změnila se mi plocha

Zpráva

cer.cer · #1 Příspěvek od **cer.cer** » 05 pro 2014 17:59

Dobrý den, zapnu pc a najednou mám úplně jinou tapetu plochy, nikdo přes můj pc mi to změnit nemohl, je možné, že to je nějaký vir ?

#2 Příspěvek od **Rudy** » 05 pro 2014 18:52

Zdravím!
Nemáte náhodou nainstalován nějaký soft, který automaticky mění motivy plochy? U win7 a vyšších je to součást systému.

cer.cer · #3 Příspěvek od **cer.cer** » 05 pro 2014 18:57

Nevím, nic jsem si takového neinstaloval a i kdyby to byl nějaká měnič, tak myslím, že by vybral nějakou lepší tapetu. Změnila se mi tapeta na černou plochu

#4 Příspěvek od **Rudy** » 05 pro 2014 19:03

Jaký máte oper. systém?

cer.cer · #5 Příspěvek od **cer.cer** » 05 pro 2014 19:12

cer.cer · #6 Příspěvek od **cer.cer** » 05 pro 2014 19:38

nevíte, co by to mohlo být?

#7 Příspěvek od **Rudy** » 05 pro 2014 20:08

Koukneme, co v systému běží. Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

cer.cer · #8 Příspěvek od **cer.cer** » 05 pro 2014 20:29

Logfile of random's system information tool 1.10 (written by random/random)
Run by cce at 2014-12-05 20:15:56
Microsoft Windows 8
System drive C: has 154 GB (66%) free of 233 GB
Total RAM: 3911 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:22:29, on 5. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\jakub\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.10\ScriptHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ORJ-SPE ... psv=&pt=tb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12273 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-1335-a779ff7afb28 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 76189670160
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll" /prefetch:1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhostex.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /c /a /s UserSession
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2164
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\mmm\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe" /MINST
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Users\mmm\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe" /MINST
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4316.0.1420796074\51049607" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4316.2.1228721912\567476784" /prefetch:673131151
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.10\ScriptHelper.exe" --parent-window=0 chrome-extension://chfdnecihphmhljaaejmgoiahnihplgn/ < \\.\pipe\chrome.nativeMessaging.in.8d59ac0b8ae8dd42 > \\.\pipe\chrome.nativeMessaging.out.8d59ac0b8ae8dd42
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.10\ScriptHelper.exe" --parent-window=0 chrome-extension://chfdnecihphmhljaaejmgoiahnihplgn/
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4316.116.1459716278\142547936" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4316.137.1023600385\1045839126" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4316.144.1208230140\1407230421" /prefetch:673131151
"C:\Users\mmm\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4316.155.1933049100\627757756" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4316.157.1476441018\1742513168" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4316.161.824441805\1183758836" /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2014-10-30 13720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-10-30 12184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26 392336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll [2014-11-21 2369560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2014-10-30 13720]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-10-30 12184]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-11-21 3060248]

C:\Users\mmm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\mmm\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:12:08 ----D---- C:\ProgramData\AVG Security Toolbar
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:47 ----D---- C:\ProgramData\AVG Secure Search
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\mmm\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\mmm\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\mmm\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\NotificationUI.exe
2014-11-15 20:35:45 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka

