F8C7F7C1721456E1AEAA943347F8D3D30D1F205AC288FC86CCF6F722A63D710583790C66D698A11BD2889869E37E641B5FAAD681252767ED8D48035F805CBE899130D0C22287E91E6377E9A06BD27E778C0E68589963748773161DFC1D214C53A8B37496D3E6702B1EF6F1FA7FA009C8ABA5D11DFA7D9D89E0C4F29DF89273AD5E8EB6C69FDB236286F86996FFE2CD493184E99A48753A80A57A6ED9B28AAAC9901BC9EFA931C9DC2E6EB1CD4C49A3CF90D76F915C8A41F22D14CC8122A767AC5051030C480DC214F2255FAA48E10A372422399DBA6BBA46A1ACB6DC72505916AE43C326EDE92ADA89898854D27D06843C7814C205F0005E2A03838271920A17C019D68AA34E751FE59762999DAAE538683933705EA529F6863B814D744E6C9FD170CAA646405DDEAE7831566CF81005B832B1B972DEFBB78058BE3657B63A3334AB61B5D465EB355C04585024E42F67725FEE76142830CED8CF98AFA05FBB9FC572E8F7155F2F963574BD49FC9EC34186BA3D48BD99EF8D2DD8C437D0EB2B147236B055B6E6A2CADCC28DC64AEAE270A9749AE7647938502067DB5FAB277880A62F064CD12688752D3B24079DE9BD985C1F16E9B5EAC46EF5D79827B69865BBF8B652A5C2161B9C718AEF0E1F19F8247F5B2247622191FD22B12D0EEA5CB4D957273585257897858F91DBA76405BEA196A7E59B488CA122F4FC4314E611193A20AB08D9CBFEA80F48D3CBDF04346DB79CD1ED4EB7DC3C8EED4CE316516C5596C7DC204A9A0CA08A4E587ECE00E75B0CEAA9F26EAE9C039A6A3F7DB0572050AA864A1E4E233F59101BA22BE52717F6CA23AA4CE2AA11518F8D512F91AFEA3CF3B22443A4A0BF2ACAC8EF572E2667C7EAC01C62C9D111061400F119FFDE950602E3074BAF80699D9A3DA96F8AFF97A407040CDEC110212A8963A5669BFAF90851C56AE1C226C1A8F630A635D1343E3E4446DB83599F913C0619B7913EEAD173075C32C301526503261CA4416FBC8BA7BEE960D98C4C244FDE30DDF5ABB3163E82ACD44A44ED24E74B3F98B29E6C481B3410BA08A39D3BF22D9B47114E04AA21A7D73B4A90F983231C0A7384B159AB760B923A548A7D0D925E76A35EF302B7859D8E40FB77B7C04A6F2CC7B08481CA35545A2D6C4D606EB1100F03C9083A5F957561920B930685C4E6FD049C30C8BEE18D8867B00BFA4F8432F05EAA5780E6DB2E4D3D767E9DBF1CE28D987DEB1C7F1AE21117B6BF6A32537C8457693C04F8802B57743A9DDD821F10098FE3EAB3934356FC8C24C0C35F92865C62F62DE06EAC6ED8884AA38351A2F5E8FB6E8D22DE672871416C2BA4E44C477EC25D04C35F549356DC20BE1CC0F44771C22366914304B08E6B5C3AEFA2D019E3E74B5D2F4724F71F47CD6548CF3FCC4DED193D9A2F57FD8CCCD94786885043F4721FFEA6277AAF2EC46B61432C3BD4881B6D9CD83983625627495D69
"301548880"=0x504B0304AF7CB8A05045F9114D070000003000003B52047F42E5F13FFC79C52065C1BE89B50CD7B476AF60289BFBD984D14110F2D01270B16FC2706B1EDA5D73993A9F916003041E5B35D296126857F9E7251C73D3EFC09701D8D7ADC4610818404E80E342F284FCC62EF128637FC2E8C4BCA51047A1E7D4571A1B18398F5F6B8E44D035A4CCC9A90C3BB2918F07633260A7770E0427505D9CD9DA45ABCE52680F80227AB6A4A6FEEC46B28564B327068008C1414A62D614AB6ADEAF538D4A6E4C4457E580BDA094361769D31091635792ADBBAC2464154AB1992C3A4D3F400B30D04F9F52954A909B6FFFDB1ED00C4B7708859BE4B769E45268B4A29FD7F85D0EB3DE7520E048F9636B469B3C05C2594F20453EE26EBA7F2E3E0074DB8B2BA76D8A4D8575BE24C65EE067ECC4921305585AE8110062C56A169070C33AE4AC318102B910A1BC96C2B479BED046D12DCD65C7B8B49231F9588A25B97EF6397A8A683D88DDD5F6E8648A7407EBDEE65A3F92DCAA580C74B698329AE3561EE66B016317963362202B9152D880D593BC760DE140BF53F283000BB3D036B78613B68311AF34