Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vytížený procesor

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Vytížený procesor

#1 Příspěvek od Deniel177 »

Dobrý den,
v poslední době se mi v počítači spouští proces rundll32.exe, který zatěžuje procesor permanentně okolo 20-30%. A také, nevím jestli to s tím souvisí, mám problémy s ovládáním firefoxu, ale i prohlížeče souborů windows a jiných softwarů a to že když najedu kurzorem na nějaké tlačítko, toto se nerozsvítí, nebo i vubec nereaguje na kliknutí a zadaná akce (kliknutí) se spní až když kliknu na něco jiného. Používám MS Security Essential, ten žádný vir nenašel.
Prosím o radu a předem děkuji za odpověď. Přikládám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2014-12-12 19:22:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 263 GB (55%) free of 477 GB
Total RAM: 8191 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:02, on 12.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\MHotKey.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Daniel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll
F3 - REG:win.ini: load=C:\Users\Daniel\AppData\Local\Temp\{29885~1.EXE
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418408088
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13632 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {50B6CD38-3312-4F6C-A562-4F4B729C8FB5}
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
C:\Windows\MHotKey.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
C:\Windows\ChiFuncExt.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
"C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Daniel/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Windows\tsnpstd3.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\real\realplayer\Update\realsched.exe" -osboot
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e38a3811-82ab-40b5-8eae-0545410079c9 -SystemEventPortName:HostProcess-e21b0036-00f7-4155-b10c-12504b669156 -IoCancelEventPortName:HostProcess-206d52f1-5007-4134-a7dc-407ad07d6fee -NonStateChangingEventPortName:HostProcess-340c010d-56d3-4525-9189-2479debf9943 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b05ef4c6-4058-418f-a296-3c017e7c3998 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job - C:\Program Files (x86)\TuneUp Utilities 2008\OneClickStarter.exe /schedulestart
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2688177673-2956664120-4266065641-1000Core.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2688177673-2956664120-4266065641-1000UA.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ReclaimerUpdateFiles_Daniel.job - C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe /UpdateFiles
C:\Windows\tasks\ReclaimerUpdateXML_Daniel.job - C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe /UpdateXML
C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Daniel.job - C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe /prompt os_boot

=========Mozilla firefox=========

ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3, firegestures@xuldev.org:1.5.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, piclens@cooliris.com:1.12.0.36605, battlefieldheroespatcher@ea.com:5.0.31.0, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://zinkwink.com/?clid=5330690c64d94 ... &keywords="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files (x86)\Musicnotes\npmusicn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Musicnotes\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files\Musicnotes\npmusicn64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
QuickTimePlugin.class

C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\extensions\
battlefieldheroespatcher@ea.com
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
piclens@cooliris.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\searchplugins\
firmycz.xml
mapycz.xml
stahujcz.xml
torrentz-search.xml
vyhledvn-vide-ve-slub-youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2012-03-15 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-02-26 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-12 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-12 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll [2011-05-09 176936]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2012-03-15 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-06 7940128]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-11 3832064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe [2009-11-24 2642432]
"AdobeBridge"= []
"Nektra OEAPI"= []
"OEXPRESS"= []
"Akamai NetSession Interface"=C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [2014-10-29 4673432]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418408088 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-06-14 2236816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSK DLMSession]
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-07-23 1632216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2010-01-18 124256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe [2009-09-24 32871]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-06 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-09-04 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TiVme Agent]
C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter II\ScheduleAgent.exe [2010-04-26 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\real\realplayer\update\realsched.exe [2012-02-26 296056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Remote Control.lnk]
C:\PROGRA~2\GENIUS~1\TVGODV~1\RTLRCtl.exe [2010-06-10 94208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"LchDrvKey"=C:\Windows\LchDrvKey.exe [2007-03-28 36864]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2006-07-07 262144]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2010-01-18 124256]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"TkBellExe"=C:\Program Files (x86)\real\realplayer\update\realsched.exe [2012-02-26 296056]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-04-22 5687152]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2014-05-23 1694048]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2014-05-23 1852264]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-11-26 493960]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter IIScheduleAgent.exe []

C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-11 21:43:09 ----D---- C:\Program Files\trend micro
2014-12-11 21:43:08 ----D---- C:\rsit
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-12-10 11:20:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-12-10 11:20:06 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-12-10 11:20:04 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-12-10 11:20:04 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-12-10 11:20:03 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-12-10 11:20:03 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-12-10 11:20:02 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-12-10 11:20:02 ----A---- C:\Windows\system32\xinput1_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-12-10 11:20:00 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-12-10 10:59:03 ----D---- C:\Windows\system32\appraiser
2014-12-10 01:03:15 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 01:03:15 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 01:03:15 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 01:03:14 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 01:03:14 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 01:03:14 ----A---- C:\Windows\system32\mf.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 01:00:07 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-12-10 01:00:07 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-10 01:00:07 ----A---- C:\Windows\system32\cryptsvc.dll
2014-12-10 01:00:07 ----A---- C:\Windows\system32\crypt32.dll
2014-12-10 01:00:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 01:00:03 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:00:02 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 00:59:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 00:59:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 00:59:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:59:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 00:59:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 00:59:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 00:59:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 00:59:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:59:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 00:59:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 00:59:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 00:59:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 00:59:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 00:59:49 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 00:59:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 00:59:04 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 00:59:04 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 00:59:04 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 00:59:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 00:59:02 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 11:59:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-19 11:27:59 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 11:27:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 11:27:59 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 11:27:59 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 14:56:48 ----A---- C:\Windows\SYSWOW64\FM20.DLL