======List of files/folders modified in the last 1 month======

2014-12-05 20:18:51 ----D---- C:\Windows\Temp
2014-12-05 20:16:10 ----D---- C:\Windows\Prefetch
2014-12-05 20:15:57 ----RD---- C:\Program Files
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-05 17:50:39 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-03 18:46:25 ----RD---- C:\Program Files (x86)
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----RD---- C:\Windows\System32
2014-11-27 18:37:11 ----D---- C:\Windows\Inf
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\mmm\AppData\Roaming\Microsoft
2014-11-24 16:37:01 ----D---- C:\Windows\system32\config
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 14:00:04 ----D---- C:\Windows\system32\Tasks
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 12:44:53 ----D---- C:\Windows\SysWOW64
2014-11-21 12:40:54 ----HD---- C:\ProgramData
2014-11-21 12:12:58 ----D---- C:\Windows\Tasks
2014-11-21 12:11:51 ----D---- C:\Windows\system32\Drivers
2014-11-21 12:11:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-21 11:50:15 ----HD---- C:\Windows\ELAMBKUP
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-21 11:48:38 ----SHD---- C:\System Volume Information
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-20 06:26:23 ----D---- C:\Windows\WinSxS
2014-11-19 15:59:17 ----D---- C:\Windows\CbsTemp
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [2014-10-17 1587416]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [2014-02-21 162392]
R3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-20 487216]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-20 142640]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20141118.003\IDSvia64.sys [2014-11-18 637656]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [2014-08-26 37592]
R3 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [2014-08-26 493656]
R3 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [2014-08-26 1148120]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2014-10-22 177752]
R3 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [2014-08-06 266968]
R3 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [2014-08-26 593112]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141118.050\ENG64.SYS [2014-08-11 129752]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141118.050\EX64.SYS [2014-08-11 2137304]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [2014-08-26 876248]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
S4 SymELAM;Symantec ELAM Driver; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [2014-08-26 23568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-30 166296]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [2014-09-21 276376]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [2014-11-21 1849368]
R3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------