D07916FE46202F896D4C0153873C1820E110BA155E3945930E95743AF650935078D9B6AB2C289260330DBC50C99E8789CA6B50B6707688798A9F81A2CEF8B40F96F8FD9E01C00774815B4DF8CA235935793FEB99D13BD3AAE3FEB2434540B740367533DC9C8E2A664A520ACFBC0A7EDA4BB5D97663F0A088CE0AB05587CA95911BD5CF90B2E4B4DFA0DEB8CE53F231BEB500C1778C0F6FC86E11D923FE1C8A798ECDA6D9628A23E81E3B3397E94B54ABA069EBE76BE1B47DFFE1A6C7F3C07159502C9552191D5BDD6CA76BF6A1B198516ABD7EA57C39C606F0E58BEC5E2C60E5D44648B3467E52DE69104130D39543048DE50A9738EDA2A12025CDAC3BFC025787979077961B958A7E1254CDA2C24A4EF29A72719CD8FF7407AF8A8D2147C2000AD3BAF6C0B40D699DBFA4230EA22EDFB5631AE4A5C58EA9CB86E5A873FF7AF22D790B354663056DFF36F8B04E17858CEAEC8EDD8EDDC4A6733DB3E33E3DD99F8769EAFA4429A2CF28C67C71C93BBBFE4D2FADA1710343B4CFB8C1376FAE0B06047757F704AEDFAA25CE0DF9E0F8CB3D6375E9C593F343A3B5FE3B0425EA947A5BB37C406B3A7C57AFFC944C008AD8D5AE59AC8B5DA282396CCEE7CF526ACE85FFD8F89EE76633E49D3662F41DF79F286E8D399ADF02A598FCA2EA3225FFC4F412E30C738E07FDCEFD08887BC8658B6AE2EC8820F4B481374042229DA9978A251D7B7497619989FA2A8652E680AF13CD32FDFFA5DF97CC3AC979B034921488C9835FDBC708F5A8B407980F4953D27FEF86B4FC331B4308A2404E064F84EED4092CE9978788CE0C46F07560A8123DF5471CDA1C34ABE85387515D27A7AC43EBAB84DEBDD29914A7DBD84876732EE9D36590CB2637B6D009C7A38EAE497D8DAFFDAA60BFC8A40D8D1753D59EC9E843511B2A1EB9907DD2E37D12C6FBCE80738A27A8BCC42ACB1150C13C6BAB2470E39819FE105531D9FF216783E956B0ECE48DA8DAD19856D2A95578A2350778AEB0A2BA7C180AD03725567A5B9C21AECAFED79CB610F92A596AA4570C4A9A25EEA1955A6695B2A3928FC8F0B58DBC93A85808DDCE0CFFCB7E4B20C78806B5174DDA44DF1699DE57D766120C93ED41F4D31C18710B6C107B846FEFE4E95A560A6BCC2CC6DAC04FC151AD1751B4278A54D0C2671F409C8575672B78B5E3EA28A4D2086452BD643D831FB68575605CCD6935EB9EB2886D197B646AB3D2A0421DB12FA59E5B48569E599B0275E399A90D90CB5CF6EAB915BA8CA139A4F6955EB0A986CBBD2C5F1EB9D22A057ADBE72916EE282BAD46CCE642A1CD18AF9BF42A6F4DC3D175A78DDED1670447A99AB7FF4D11165EBB9FC0B4B438A1D9D793B266F3356F29B7D9D882E4097A0969540127F55D8B8918245BBFCA9DC8290D14F4ECA4921B397FA4E6A16155723DD25185457064A4D13CCB64060A06348651D2E199DEB7C1DC31E7718F5A6A658DB30C807ADF416E731F1BCC5B0D59B4B81A09AECC83A332F5932463DE6DCC5DE27FF08100DF6EFB3F8CADE43C72B644994B30A485BBEFD00E23434FCF55C54D952E599FE56A408361BAF91DA4B4671F2690635BAF56169A48ABA11410361DB920FB97AFEFD94D035A161A6D8AF2F2E3124C0914883B81A5D31BEA60B6E7F8A0D2834787687BBB059877A257D21A0A3B448D291229512DEB08892C541567E0C33B6932C3D1B4C9D57DC4C76FFF23D224082BD98E4060A28F72A6D89EA7197A08CD985C2892BD87AF5DED9BDE907591BA9A5143A7A7E0D2C34322C70B74623A66B705DDC5130B80380BB12C3EC6106F3D0CB70560847BEE211512578A56FEB5DDF09E01CA45C1AC19E6C58C1D87CADBD573C0E8EDD833A51D1707CC03011FD5503CA2E34EDE0B9DDEDF94E5ACE167811CC3C66C52F9AB70DB1C8B7197BAA7F49539157D417DF2DC3773DF370573D58CC5D79106C72FB4154BC19E2EA5BC4074B28F99237B99D08C1C2AF809866962D8A81486A9D9135D70E40FFC2ACFBEB7D5C644359CBC56636F7812F4A3920C9BBFFEC497CCD5F4D7DDB1DAC1FF2A8C9D42ACFCFC80C49FAE679CD7