======List of files/folders modified in the last 1 month======

2014-12-12 19:19:29 ----D---- C:\Windows\Temp
2014-12-12 19:18:11 ----D---- C:\Windows\system32\config
2014-12-12 19:15:21 ----D---- C:\Windows\Prefetch
2014-12-12 19:15:05 ----D---- C:\Windows\SysWOW64
2014-12-12 01:41:59 ----SHD---- C:\Windows\Installer
2014-12-12 00:36:32 ----D---- C:\Windows\system32\DriverStore
2014-12-12 00:36:30 ----D---- C:\Windows\inf
2014-12-12 00:14:43 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 00:12:29 ----D---- C:\ProgramData\Oracle
2014-12-12 00:10:32 ----D---- C:\Program Files (x86)\Common Files
2014-12-12 00:10:13 ----D---- C:\Windows\Tasks
2014-12-12 00:09:58 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\java.exe
2014-12-12 00:09:45 ----D---- C:\Program Files (x86)\Java
2014-12-12 00:00:42 ----D---- C:\Windows\rescache
2014-12-11 21:43:09 ----RD---- C:\Program Files
2014-12-11 21:34:35 ----D---- C:\Users\Daniel\AppData\Roaming\Azureus
2014-12-11 20:56:41 ----D---- C:\Program Files (x86)\Adobe
2014-12-10 23:27:02 ----D---- C:\Windows\System32
2014-12-10 23:27:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-10 12:59:45 ----D---- C:\Windows\Microsoft.NET
2014-12-10 11:46:58 ----D---- C:\ProgramData\Autodesk
2014-12-10 11:39:03 ----D---- C:\Users\Daniel\AppData\Roaming\Autodesk
2014-12-10 11:39:01 ----HD---- C:\ProgramData
2014-12-10 11:38:43 ----D---- C:\ProgramData\Package Cache
2014-12-10 11:38:36 ----SHD---- C:\System Volume Information
2014-12-10 11:38:17 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-12-10 11:35:24 ----D---- C:\Windows\Downloaded Program Files
2014-12-10 11:31:49 ----RSD---- C:\Windows\Fonts
2014-12-10 11:30:20 ----D---- C:\Program Files\Autodesk
2014-12-10 11:22:12 ----D---- C:\Program Files (x86)\Autodesk
2014-12-10 11:20:00 ----RSD---- C:\Windows\assembly
2014-12-10 11:19:50 ----D---- C:\Windows
2014-12-10 11:19:34 ----D---- C:\Windows\Logs
2014-12-10 11:13:46 ----D---- C:\Autodesk
2014-12-10 11:03:21 ----D---- C:\Windows\system32\catroot2
2014-12-10 11:01:17 ----D---- C:\Windows\winsxs
2014-12-10 10:59:03 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 10:59:03 ----SD---- C:\ProgramData\Microsoft
2014-12-10 10:59:03 ----D---- C:\Windows\AppCompat
2014-12-10 10:59:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 10:59:02 ----D---- C:\Windows\system32\drivers
2014-12-10 10:59:02 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 10:59:01 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 10:59:01 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 10:59:01 ----D---- C:\Program Files\Internet Explorer
2014-12-10 10:59:00 ----D---- C:\Windows\system32\en-US
2014-12-10 10:59:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 01:09:03 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 01:08:07 ----D---- C:\Windows\system32\MRT
2014-12-10 01:04:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 01:03:16 ----D---- C:\Windows\system32\catroot
2014-12-10 01:01:24 ----D---- C:\Program Files\Microsoft Silverlight
2014-12-10 01:01:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-09 21:00:33 ----RD---- C:\Program Files (x86)
2014-12-09 21:00:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 00:07:08 ----D---- C:\Windows\system32\Tasks
2014-12-05 20:35:43 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-12-02 18:10:26 ----A---- C:\Windows\NeroDigital.ini
2014-12-02 00:24:56 ----D---- C:\Windows\system32\NDF
2014-11-25 09:37:12 ----D---- C:\ProgramData\FLEXnet
2014-11-23 22:17:25 ----HD---- C:\ProgramData\CanonIJScan
2014-11-23 22:17:25 ----D---- C:\Users\Daniel\AppData\Roaming\Canon
2014-11-16 13:20:12 ----D---- C:\ProgramData\Adobe
2014-11-13 01:06:56 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-08 834544]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2009-09-21 26624]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-18 123408]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-24 6174720]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-06 1824672]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-19 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ALSysIO;ALSysIO; \??\C:\Users\Daniel\AppData\Local\Temp\ALSysIO64.sys []
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2009-11-18 1075712]
S3 AutoBoot;AutoBoot; \??\C:\Program Files (x86)\MSI\AutoBoot\NTGLM7X64.sys [2009-02-19 44344]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 174368]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-01-22 38944]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-11-26 599944]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-24 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe [2009-09-21 265216]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-11 2287360]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-10-16 75064]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-04-22 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-05-23 296312]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-12-10 1357104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [2009-09-21 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S4 AirPrint;Apple AirPrint for Windows; C:\Program Files (x86)\AirPrint\airprint.exe [2010-10-07 234784]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S4 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S4 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit; C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#2 Příspěvek od Rudy »

Zdravím!
rundll32.exe je systémový proces a za určitých okolností běžet musí. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#3 Příspěvek od Deniel177 »

Zde je log z AdvCleaneru. Nevíte čím může být popsaný problém s reakcí na kurzor myši a na klikání...?