cer.cer · #9 Příspěvek od **cer.cer** » 05 pro 2014 20:33

info.txt logfile of random's system information tool 1.10 2014-12-05 20:22:33

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000CB9F63EB000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\Uninstall.exe"
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\WildGames\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"
Aloha TriPeaks-->"C:\Program Files (x86)\WildGames\Aloha TriPeaks\uninstall\uninstaller.exe"
AVG 2015-->"C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" /AppMode=SETUP /Uninstall /UDS=1
AVG 2015-->MsiExec.exe /I{41357956-5B67-489C-9F7D-FABACC2CD3CB}
AVG 2015-->MsiExec.exe /I{4812B582-C445-4335-A390-EC7878D27606}
AVG PC TuneUp 2015-->C:\Program Files (x86)\AVG\AVG PC TuneUp\TUInstallHelper.exe --Trigger-Uninstall
AVG Web TuneUp-->C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL
Azbuka 1.0.3.4-->"C:\Program Files (x86)\Azbuka\unins000.exe"
Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
Broadcom Card Reader Driver Installer-->MsiExec.exe /I{F0A7DF2F-0BE0-470F-B137-D7A19F977189}
Broadcom Wireless Utility-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter"
CyberLink PowerDVD 10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{E48DACEA-5789-4CC5-8584-2E268C560131}" "1029" "0"
Delicious: Emily's True Love Premium Edition-->"C:\Program Files (x86)\WildGames\Delicious Emilys True Love Premium Edition\uninstall\uninstaller.exe"
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ETDWare PS/2-X64 11.6.13.004_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Governor of Poker 2 Premium Edition-->"C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe"
Identity Card-->MsiExec.exe /X{3D9CB654-99AD-4301-89C6-0D12A790767C}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
Island Tribe-->"C:\Program Files (x86)\WildGames\Island Tribe\uninstall\uninstaller.exe"
Java 8 Update 25-->MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F83218025F0}
Jewel Match 3-->"C:\Program Files (x86)\WildGames\Jewel Match 3\uninstall\uninstaller.exe"
John Deere Drive Green-->"C:\Program Files (x86)\WildGames\John Deere Drive Green\uninstall\uninstaller.exe"
Launch Manager-->C:\Windows\UNINSTLMv7.EXE LMv7.UNI
Live Updater-->MsiExec.exe /X{EE26E302-876A-48D9-9058-3129E5B99999}
Magic Academy-->"C:\Program Files (x86)\WildGames\Magic Academy\uninstall\uninstaller.exe"
Microsoft Office 365 - cs-cz-->"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4667.1002 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office Professional Plus 2013 - cs-cz-->"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4667.1002 culture=cs-cz productstoremove=ProPlusRetail_cs-cz_x-none
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Nero 12 Essentials OEM.a01-->MsiExec.exe /I{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}
Nero BackItUp 12 Essentials OEM.a01-->MsiExec.exe /I{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}
Nero BackItUp Help (CHM)-->MsiExec.exe /X{EF0D1292-8FC1-41BE-9740-DBC134F66415}
Nero BackItUp-->MsiExec.exe /X{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}
Nero ControlCenter Help (CHM)-->MsiExec.exe /X{C994C746-C6D0-4EBA-B09E-DF7B18381B69}
Nero ControlCenter-->MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63}
Nero Core Components-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
Nero Express Help (CHM)-->MsiExec.exe /X{0708FF30-78C0-47B0-81F0-C84604DC769C}
Nero Express-->MsiExec.exe /X{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
Nero Launcher-->MsiExec.exe /X{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
Nero RescueAgent Help (CHM)-->MsiExec.exe /X{0B311221-05A5-4766-8D03-7A6446794156}
Nero RescueAgent-->MsiExec.exe /X{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Norton Internet Security-->"C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.6.0.32\InstStub.exe" /X /ARP
Office 15 Click-to-Run Extensibility Component-->MsiExec.exe /X{90150000-008C-0000-0000-0000000FF1CE}
Office 15 Click-to-Run Licensing Component-->MsiExec.exe /I{90150000-008F-0000-1000-0000000FF1CE}
Office 15 Click-to-Run Localization Component-->MsiExec.exe /X{90150000-008C-0405-0000-0000000FF1CE}
Packard Bell Device Fast-lane-->MsiExec.exe /i {3F62D2FD-13C1-49A2-8B5D-47623D9460D7} PRODUCTNAME="Packard Bell Device Fast-lane" BRANDNAME="Packard Bell" ISDT=0
Packard Bell Power Management-->MsiExec.exe /i {91F52DE4-B789-42B0-9311-A349F10E5479} PRODUCTNAME="Packard Bell Power Management" BRANDNAME="Packard Bell" NEWUPGRADE=0 ISDT=0