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\SysWOW64\msiexec.exe"="C:\Windows\SysWOW64\msiexec.exe:*:Generic Host Process"
"C:\Windows\SysWOW64\svchost.exe"="C:\Windows\SysWOW64\svchost.exe:*:Generic Host Process"
"C:\Users\Max_cz\AppData\Roaming\ZQPV2L7C2K.exe"="C:\Users\Max_cz\AppData\Roaming\ZQPV2L7C2K.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2014-11-17 16:59:53 ----D---- C:\rsit
2014-11-17 12:45:37 ----D---- C:\ProgramData\VS Revo Group
2014-11-17 12:29:22 ----D---- C:\Users\Max_cz\AppData\Roaming\ProductData
2014-11-17 12:28:12 ----D---- C:\Users\Max_cz\AppData\Roaming\Apple Computer
2014-11-17 12:27:37 ----D---- C:\ProgramData\ProductData
2014-11-17 12:26:06 ----D---- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-11-17 12:25:28 ----D---- C:\ProgramData\IObit
2014-11-17 12:25:09 ----D---- C:\Program Files (x86)\IObit
2014-11-17 12:25:07 ----D---- C:\Users\Max_cz\AppData\Roaming\IObit
2014-11-14 19:10:23 ----D---- C:\Program Files (x86)\Age Of Empires 2 & The Conquerors Expansion - Full Game
2014-11-14 18:54:22 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-14 18:54:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-14 18:54:22 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-14 18:54:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-14 18:54:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-14 18:54:22 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-14 18:54:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-14 18:54:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-14 18:54:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-14 18:54:21 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-14 18:54:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-14 18:54:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-14 18:54:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-14 18:54:21 ----A---- C:\Windows\system32\iernonce.dll
2014-11-14 18:54:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-14 18:54:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-14 18:54:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-14 18:54:19 ----A---- C:\Windows\system32\urlmon.dll
2014-11-14 18:54:19 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-14 18:54:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-14 18:54:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-14 18:54:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-14 18:54:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-14 18:54:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-14 18:54:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-14 18:54:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-14 18:54:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-14 18:54:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-14 18:54:17 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-14 18:54:16 ----A---- C:\Windows\system32\iesetup.dll
2014-11-14 18:54:16 ----A---- C:\Windows\system32\iertutil.dll
2014-11-14 18:54:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-14 18:54:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-14 18:54:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-14 18:54:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-14 18:54:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-14 18:54:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-14 18:54:15 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-14 18:54:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-14 18:54:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-14 18:54:14 ----A---- C:\Windows\system32\ieui.dll
2014-11-14 18:54:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-14 18:54:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-14 18:54:13 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-14 18:54:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-14 18:54:13 ----A---- C:\Windows\system32\ieframe.dll
2014-11-14 18:54:12 ----A---- C:\Windows\system32\wininet.dll
2014-11-14 18:54:12 ----A---- C:\Windows\system32\vbscript.dll
2014-11-14 18:54:12 ----A---- C:\Windows\system32\jscript9.dll
2014-11-14 18:54:11 ----A---- C:\Windows\system32\msrating.dll
2014-11-14 18:54:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-14 18:54:10 ----A---- C:\Windows\system32\mshtml.dll