# AdwCleaner v4.105 - Report created 12/12/2014 at 23:39:01
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Daniel - DANIEL-PCP
# Running from : D:\Downloads\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Video Converter
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\Plus500
Folder Deleted : C:\Users\Daniel\AppData\Local\Conduit
Folder Deleted : C:\Users\Daniel\AppData\Local\Plus500
Folder Deleted : C:\Users\Daniel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Daniel\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Daniel\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B0-0409-0000-0000000FF1CE}
Key Deleted : [x64] HKLM\SOFTWARE\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 cs)

[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.CTID", "CT2504091");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.CurrentServerDate", "7-7-2010");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Wed Jul 07 2010 19:39:28 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Jul 07 2010 19:28:27 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Jul 07 2010 19:28:27 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FirstServerDate", "7-7-2010");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FirstTime", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FirstTimeFF3", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.Initialize", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.InstallationType", "UnknownIntegration");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.InstalledDate", "Wed Jul 07 2010 19:28:27 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.IsGrouping", false);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.IsMulticommunity", false);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Jul 07 2010 19:28:29 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.LastLogin_2.7.1.3", "Wed Jul 07 2010 19:28:31 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.LatestVersion", "2.1.0.18");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.Locale", "en-us");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.LoginCache", 4);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchEngine", "Searchhxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2504091&octid=EB_ORIGINAL_CTID&SearchSource=1");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Jul 07 2010 19:28:31 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SearchInNewTabUserEnabled", false);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Wed Jul 07 2010 19:28:26 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.SettingsLastUpdate", "1277762395");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Wed Jul 07 2010 19:28:26 GMT+0200");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1277762395");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&so ... sealid=112");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.UserID", "UN59405533084031347");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.alertChannelId", "897164");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.clientLogIsEnabled", false);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.myStuffEnabled", true);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
[myzcd2p8.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [10733 octets] - [12/12/2014 23:35:50]
AdwCleaner[S0].txt - [11263 octets] - [12/12/2014 23:39:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11324 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#5 Příspěvek od Deniel177 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2014-12-13 17:43:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 263 GB (55%) free of 477 GB
Total RAM: 8191 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:44:01, on 13.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\MHotKey.exe
C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\stub_exe\RealPlayerCloud.exe
C:\Users\Daniel\AppData\Local\Temp\rnsetup0.exe
C:\Users\Daniel\AppData\Local\Temp\rninst~0\RealPlayerCloud.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\ChiFuncExt.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Daniel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\Daniel\AppData\Local\Temp\{29885~1.EXE
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418488630
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13597 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b3d335a5-c7d4-4e91-a09e-45a83142d161 -SystemEventPortName:HostProcess-110ed7f3-8206-4849-963e-e78ff51ee06a -IoCancelEventPortName:HostProcess-83512191-936e-4d6f-a7d9-d5c9deacd437 -NonStateChangingEventPortName:HostProcess-3e12eb26-ce0b-4753-871f-775fa3d30505 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5383ab45-c7f5-406e-b5e9-c132bab3bdbe -DeviceGroupId:WpdFsGroup
atieclxx
"taskhost.exe"
taskeng.exe {BFB2B2C1-57B7-4E1D-933C-EEB43260B6EA}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\MHotKey.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
"C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
"C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:/Users/Daniel/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Windows\tsnpstd3.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\stub_exe\RealPlayerCloud.exe" /location "C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\stub_data\" /distcode "R90UBH12" /loc "cz" /add_log:"impetus=os_boot&os_boot_prompt=1&os_resume_prompt=0&RealPlayer_onlaunch_prompt=0&RealPlayer_onclose_prompt=0&RealPlayer_DL_onlaunch_prompt=0&RealPlayer_DL_onclose_prompt=0&RealDownloader_onlaunch_prompt=0&RealDownloader_onclose_prompt=0&RealDownloader_onscheduledcheck_prompt=0&RealDownloader_onlogon_prompt=0&os_unlock_prompt=0&os_idle_prompt=0&os_logon_prompt=0&user_interaction_prompt=0" /datecheck=T
"C:\Users\Daniel\AppData\Local\Temp\rnsetup0.exe" /orgexename="RealPlayerCloud.exe" /location "C:\Users\Daniel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\stub_data\" /distcode "R90UBH12" /loc "cz" /add_log:"impetus=os_boot&os_boot_prompt=1&os_resume_prompt=0&RealPlayer_onlaunch_prompt=0&RealPlayer_onclose_prompt=0&RealPlayer_DL_onlaunch_prompt=0&RealPlayer_DL_onclose_prompt=0&RealDownloader_onlaunch_prompt=0&RealDownloader_onclose_prompt=0&RealDownloader_onscheduledcheck_prompt=0&RealDownloader_onlogon_prompt=0&os_unlock_prompt=0&os_idle_prompt=0&os_logon_prompt=0&user_interaction_prompt=0" /datecheck=T
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Users\Daniel\AppData\Local\Temp\rninst~0\RealPlayerCloud.exe -s -k -cfg C:\Users\Daniel\AppData\Local\Temp\rninst~0\rnsetup.cfg
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\ChiFuncExt.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe"
"D:\Downloads\RSITx64.exe"
msiexec /i "C:\Users\Daniel\AppData\Local\Temp\~rnsetup\DOWNLOADER\RealDownloader.msi" /qn /l* "C:\ProgramData\Real\RealPlayer\RDInstall-log.txt" ARPSYSTEMCOMPONENT=0 REBOOT=ReallySuppress MSIRESTARTMANAGERCONTROL=Disable DISTCODE=%DISTCODE% ORIGINCODE=%ORIGCODE%
C:\Windows\syswow64\MsiExec.exe -Embedding 4356D0F36DB2052728568942D79FA7F1
C:\Windows\syswow64\MsiExec.exe -Embedding DF03D9DD2EFCE98179DBB69AC824F4C7 M Global\MSI0000
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job - C:\Program Files (x86)\TuneUp Utilities 2008\OneClickStarter.exe /schedulestart
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2688177673-2956664120-4266065641-1000Core.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2688177673-2956664120-4266065641-1000UA.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3, firegestures@xuldev.org:1.5.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, piclens@cooliris.com:1.12.0.36605, battlefieldheroespatcher@ea.com:5.0.31.0, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://zinkwink.com/?clid=5330690c64d94 ... &keywords="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files (x86)\Musicnotes\npmusicn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15]
"Description"=RealPlayer Video Downloader for HTML5 (32-bit)
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Musicnotes\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files\Musicnotes\npmusicn64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
nprpplugin.dll
QuickTimePlugin.class