Packard Bell Recovery Management-->Msiexec.exe /i {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} PACKARDBELL=1 PRODUCTNAME="Packard Bell Recovery Management" REMOVEUSEC=1 BOOTSTRATOR=1 ACERPRELOAD=1
Penguins!-->"C:\Program Files (x86)\WildGames\Penguins!\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Polar Bowler-->"C:\Program Files (x86)\WildGames\Polar Bowler\uninstall\uninstaller.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Search App by Ask-->MsiExec.exe /X{4F524A2D-5350-4500-76A7-A758B70C1500}
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{0665F3BA-FCE2-4CB1-ACDD-19544B0E4C14}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{1EE5FA17-F624-438C-B7AC-7C5A41E90FA2}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{7AC3F78E-ECA0-45F4-A9CC-3E885DA23662}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{A5B39813-17B0-4481-B19E-9C57C0BF1EE0}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{5EE42B42-1159-435C-898A-2A3298453B20}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0BC570F0-7352-4A3A-B2A2-CA56ADA7375F}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{80CEB9D6-F98A-47DD-B41C-DD40B7561AFD}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{A71E3AD4-5545-4D59-9F11-75F363563C6A}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{09A9DF49-DA06-4093-A2FD-F339211E39EA}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-0000-0000000FF1CE}" "{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{E4D76E88-C65F-4003-9C71-EC4306679D17}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0405-1000-0000000FF1CE}" "{7F5CE17A-23B9-4EED-B017-A7EF4547476C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-0000-0000000FF1CE}" "{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{2C911571-C8B6-400B-B323-417C1806E866}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe"
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}" "1029" "0"
Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{153CD843-3EDC-412C-95B1-F36237DF8415}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{302A8FE3-EBF5-486C-A431-16A1CD914443}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{302A8FE3-EBF5-486C-A431-16A1CD914443}" "1029" "0"
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}" "1029" "0"
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1029" "0"
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{287A1E92-9E41-4BC1-8920-B3D0E9220800}" "1029" "0"
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A4F91D60-654C-4892-BFD3-0D41ADA649B6}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{9D69691D-823D-4C3E-9B12-563A3F520366}" "1029" "0"
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0B7744D2-1FDD-4843-9987-7CE11B79F370}" "1029" "0"
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}" "1029" "0"
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{5AA578BB-759C-40FD-9661-A737C0884541}" "1029" "0"
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}" "1029" "0"
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}" "1029" "0"
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}" "1029" "0"
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}" "1029" "0"
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B0D672F7-883E-4279-8E75-D97A5445AB46}" "1029" "0"
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}" "1029" "0"
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{60C9499F-B532-4206-AB19-F88C3A7684D5}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{51CCA922-A0CC-47C4-8910-6936D97CAC2E}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{51CCA922-A0CC-47C4-8910-6936D97CAC2E}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{D02AE7ED-5B00-4251-B7D5-F9590899EEEA}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{2AB483F1-C86E-427A-83B4-23889B03512D}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{7F5448C9-AC6C-41E4-8C35-66288813014C}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{521F54B6-E2E5-462D-946E-8161830DDF18}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F9F5A080-AF38-4966-9A6B-C43DCA465035}" "1029" "0"
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{7B29D8B8-6A87-496C-A65E-B935E740448A}" "1029" "0"
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{38CF30E4-3348-4BD1-A859-B630C355A56F}" "1029" "0"
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\packardbell\Uninstall.exe"
WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
Zuma's Revenge-->"C:\Program Files (x86)\WildGames\Zumas Revenge\uninstall\uninstaller.exe"