2014-11-14 18:53:53 ----A---- C:\Windows\system32\generaltel.dll
2014-11-14 18:53:53 ----A---- C:\Windows\system32\aepdu.dll
2014-11-14 18:53:52 ----A---- C:\Windows\system32\aeinv.dll
2014-11-14 18:53:17 ----A---- C:\Windows\system32\termsrv.dll
2014-11-14 18:53:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-14 18:53:16 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-14 18:53:16 ----A---- C:\Windows\system32\adtschema.dll
2014-11-14 18:53:15 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-14 18:53:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-14 18:53:14 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-14 18:53:14 ----A---- C:\Windows\system32\msaudite.dll
2014-11-14 18:53:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-14 18:48:04 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-14 18:48:04 ----A---- C:\Windows\system32\msxml3.dll
2014-11-14 18:48:03 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-14 18:48:03 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-14 18:48:02 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-14 18:48:01 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-14 18:47:59 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-14 18:47:59 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-14 18:47:59 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-14 18:47:59 ----A---- C:\Windows\system32\EncDump.dll
2014-11-14 18:47:59 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-14 18:47:59 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-14 18:47:59 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-14 18:47:59 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-14 18:47:52 ----A---- C:\Windows\system32\schannel.dll
2014-11-14 18:47:51 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-14 18:47:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-14 18:47:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-14 18:47:50 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-14 18:47:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-14 18:47:50 ----A---- C:\Windows\system32\kerberos.dll
2014-11-14 18:47:49 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-14 18:47:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-14 18:47:49 ----A---- C:\Windows\system32\wdigest.dll
2014-11-14 18:47:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-14 18:47:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-14 18:47:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-14 18:47:48 ----A---- C:\Windows\system32\credssp.dll
2014-11-14 18:47:16 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-14 18:47:16 ----A---- C:\Windows\system32\packager.dll
2014-11-14 18:47:15 ----A---- C:\Windows\system32\win32k.sys
2014-11-14 18:47:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-14 18:47:13 ----A---- C:\Windows\system32\msi.dll
2014-11-14 18:46:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-14 18:46:55 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 19:51:39 ----D---- C:\Windows\SYSWOW64\NV
2014-11-12 19:51:39 ----D---- C:\Windows\system32\NV
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-12 19:49:15 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvdispco6434465.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-12 19:49:15 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-11-12 19:49:15 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-07 17:32:59 ----HD---- C:\ProgramData\CanonIJScan
2014-11-07 17:29:49 ----D---- C:\ProgramData\Canon IJ Network Tool
2014-11-07 17:29:41 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2014-11-07 17:29:39 ----A---- C:\Windows\SYSWOW64\CNC_B9U.dll
2014-11-07 17:29:39 ----A---- C:\Windows\SYSWOW64\CNC_B9L.dll
2014-11-07 17:26:57 ----D---- C:\Windows\system32\STRING
2014-11-07 17:26:57 ----A---- C:\Windows\SYSWOW64\CNMNPPM.DLL
2014-11-07 17:26:57 ----A---- C:\Windows\system32\CNMN6UI.DLL
2014-11-07 17:26:57 ----A---- C:\Windows\system32\CNMN6PPM.DLL
2014-11-07 17:26:51 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2014-11-07 17:25:55 ----HD---- C:\Program Files\CanonBJ
2014-11-07 17:00:38 ----D---- C:\Program Files\Common Files\CANON
2014-10-25 12:23:45 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 months======