C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\extensions\
battlefieldheroespatcher@ea.com
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
piclens@cooliris.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}

C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\searchplugins\
firmycz.xml
mapycz.xml
stahujcz.xml
torrentz-search.xml
vyhledvn-vide-ve-slub-youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-26 591432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2012-03-15 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26 476744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-12 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-12 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2012-03-15 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-06 7940128]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-11 3832064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe [2009-11-24 2642432]
"AdobeBridge"= []
"Nektra OEAPI"= []
"OEXPRESS"= []
"Akamai NetSession Interface"=C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [2014-10-29 4673432]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418488630 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-06-14 2236816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSK DLMSession]
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-07-23 1632216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2010-01-18 124256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe [2009-09-24 32871]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-06 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-09-04 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TiVme Agent]
C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter II\ScheduleAgent.exe [2010-04-26 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\real\realplayer\update\realsched.exe [2014-12-13 296520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Remote Control.lnk]
C:\PROGRA~2\GENIUS~1\TVGODV~1\RTLRCtl.exe [2010-06-10 94208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"LchDrvKey"=C:\Windows\LchDrvKey.exe [2007-03-28 36864]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2006-07-07 262144]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2010-01-18 124256]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-04-22 5687152]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2014-05-23 1694048]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2014-05-23 1852264]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-11-26 493960]
"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2014-12-13 296520]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter IIScheduleAgent.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
RealPlayer Cloud Service UI.lnk - C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe

C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-13 17:43:48 ----D---- C:\ProgramData\RealNetworks
2014-12-13 17:43:48 ----D---- C:\Program Files (x86)\RealNetworks
2014-12-13 17:42:44 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2014-12-13 17:42:20 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2014-12-13 17:42:03 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2014-12-13 17:42:03 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2014-12-12 23:35:30 ----D---- C:\AdwCleaner
2014-12-11 21:43:09 ----D---- C:\Program Files\trend micro
2014-12-11 21:43:08 ----D---- C:\rsit
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-12-10 11:20:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-12-10 11:20:06 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-12-10 11:20:04 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-12-10 11:20:04 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-12-10 11:20:03 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-12-10 11:20:03 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-12-10 11:20:02 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-12-10 11:20:02 ----A---- C:\Windows\system32\xinput1_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-12-10 11:20:00 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-12-10 10:59:03 ----D---- C:\Windows\system32\appraiser
2014-12-10 01:03:15 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 01:03:15 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 01:03:15 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 01:03:14 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 01:03:14 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 01:03:14 ----A---- C:\Windows\system32\mf.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 01:00:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 01:00:03 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:00:02 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 00:59:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 00:59:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 00:59:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:59:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 00:59:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 00:59:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 00:59:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 00:59:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:59:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 00:59:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 00:59:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 00:59:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 00:59:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 00:59:49 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 00:59:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 00:59:04 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 00:59:04 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 00:59:04 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 00:59:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 00:59:02 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 11:59:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-19 11:27:59 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 11:27:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 11:27:59 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 11:27:59 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 14:56:48 ----A---- C:\Windows\SYSWOW64\FM20.DLL