======System event log======

Computer Name: WIN-3M8MDFGDVK1
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z disabled na auto start.
Record Number: 661
Source Name: Service Control Manager
Time Written: 20121119024832.919806-000
Event Type: Informace
User: mmm\Administrator

Computer Name: WIN-3M8MDFGDVK1
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 660
Source Name: Service Control Manager
Time Written: 20121119024825.859733-000
Event Type: Informace
User: mmm\Administrator

Computer Name: WIN-3M8MDFGDVK1
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 659
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121119024821.405580-000
Event Type: Informace
User: mmm\Administrator

Computer Name: WIN-3M8MDFGDVK1
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 658
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121119024821.296173-000
Event Type: Informace
User: mmm\Administrator

Computer Name: WIN-3M8MDFGDVK1
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 657
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121119024821.233695-000
Event Type: Informace
User: mmm\Administrator

=====Application event log=====

Computer Name: WIN-3M8MDFGDVK1
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 596
Source Name: Microsoft-Windows-Search
Time Written: 20121119024840.000000-000
Event Type: Informace
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 595
Source Name: Microsoft-Windows-Winlogon
Time Written: 20121119024840.000000-000
Event Type: Informace
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 594
Source Name: Microsoft-Windows-Search
Time Written: 20121119024832.000000-000
Event Type: Informace
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 593
Source Name: Microsoft-Windows-Search
Time Written: 20121119024832.000000-000
Event Type: Informace
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 103
Message: SearchIndexer (2948) Windows: Databázový stroj zastavil instanci (0).

Nesprávné vypnutí: 0

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.046, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.016, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.
Record Number: 592
Source Name: ESENT
Time Written: 20121119024832.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: WIN-3M8MDFGDVK1
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5419
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121119024822.828216-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-3M8MDFGDVK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x238
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 5418
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121119024822.828216-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5417
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121119024822.687561-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-3M8MDFGDVK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x238
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 5416
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121119024822.687561-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-3M8MDFGDVK1
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-4054961317-29747191-2971685502-500
Název účtu: Administrator
Název domény: WIN-3M8MDFGDVK1
ID přihlášení: 0x1D58A
Record Number: 5415
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121119024821.374328-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 05 pro 2014 21:03

Spusťte nyní tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

cer.cer · #11 Příspěvek od **cer.cer** » 05 pro 2014 21:12

# AdwCleaner v4.104 - Report created 05/12/2014 at 21:07:59
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 8 (64 bits)
# Username : mmm-mmm
# Running from : C:\Users\mmm\Downloads\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\mmm\AppData\Local\Temp\apn
Folder Deleted : C:\Users\mmm/AppData\Local\AskPartnerNetwork
File Deleted : C:\Users\mmm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\mmm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ACF4644C-54F9-4EA5-A0D1-BCA96329F03F}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17148