2014-11-17 16:59:58 ----D---- C:\Program Files\trend micro
2014-11-17 16:59:06 ----D---- C:\Users\Max_cz\AppData\Roaming\FileZilla
2014-11-17 16:57:20 ----D---- C:\Users\Max_cz\AppData\Roaming\uTorrent
2014-11-17 16:56:10 ----D---- C:\Windows\Temp
2014-11-17 16:55:23 ----D---- C:\Windows\system32\config
2014-11-17 16:53:00 ----D---- C:\Windows\System32
2014-11-17 16:53:00 ----D---- C:\Windows\inf
2014-11-17 16:53:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-17 16:50:58 ----D---- C:\Windows\SoftwareDistribution
2014-11-17 16:44:16 ----D---- C:\Windows\system32\catroot2
2014-11-17 16:43:48 ----AD---- C:\Windows
2014-11-17 16:43:31 ----D---- C:\Windows\debug
2014-11-17 16:28:52 ----D---- C:\Program Files (x86)\The KMPlayer
2014-11-17 13:01:26 ----RD---- C:\Program Files
2014-11-17 13:01:24 ----D---- C:\Windows\system32\drivers
2014-11-17 12:56:44 ----D---- C:\Windows\system32\Tasks
2014-11-17 12:48:54 ----D---- C:\Windows\SysWOW64
2014-11-17 12:48:51 ----SHD---- C:\Windows\Installer
2014-11-17 12:48:51 ----D---- C:\Users\Max_cz\AppData\Roaming\Seznam.cz
2014-11-17 12:45:37 ----HD---- C:\ProgramData
2014-11-17 12:40:14 ----SHD---- C:\System Volume Information
2014-11-17 12:39:19 ----D---- C:\Windows\Panther
2014-11-17 12:27:49 ----D---- C:\Windows\Tasks
2014-11-17 12:25:28 ----D---- C:\Program Files (x86)\Common Files
2014-11-17 12:25:09 ----RD---- C:\Program Files (x86)
2014-11-15 15:03:06 ----D---- C:\Windows\Microsoft.NET
2014-11-15 15:00:56 ----RSD---- C:\Windows\assembly
2014-11-15 14:16:38 ----D---- C:\Windows\system32\NDF
2014-11-15 14:10:30 ----D---- C:\Windows\winsxs
2014-11-15 03:25:23 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 03:25:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 03:25:19 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 03:25:18 ----D---- C:\Program Files\Internet Explorer
2014-11-15 03:25:17 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 03:25:17 ----D---- C:\Windows\system32\en-US
2014-11-15 03:25:15 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 03:06:50 ----D---- C:\Windows\system32\MRT
2014-11-15 03:02:02 ----A---- C:\Windows\system32\MRT.exe
2014-11-14 19:13:34 ----RSD---- C:\Windows\Fonts
2014-11-12 21:14:42 ----D---- C:\Windows\Prefetch
2014-11-12 21:14:41 ----D---- C:\Program Files (x86)\Google
2014-11-12 21:12:24 ----D---- C:\Windows\system32\drivers\UMDF
2014-11-12 21:10:44 ----ASD---- C:\ProgramData\Microsoft
2014-11-12 20:58:31 ----D---- C:\Users\Max_cz\AppData\Roaming\Media Player Classic
2014-11-12 20:58:16 ----D---- C:\Windows\Logs
2014-11-12 20:58:15 ----D---- C:\Windows\Minidump
2014-11-12 19:51:37 ----D---- C:\ProgramData\NVIDIA
2014-11-12 19:50:15 ----D---- C:\Windows\system32\DriverStore
2014-11-07 17:39:46 ----D---- C:\Users\Max_cz\AppData\Roaming\Skype
2014-11-07 17:33:44 ----HD---- C:\ProgramData\CanonIJMIG
2014-11-07 17:32:59 ----D---- C:\Users\Max_cz\AppData\Roaming\Canon
2014-11-07 17:29:53 ----D---- C:\Program Files (x86)\Canon
2014-11-07 17:29:41 ----RSD---- C:\Windows\Media
2014-11-07 17:29:35 ----D---- C:\Windows\twain_32
2014-11-07 17:21:40 ----D---- C:\ProgramData\Skype
2014-11-07 17:00:38 ----D---- C:\Program Files\Common Files
2014-11-04 01:04:30 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-11-04 01:04:30 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-04 01:04:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-04 01:04:30 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-04 01:04:30 ----A---- C:\Windows\system32\OpenCL.dll
2014-11-04 01:04:30 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-04 01:04:30 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-04 01:04:30 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-03 23:02:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-11-03 23:02:41 ----A---- C:\Windows\system32\nvsvc64.dll
2014-11-03 23:02:38 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2014-11-03 23:02:38 ----A---- C:\Windows\system32\nvvsvc.exe
2014-11-03 23:02:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-11-03 23:02:38 ----A---- C:\Windows\system32\nvshext.dll
2014-11-03 23:02:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-11-03 23:02:38 ----A---- C:\Windows\system32\nv3dappshextr.dll
2014-11-03 23:02:38 ----A---- C:\Windows\system32\nv3dappshext.dll
2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-29 00:14:51 ----D---- C:\Windows\rescache
2014-10-22 20:30:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-20 21:02:07 ----D---- C:\Users\Max_cz\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-13 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-11-04 32576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-03-15 231376]
R1 cbfs4;cbfs4; \??\C:\Windows\system32\drivers\cbfs4.sys [2013-11-15 387776]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-19 283064]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 5U877;5U877; C:\Windows\system32\DRIVERS\5U877.sys [2012-03-28 216704]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-09-05 54528]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-13 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-13 789272]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-02-20 11471872]
R3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-03-18 33008]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 vpnpbus;EldoS PnP Virtual Bus driver; C:\Windows\system32\DRIVERS\vpnpbus.sys [2013-11-15 18624]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2011-06-27 1310720]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1148744]
R2 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\38.0.2125.9\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\38.0.2125.9\remoting_host.exe [2014-08-21 51016]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-09-05 66344]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-06-20 59168]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2012-08-25 127072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-06-20 72992]
R2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-06-20 197408]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-03 935232]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-05-15 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2012-12-05 125504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-04 2630432]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-11 114288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Roli]