======List of files/folders modified in the last 1 month======

2014-12-13 17:44:04 ----D---- C:\Windows\system32\catroot2
2014-12-13 17:44:03 ----SHD---- C:\Windows\Installer
2014-12-13 17:43:59 ----D---- C:\Windows\Prefetch
2014-12-13 17:43:48 ----RD---- C:\Program Files (x86)
2014-12-13 17:43:48 ----HD---- C:\ProgramData
2014-12-13 17:43:13 ----D---- C:\Program Files (x86)\real
2014-12-13 17:42:58 ----D---- C:\Program Files (x86)\Common Files
2014-12-13 17:42:52 ----D---- C:\ProgramData\Real
2014-12-13 17:42:44 ----D---- C:\Windows\SysWOW64
2014-12-13 17:42:26 ----D---- C:\Windows\Temp
2014-12-13 17:42:08 ----D---- C:\Users\Daniel\AppData\Roaming\Real
2014-12-13 17:37:00 ----D---- C:\Windows\system32\Tasks
2014-12-13 17:36:59 ----D---- C:\Windows\Tasks
2014-12-13 17:36:28 ----D---- C:\Windows\winsxs
2014-12-13 17:35:48 ----D---- C:\Windows\system32\config
2014-12-13 17:35:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-13 17:35:37 ----D---- C:\Windows\system32\cs-CZ
2014-12-13 17:35:37 ----D---- C:\Windows\System32
2014-12-13 00:46:44 ----SHD---- C:\System Volume Information
2014-12-13 00:46:21 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-12-12 00:36:32 ----D---- C:\Windows\system32\DriverStore
2014-12-12 00:36:30 ----D---- C:\Windows\inf
2014-12-12 00:14:43 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 00:12:29 ----D---- C:\ProgramData\Oracle
2014-12-12 00:09:58 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\java.exe
2014-12-12 00:09:45 ----D---- C:\Program Files (x86)\Java
2014-12-12 00:00:42 ----D---- C:\Windows\rescache
2014-12-11 21:43:09 ----RD---- C:\Program Files
2014-12-11 21:34:35 ----D---- C:\Users\Daniel\AppData\Roaming\Azureus
2014-12-11 20:56:41 ----D---- C:\Program Files (x86)\Adobe
2014-12-10 23:27:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-10 12:59:45 ----D---- C:\Windows\Microsoft.NET
2014-12-10 11:46:58 ----D---- C:\ProgramData\Autodesk
2014-12-10 11:39:03 ----D---- C:\Users\Daniel\AppData\Roaming\Autodesk
2014-12-10 11:38:43 ----D---- C:\ProgramData\Package Cache
2014-12-10 11:38:17 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-12-10 11:35:24 ----D---- C:\Windows\Downloaded Program Files
2014-12-10 11:31:49 ----RSD---- C:\Windows\Fonts
2014-12-10 11:30:20 ----D---- C:\Program Files\Autodesk
2014-12-10 11:22:12 ----D---- C:\Program Files (x86)\Autodesk
2014-12-10 11:20:00 ----RSD---- C:\Windows\assembly
2014-12-10 11:19:50 ----D---- C:\Windows
2014-12-10 11:19:34 ----D---- C:\Windows\Logs
2014-12-10 11:13:46 ----D---- C:\Autodesk
2014-12-10 10:59:03 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 10:59:03 ----SD---- C:\ProgramData\Microsoft
2014-12-10 10:59:03 ----D---- C:\Windows\AppCompat
2014-12-10 10:59:02 ----D---- C:\Windows\system32\drivers
2014-12-10 10:59:01 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 10:59:01 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 10:59:01 ----D---- C:\Program Files\Internet Explorer
2014-12-10 10:59:00 ----D---- C:\Windows\system32\en-US
2014-12-10 10:59:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 01:09:03 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 01:08:07 ----D---- C:\Windows\system32\MRT
2014-12-10 01:04:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 01:03:16 ----D---- C:\Windows\system32\catroot
2014-12-10 01:01:24 ----D---- C:\Program Files\Microsoft Silverlight
2014-12-10 01:01:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-09 21:00:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-02 18:10:26 ----A---- C:\Windows\NeroDigital.ini
2014-12-02 00:24:56 ----D---- C:\Windows\system32\NDF
2014-11-25 09:37:12 ----D---- C:\ProgramData\FLEXnet
2014-11-23 22:17:25 ----HD---- C:\ProgramData\CanonIJScan
2014-11-23 22:17:25 ----D---- C:\Users\Daniel\AppData\Roaming\Canon
2014-11-16 13:20:12 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-08 834544]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2009-09-21 26624]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-18 123408]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-24 6174720]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-06 1824672]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-19 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ALSysIO;ALSysIO; \??\C:\Users\Daniel\AppData\Local\Temp\ALSysIO64.sys []
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2009-11-18 1075712]
S3 AutoBoot;AutoBoot; \??\C:\Program Files (x86)\MSI\AutoBoot\NTGLM7X64.sys [2009-02-19 44344]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 174368]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-01-22 38944]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-11-26 599944]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-24 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe [2009-09-21 265216]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-11 2287360]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-10-16 75064]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-12-13 1141848]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-04-22 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-05-23 296312]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-12-10 1357104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [2009-09-21 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S4 AirPrint;Apple AirPrint for Windows; C:\Program Files (x86)\AirPrint\airprint.exe [2010-10-07 234784]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S4 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S4 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit; C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\Daniel\AppData\Local\Akamai
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2688177673-2956664120-4266065641-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2688177673-2956664120-4266065641-1000UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#7 Příspěvek od Deniel177 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2014-12-13 18:40:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 268 GB (56%) free of 477 GB
Total RAM: 8191 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:46, on 13.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\MHotKey.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Program Files\trend micro\Daniel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\Daniel\AppData\Local\Temp\{29885~1.EXE
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418492188
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13759 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
taskeng.exe {5C11D2BE-FE0B-4E9D-9275-BCFC4269FF9C}
C:\Windows\MHotKey.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe"
"C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
C:\Windows\ChiFuncExt.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-09e082ac-0441-45f1-b7c1-b3fd9332ce1a -SystemEventPortName:HostProcess-da44d768-b22e-4a70-8d9b-0fedb4b71863 -IoCancelEventPortName:HostProcess-986ebf9e-4c1a-43a7-a97c-40fee8822a84 -NonStateChangingEventPortName:HostProcess-6f1becba-b7fc-46f7-9456-6eec04ae8b8a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9747b796-e7ee-448c-9882-ce0fed11fc07 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\notepad.exe" D:\_OTM\MovedFiles\12132014_183047.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
"C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Windows\tsnpstd3.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe"
"C:\Program Files (x86)\real\realplayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1128.cbcca0.667649108 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1128 "\\.\pipe\gecko-crash-server-pipe.1128" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe" --proxy-stub-channel=Flash5092.654D6188.22233 --host-broker-channel=Flash5092.654D6188.2945 --host-pid=5092 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe" --channel=2152.0037F5C4.1860496433 --proxy-stub-channel=Flash5092.654D6188.22233 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll" --host-npapi-version=27 --type=renderer
C:\Windows\servicing\TrustedInstaller.exe
"D:\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job - C:\Program Files (x86)\TuneUp Utilities 2008\OneClickStarter.exe /schedulestart
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3, firegestures@xuldev.org:1.5.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, piclens@cooliris.com:1.12.0.36605, battlefieldheroespatcher@ea.com:5.0.31.0, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://zinkwink.com/?clid=5330690c64d94 ... &keywords="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files (x86)\Musicnotes\npmusicn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.15]
"Description"=RealPlayer Video Downloader for HTML5 (32-bit)
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Musicnotes\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files\Musicnotes\npmusicn64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
nprpplugin.dll
QuickTimePlugin.class