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v39.0.2171.71

*************************

AdwCleaner[R0].txt - [5710 octets] - [05/12/2014 21:06:06]
AdwCleaner[S0].txt - [5288 octets] - [05/12/2014 21:07:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5348 octets] ##########

#12 Příspěvek od **Rudy** » 05 pro 2014 21:16

Dejte nový log RSIT.

cer.cer · #13 Příspěvek od **cer.cer** » 05 pro 2014 21:21

Logfile of random's system information tool 1.10 (written by random/random)
Run by mmm at 2014-12-05 21:17:51
Microsoft Windows 8
System drive C: has 154 GB (66%) free of 233 GB
Total RAM: 3911 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:53, on 5. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mmm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10848 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-a83f-734718721857 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 607185472304
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2104
taskhostex.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1316.0.569394630\170005969" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1316.1.2102017629\1529194853" /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1316.5.1809315534\1399721817" /prefetch:673131151
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1316.6.1566983337\1155784331" /prefetch:673131151
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /c /a /s UserSession
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1316.15.1425929163\1974419049" /prefetch:673131151

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users/mmm\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-10-14 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26 392336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-10-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll []
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll []
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-23 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-23 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-23 441888]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-19 111216]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]

C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-23 441856]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-05 21:05:56 ----D---- C:\AdwCleaner
2014-12-05 21:05:56 ----A---- C:\AdwCleanerDebug.txt
2014-12-05 20:15:57 ----D---- C:\Program Files\trend micro
2014-12-05 20:15:56 ----D---- C:\rsit
2014-12-03 18:46:25 ----D---- C:\Program Files (x86)\ESET
2014-11-21 12:45:04 ----A---- C:\Windows\system32\TURegOpt.exe
2014-11-21 12:45:01 ----A---- C:\Windows\system32\authuitu.dll
2014-11-21 12:44:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-11-21 12:44:25 ----D---- C:\Users\jakub\AppData\Roaming\AVG
2014-11-21 12:40:54 ----D---- C:\ProgramData\AVG
2014-11-21 12:11:51 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-11-21 12:11:44 ----D---- C:\ProgramData\AVG Web TuneUp
2014-11-21 12:11:42 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-11-21 12:09:31 ----D---- C:\Users\jakub\AppData\Roaming\Avg_Update_1014av
2014-11-21 12:09:23 ----D---- C:\ProgramData\Avg_Update_1014av
2014-11-21 11:52:21 ----D---- C:\Users\jakub\AppData\Roaming\AVG2015
2014-11-21 11:50:26 ----D---- C:\Users\jakub\AppData\Roaming\TuneUp Software
2014-11-21 11:49:06 ----D---- C:\ProgramData\AVG2015
2014-11-21 11:48:07 ----D---- C:\Program Files (x86)\AVG
2014-11-21 11:41:40 ----HD---- C:\ProgramData\Common Files
2014-11-21 11:41:40 ----D---- C:\ProgramData\MFAData
2014-11-19 06:42:16 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 06:42:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 06:42:14 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 06:42:14 ----A---- C:\Windows\system32\pku2u.dll
2014-11-17 11:05:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-16 10:37:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-15 21:41:14 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-15 20:40:56 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-15 20:40:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-15 20:40:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-15 20:40:52 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-15 20:40:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-15 20:40:52 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-15 20:40:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-15 20:40:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXST30.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-15 20:40:48 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-15 20:40:28 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-15 20:40:28 ----A---- C:\Windows\system32\rastls.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\EncDump.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-15 20:40:26 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-15 20:40:19 ----A---- C:\Windows\system32\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-15 20:40:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-11-15 20:40:18 ----A---- C:\Windows\system32\winsta.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\termsrv.dll
2014-11-15 20:40:18 ----A---- C:\Windows\system32\mstsc.exe
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-15 20:40:17 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-15 20:40:06 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-15 20:39:45 ----A---- C:\Windows\system32\ntdll.dll
2014-11-15 20:39:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-11-15 20:39:43 ----A---- C:\Windows\system32\localspl.dll
2014-11-15 20:39:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-11-15 20:39:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-11-15 20:39:39 ----A---- C:\Windows\system32\storagewmi.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\wcmsvc.dll
2014-11-15 20:39:38 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\winload.exe
2014-11-15 20:39:37 ----A---- C:\Windows\system32\wcmcsp.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\profsvc.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\dwmapi.dll
2014-11-15 20:39:37 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\SYSWOW64\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\win32spl.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRUM.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDRU.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-11-15 20:39:36 ----A---- C:\Windows\system32\defragsvc.dll
2014-11-15 20:39:36 ----A---- C:\Windows\system32\Defrag.exe
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-11-15 20:39:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-11-15 20:38:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-15 20:38:23 ----A---- C:\Windows\system32\win32k.sys
2014-11-15 20:38:23 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aepdu.dll
2014-11-15 20:38:19 ----A---- C:\Windows\system32\aeinv.dll
2014-11-15 20:38:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-15 20:38:13 ----A---- C:\Windows\system32\msi.dll
2014-11-15 20:38:11 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-15 20:38:11 ----A---- C:\Windows\system32\twinui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\msihnd.dll
2014-11-15 20:38:10 ----A---- C:\Windows\system32\authui.dll
2014-11-15 20:37:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-15 20:37:50 ----A---- C:\Windows\system32\schannel.dll
2014-11-15 20:37:49 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-15 20:37:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-15 20:37:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-15 20:37:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-15 20:37:37 ----A---- C:\Windows\system32\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-15 20:37:36 ----A---- C:\Windows\system32\adtschema.dll
2014-11-15 20:37:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-15 20:37:09 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-15 20:37:05 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-15 20:37:05 ----A---- C:\Windows\system32\msxml3.dll
2014-11-15 20:37:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-15 20:37:02 ----A---- C:\Windows\system32\packager.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\user32.dll
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-11-15 20:36:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-11-15 20:36:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\srvsvc.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\msdtctm.dll
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2014-11-15 20:36:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-11-15 20:36:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2014-11-15 20:36:46 ----A---- C:\Windows\system32\sscore.dll
2014-11-15 20:36:26 ----A---- C:\Windows\system32\mshtml.dll
2014-11-15 20:36:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-15 20:36:20 ----A---- C:\Windows\system32\ieframe.dll
2014-11-15 20:36:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\wininet.dll
2014-11-15 20:36:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-15 20:36:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-15 20:36:18 ----A---- C:\Windows\system32\urlmon.dll
2014-11-15 20:36:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\jscript9.dll
2014-11-15 20:36:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\msrating.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\jscript.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-15 20:36:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\UXInit.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-15 20:36:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-15 20:36:13 ----A---- C:\Windows\system32\iesetup.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WSShared.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-15 20:35:45 ----A---- C:\Windows\system32\NotificationUI.exe
2014-11-15 20:35:45 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-11-15 12:35:47 ----D---- C:\Program Files (x86)\Azbuka