Zdravím, odinstaluj IObit a Pandora.TV.


Tohle :

C:\Users\Max_cz\AppData\Roaming\ZQPV2L7C2K.exe

otestuj na VIRUSTOTAL

(po načtení stránky klikni na tlačítko Procházet - Choose File, najdi cestu k výše zmíněnému souboru

nebo tam výše zmíněný text nakopíruj a klikni na tlačítko Odeslat soubor - Scan It!

trvá to okolo deseti minut pak mi sem zkopíruj link, to je ten řádek nahoře v prohlížeči)

Pokud ti to napíše že soubor již byl testován nech Otestovat znovu - Reanalyse.

[Max_cz]

Iobit nevidím k odinstalaci a pandora TV je KMPlayer, který používám na přehrávání čehokoli
Zde link https://www.virustotal.com/cs/file/6df9 ... 416244062/

[Roli]

Iobit nevidím k odinstalaci

IObit jsi tam někdy měl a jsou tam po něm zbytky - odmažem.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Program Files (x86)\IObit
C:\ProgramData\IObit
C:\Users\Max_cz\AppData\Roaming\IObit

:services
LiveUpdateSvc

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

pandora TV je KMPlayer, který používám na přehrávání čehokoli

Pozor Pandora.TV se instaluje ke KMPlayeru zvlášť a nemá s ním nic společného.

Pokud jej nevidíš k odinstalaci přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

PandoraService

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

Zde link ......... ZQPV2L7C2K.exe

Je to v pořádku, ale stejně by mě zajímalo co to je, Ty to víš ?

[Max_cz]

Omlouvám se za pozdní reakci, až teď sem se dostal k internetu...

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Program Files (x86)\IObit\Surfing Protection\Database folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection\Database folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\update folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\Language folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate folder moved successfully.
C:\Program Files (x86)\IObit\IObit Uninstaller folder moved successfully.
C:\Program Files (x86)\IObit folder moved successfully.
C:\ProgramData\IObit\ASCDownloader folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V8\Startup Manager folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V8\Homepage Protection folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V8 folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare V7 folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\IObit Uninstaller\UMLog folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Startup Manager\ShortcutPublic folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Startup Manager\Shortcut folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Startup Manager folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\ProgramDeactivator folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Log folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Internet Booster folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Homepage Protection folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\boottime folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8\Backup folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V8 folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit\Advanced SystemCare V7 folder moved successfully.
C:\Users\Max_cz\AppData\Roaming\IObit folder moved successfully.
========== SERVICES/DRIVERS ==========
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Max_cz
->Temp folder emptied: 135365460 bytes
->Temporary Internet Files folder emptied: 13638103 bytes
->FireFox cache emptied: 5335515 bytes
->Google Chrome cache emptied: 241360827 bytes
->Flash cache emptied: 592 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6231030 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 271499 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 384,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11222014_100957

... Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

Hotovo

Zde link ......... ZQPV2L7C2K.exe

Je to v pořádku, ale stejně by mě zajímalo co to je, Ty to víš ?

Netuším....

Díky za pomoc

[Roli]

Zde link ......... ZQPV2L7C2K.exe

Je to v pořádku, ale stejně by mě zajímalo co to je, Ty to víš ?

Netuším....

Pokud netušíš, tím pádem asi nepoužíváš asi bys to mohl smáznout.


Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Pak dej vědět jaký je stav PC.

[Max_cz]

Smazáno, vyčištěno, poznatky na PC lehce se vše zrychlilo, takže spokojenost

Díky

[Roli]

Díky

Není zač a