C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\extensions\
battlefieldheroespatcher@ea.com
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
piclens@cooliris.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}

C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\searchplugins\
firmycz.xml
mapycz.xml
stahujcz.xml
torrentz-search.xml
vyhledvn-vide-ve-slub-youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-26 591432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2012-03-15 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-12 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-12 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2012-03-15 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-06 7940128]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-11 3832064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe [2009-11-24 2642432]
"AdobeBridge"= []
"Nektra OEAPI"= []
"OEXPRESS"= []
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418492188 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-06-14 2236816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSK DLMSession]
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [2012-07-23 1632216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-28 107912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2010-01-18 124256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe [2009-09-24 32871]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-06 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-09-04 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TiVme Agent]
C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter II\ScheduleAgent.exe [2010-04-26 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\real\realplayer\update\realsched.exe [2014-12-13 296520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Remote Control.lnk]
C:\PROGRA~2\GENIUS~1\TVGODV~1\RTLRCtl.exe [2010-06-10 94208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"LchDrvKey"=C:\Windows\LchDrvKey.exe [2007-03-28 36864]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2006-07-07 262144]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2010-01-18 124256]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2013-04-22 5687152]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2014-05-23 1694048]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2014-05-23 1852264]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-11-26 493960]
"TkBellExe"=C:\Program Files (x86)\real\realplayer\update\realsched.exe [2014-12-13 296520]
"RealDownloader"=C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29 560192]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\Genius TVGo DVB-T03\HyperMediaCenter IIScheduleAgent.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
RealPlayer Cloud Service UI.lnk - C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe

C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-13 17:45:52 ----D---- C:\Users\Daniel\AppData\Roaming\RealNetworks
2014-12-13 17:43:48 ----D---- C:\ProgramData\RealNetworks
2014-12-13 17:43:48 ----D---- C:\Program Files (x86)\RealNetworks
2014-12-13 17:42:44 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2014-12-13 17:42:20 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2014-12-13 17:42:03 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2014-12-13 17:42:03 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2014-12-12 23:35:30 ----D---- C:\AdwCleaner
2014-12-11 21:43:09 ----D---- C:\Program Files\trend micro
2014-12-11 21:43:08 ----D---- C:\rsit
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-12-10 11:20:07 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-12-10 11:20:07 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-12-10 11:20:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-12-10 11:20:06 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-12-10 11:20:05 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-12-10 11:20:04 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-12-10 11:20:04 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-12-10 11:20:03 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-12-10 11:20:03 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-12-10 11:20:02 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-12-10 11:20:02 ----A---- C:\Windows\system32\xinput1_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-12-10 11:20:00 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-12-10 11:20:00 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-12-10 10:59:03 ----D---- C:\Windows\system32\appraiser
2014-12-10 01:03:15 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 01:03:15 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 01:03:15 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 01:03:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 01:03:14 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 01:03:14 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 01:03:14 ----A---- C:\Windows\system32\mf.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 01:00:11 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 01:00:10 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 01:00:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 01:00:03 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:00:02 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 00:59:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 00:59:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 00:59:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:59:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 00:59:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 00:59:58 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 00:59:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 00:59:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:59:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 00:59:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 00:59:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 00:59:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 00:59:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:59:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 00:59:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 00:59:53 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 00:59:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 00:59:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 00:59:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 00:59:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 00:59:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:59:50 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 00:59:49 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 00:59:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 00:59:04 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 00:59:04 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 00:59:04 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 00:59:03 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 00:59:03 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 00:59:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 00:59:02 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 11:59:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-19 11:27:59 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 11:27:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 11:27:59 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 11:27:59 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 14:56:48 ----A---- C:\Windows\SYSWOW64\FM20.DLL