======List of files/folders modified in the last 1 month======

2014-12-05 21:14:08 ----D---- C:\Windows\Temp
2014-12-05 21:11:48 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-05 21:08:17 ----D---- C:\Windows\Prefetch
2014-12-05 21:08:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-05 21:08:05 ----RD---- C:\Program Files (x86)
2014-12-05 21:08:05 ----HD---- C:\ProgramData
2014-12-05 20:15:57 ----RD---- C:\Program Files
2014-12-05 18:06:51 ----D---- C:\Windows\Microsoft.NET
2014-12-04 12:20:51 ----D---- C:\Windows\system32\catroot2
2014-12-02 14:58:48 ----SHD---- C:\Windows\Installer
2014-11-27 18:37:11 ----RD---- C:\Windows\System32
2014-11-27 18:37:11 ----D---- C:\Windows\Inf
2014-11-27 18:37:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:29:05 ----SD---- C:\Users\mmm\AppData\Roaming\Microsoft
2014-11-24 16:37:01 ----D---- C:\Windows\system32\config
2014-11-24 06:39:10 ----RD---- C:\Windows\assembly
2014-11-23 22:00:00 ----D---- C:\Windows\system32\sru
2014-11-23 14:19:05 ----D---- C:\Windows\SYSWOW64\config
2014-11-21 14:00:04 ----D---- C:\Windows\system32\Tasks
2014-11-21 13:59:02 ----D---- C:\Windows
2014-11-21 13:57:40 ----HD---- C:\$Windows.~BT
2014-11-21 12:44:53 ----D---- C:\Windows\SysWOW64
2014-11-21 12:12:58 ----D---- C:\Windows\Tasks
2014-11-21 12:11:51 ----D---- C:\Windows\system32\Drivers
2014-11-21 11:50:15 ----HD---- C:\Windows\ELAMBKUP
2014-11-21 11:50:06 ----D---- C:\Windows\system32\DriverStore
2014-11-21 11:48:38 ----SHD---- C:\System Volume Information
2014-11-20 16:12:04 ----D---- C:\Windows\rescache
2014-11-20 06:26:23 ----D---- C:\Windows\WinSxS
2014-11-19 15:59:17 ----D---- C:\Windows\CbsTemp
2014-11-19 07:34:16 ----D---- C:\Windows\Registration
2014-11-19 07:12:43 ----D---- C:\Windows\system32\catroot
2014-11-19 07:06:37 ----HD---- C:\Program Files\WindowsApps
2014-11-19 07:06:37 ----D---- C:\Windows\AUInstallAgent
2014-11-18 16:15:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-18 16:15:06 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 16:13:11 ----D---- C:\Program Files\Microsoft Office 15
2014-11-15 23:31:33 ----D---- C:\Program Files\Windows Defender
2014-11-15 23:31:31 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-15 23:31:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-15 23:31:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\en-US
2014-11-15 23:31:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-15 23:31:21 ----D---- C:\Windows\SYSWOW64\wbem
2014-11-15 23:31:19 ----D---- C:\Windows\system32\Boot
2014-11-15 23:31:18 ----D---- C:\Windows\system32\wbem
2014-11-15 23:31:16 ----RSD---- C:\Windows\Fonts
2014-11-15 23:31:10 ----SD---- C:\Windows\system32\CompatTel
2014-11-15 23:31:08 ----RD---- C:\Windows\ToastData
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\en-US
2014-11-15 23:30:53 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-11-15 23:30:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 23:30:45 ----D---- C:\Program Files\Internet Explorer
2014-11-15 21:49:00 ----D---- C:\Windows\system32\MRT
2014-11-15 21:41:14 ----D---- C:\Windows\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem18.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-21 50976]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 b57xdbd;@oem7.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\Windows\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem7.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\Windows\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-11-19 6822984]
R3 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [2014-10-17 1587416]
R3 bScsiMSa;bScsiMSa; C:\Windows\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [2014-02-21 162392]
R3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-20 487216]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-20 142640]
R3 ETD;@oem10.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20141118.003\IDSvia64.sys [2014-11-18 637656]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-23 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-06-02 425472]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 Ps2Kb2Hid;@oem9.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-11-19 26736]
R3 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [2014-08-26 37592]
R3 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [2014-08-26 493656]
R3 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [2014-08-26 1148120]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2014-10-22 177752]
R3 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [2014-08-06 266968]
R3 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [2014-08-26 593112]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-09-09 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 dot4;@oem15.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem16.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem15.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141118.050\ENG64.SYS [2014-08-11 129752]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141118.050\EX64.SYS [2014-08-11 2137304]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [2014-08-26 876248]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2013-07-01 43008]
S4 SymELAM;Symantec ELAM Driver; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [2014-08-26 23568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2012-10-19 100752]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-26 687400]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [2014-09-21 276376]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-19 96880]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-10-17 2589496]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-23 277024]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-12 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------

#14 Příspěvek od **Rudy** » 05 pro 2014 22:19

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\AskPartnerNetwork
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte AVG a po něm restartujte PC. Dejte nový log RSIT.

V systému jsou 2 antiviry (Norton a AVG). Jden z nich odinstalujte.

cer.cer · #15 Příspěvek od **cer.cer** » 05 pro 2014 22:26

avg mi hlási trojana tam

VIRY.CZ

změnila se mi plocha

změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha

Re: změnila se mi plocha