======List of files/folders modified in the last 1 month======

2014-12-13 18:39:59 ----D---- C:\Windows\Temp
2014-12-13 18:39:25 ----D---- C:\Windows\Prefetch
2014-12-13 18:39:17 ----D---- C:\Windows\system32\config
2014-12-13 18:34:06 ----D---- C:\Windows\system32\Tasks
2014-12-13 18:33:25 ----D---- C:\Windows\SysWOW64
2014-12-13 18:30:54 ----D---- C:\Windows\Tasks
2014-12-13 18:00:27 ----D---- C:\Windows\winsxs
2014-12-13 18:00:15 ----D---- C:\Windows\system32\catroot
2014-12-13 17:46:39 ----D---- C:\Users\Daniel\AppData\Roaming\Real
2014-12-13 17:46:05 ----SHD---- C:\Windows\Installer
2014-12-13 17:46:02 ----D---- C:\Program Files (x86)\real
2014-12-13 17:45:40 ----D---- C:\ProgramData\Package Cache
2014-12-13 17:45:35 ----D---- C:\Windows\system32\catroot2
2014-12-13 17:43:48 ----RD---- C:\Program Files (x86)
2014-12-13 17:43:48 ----HD---- C:\ProgramData
2014-12-13 17:42:58 ----D---- C:\Program Files (x86)\Common Files
2014-12-13 17:42:52 ----D---- C:\ProgramData\Real
2014-12-13 17:35:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-13 17:35:37 ----D---- C:\Windows\system32\cs-CZ
2014-12-13 17:35:37 ----D---- C:\Windows\System32
2014-12-13 00:46:44 ----SHD---- C:\System Volume Information
2014-12-13 00:46:21 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-12-12 00:36:32 ----D---- C:\Windows\system32\DriverStore
2014-12-12 00:36:30 ----D---- C:\Windows\inf
2014-12-12 00:14:43 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 00:12:29 ----D---- C:\ProgramData\Oracle
2014-12-12 00:09:58 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-12-12 00:09:57 ----A---- C:\Windows\SYSWOW64\java.exe
2014-12-12 00:09:45 ----D---- C:\Program Files (x86)\Java
2014-12-12 00:00:42 ----D---- C:\Windows\rescache
2014-12-11 21:43:09 ----RD---- C:\Program Files
2014-12-11 21:34:35 ----D---- C:\Users\Daniel\AppData\Roaming\Azureus
2014-12-11 20:56:41 ----D---- C:\Program Files (x86)\Adobe
2014-12-10 23:27:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-10 12:59:45 ----D---- C:\Windows\Microsoft.NET
2014-12-10 11:46:58 ----D---- C:\ProgramData\Autodesk
2014-12-10 11:39:03 ----D---- C:\Users\Daniel\AppData\Roaming\Autodesk
2014-12-10 11:38:17 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-12-10 11:35:24 ----D---- C:\Windows\Downloaded Program Files
2014-12-10 11:31:49 ----RSD---- C:\Windows\Fonts
2014-12-10 11:30:20 ----D---- C:\Program Files\Autodesk
2014-12-10 11:22:12 ----D---- C:\Program Files (x86)\Autodesk
2014-12-10 11:20:00 ----RSD---- C:\Windows\assembly
2014-12-10 11:19:50 ----D---- C:\Windows
2014-12-10 11:19:34 ----D---- C:\Windows\Logs
2014-12-10 11:13:46 ----D---- C:\Autodesk
2014-12-10 10:59:03 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 10:59:03 ----SD---- C:\ProgramData\Microsoft
2014-12-10 10:59:03 ----D---- C:\Windows\AppCompat
2014-12-10 10:59:02 ----D---- C:\Windows\system32\drivers
2014-12-10 10:59:01 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 10:59:01 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 10:59:01 ----D---- C:\Program Files\Internet Explorer
2014-12-10 10:59:00 ----D---- C:\Windows\system32\en-US
2014-12-10 10:59:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 01:09:03 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 01:08:07 ----D---- C:\Windows\system32\MRT
2014-12-10 01:04:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 01:01:24 ----D---- C:\Program Files\Microsoft Silverlight
2014-12-10 01:01:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-09 21:00:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-02 18:10:26 ----A---- C:\Windows\NeroDigital.ini
2014-12-02 00:24:56 ----D---- C:\Windows\system32\NDF
2014-11-25 09:37:12 ----D---- C:\ProgramData\FLEXnet
2014-11-23 22:17:25 ----HD---- C:\ProgramData\CanonIJScan
2014-11-23 22:17:25 ----D---- C:\Users\Daniel\AppData\Roaming\Canon
2014-11-16 13:20:12 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-08 834544]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2009-09-21 26624]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-18 123408]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-24 6174720]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-06 1824672]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-19 82816]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ALSysIO;ALSysIO; \??\C:\Users\Daniel\AppData\Local\Temp\ALSysIO64.sys []
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2009-11-18 1075712]
S3 AutoBoot;AutoBoot; \??\C:\Program Files (x86)\MSI\AutoBoot\NTGLM7X64.sys [2009-02-19 44344]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 174368]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-01-22 38944]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-11-26 599944]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-24 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe [2009-09-21 265216]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-11 2287360]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-10-16 75064]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-12-13 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-04-22 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-05-23 296312]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-12-10 1357104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [2009-09-21 954368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S4 AirPrint;Apple AirPrint for Windows; C:\Program Files (x86)\AirPrint\airprint.exe [2010-10-07 234784]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S4 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S4 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit; C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#8 Příspěvek od Rudy »

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#9 Příspěvek od Deniel177 »

z MBAM se mi podařilo dostat toto

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/12/15 14:26:58 +0100</date>
<logfile>mbam-log-2014-12-15 (14-26-56).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2014.12.15.02</malware-database>
<rootkit-database>v2014.12.14.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Daniel</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>400060</objects>
<time>695</time>
<processes>0</processes>
<modules>0</modules>
<keys>1</keys>
<values>3</values>
<datas>0</datas>
<folders>4</folders>
<files>13</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\WOW6432NODE\Vuze_Remote</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>3de15310f488ae885fd9933abd473ac6</hash></key>
<value><path>HKU\S-1-5-21-2688177673-2956664120-4266065641-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{B4FBA8C3-2083-4ED8-A35B-148478739826}</path><valuename></valuename><vendor>Redir.ZWink</vendor><action></action><valuedata></valuedata><hash>2cf23c27304cbe78133e9d4afd05e21e</hash></value>
<value><path>HKU\S-1-5-21-2688177673-2956664120-4266065641-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER</path><valuename>{B4FBA8C3-2083-4ED8-A35B-148478739826}</valuename><vendor>Redir.ZWink</vendor><action></action><valuedata>èű´ƒ ŘNŁ[„xs˜&</valuedata><hash>2cf23c27304cbe78133e9d4afd05e21e</hash></value>
<value><path>HKU\S-1-5-21-2688177673-2956664120-4266065641-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS</path><valuename>Load</valuename><vendor>PUM.UserWLoad</vendor><action></action><valuedata>C:\Users\Daniel\AppData\Local\Temp\{29885~1.EXE</valuedata><hash>b5699fc4fd7f45f1a536e0ba867d48b8</hash></value>
<folder><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></folder>
<folder><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\emailnotifier</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></folder>
<folder><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\feed</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></folder>
<folder><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\MyStuffComponents</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></folder>
<file><path>C:\Program Files (x86)\DesetiPrsty\crack.rg1</path><vendor>RiskWare.Tool.CK</vendor><action></action><hash>9985b3b04d2f6ec8b666661ab1540af6</hash></file>
<file><path>C:\Program Files (x86)\PDF Password Remover v3.0\pdfdecrypt.exe</path><vendor>PUP.PDFPasswordRemover</vendor><action></action><hash>c35b095a95e71d19fba8e32ce9179c64</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\LanguagePack.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\LocalSettings.txt</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\searchInNewTabData.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\ThirdPartyComponents.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\UserAdditionalComponents.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\emailnotifier\acc</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\feed\http___blog_vuze_com_index_php_feed__history.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\feed\http___blog_vuze_com_index_php_feed__structured.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\feed\http___twitter_com_statuses_user_timeline_15653840_rss_history.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\feed\http___twitter_com_statuses_user_timeline_15653840_rss_structured.xml</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
<file><path>C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\myzcd2p8.default\CT2504091\MyStuffComponents\list.json</path><vendor>PUP.Optional.VuzeRemoteTB.A</vendor><action></action><hash>c757441fd9a33df9537682a046bd19e7</hash></file>
</items>
</mbam-log>
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#10 Příspěvek od Rudy »

Nějaké divné. Log má vypadat takto: http://forum.viry.cz/viewtopic.php?f=13 ... m#p1365763 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#11 Příspěvek od Deniel177 »

To já vím, ale ani z exportu do txt ani do xml ani ve složce softwaru v ProgramData jsem nedostal nic lepšího...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#12 Příspěvek od Rudy »

Vše smažte. Log by se měl otevřít v poznámkovém bloku a tam by to mělo být korektně k přečtení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#13 Příspěvek od Deniel177 »

tohle je to jedinné co se v txt logu píše:

Malwarebytes Anti-Malware
www.malwarebytes.org

...v xml jen to co jsem posílal
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119557
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vytížený procesor

#14 Příspěvek od Rudy »

Smazáno. Změnilo se něco?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Deniel177
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 11 pro 2014 22:07

Re: Vytížený procesor

#15 Příspěvek od Deniel177 »

No snad ano, uvidím jestli se to zas neobjeví...
Zatím děkuji za pomoc.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“