VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Ne zcela běžné "seky" internetu win8-64bit

https://forum.viry.cz:443/viewtopic.php?t=143387

Stránka 1 z 1

Ne zcela běžné "seky" internetu win8-64bit

Napsal: 06 bře 2015 18:37
od mad_doc
Dobrý den, ahoj.

Poprosil bych zkušeného rádce o prohlédnutí logu. PC se mi nezdá vyloženě jako zavirovaný, ale i přes kontrolu kabeláže nebo test hw se mi narozdíl od sousedního PC trochu seká internetové připojení. Takže budu vděčný, když mi zdejší zkušený rádce třeba vyvrátí domněnku, že by to mohlo být nějakým škůdcem.
Díky za váš čas.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2015-03-06 18:32:59
Microsoft Windows 8.1 Pro
System drive C: has 62 GB (54%) free of 114 GB
Total RAM: 8076 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:33:04, on 6. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\Notepad++\notepad++.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
D:\Program Files (x86)\Pidgin\pidgin.exe
D:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Daniel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "d:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\RunOnce: [PreRun] C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [ManicTime2149D51D9DB044D0] D:\Program Files (x86)\ManicTime\ManicTime.exe /minimized /name:
O4 - HKCU\..\Run: [ManicTime] D:\Program Files (x86)\ManicTime\ManicTime.exe /minimized
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GIGABYTE Adjust (gadjservice) - Unknown owner - C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
O23 - Service: HwmRecordService - GIGA-BYTE TECHNOLOGY CO., LTD. - C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9740 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe" /service
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe"
dashost.exe {d0ea113b-e8fd-46ec-89fc83b2267fdd9f}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe" -noshow
taskhostex.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
igfxEM.exe
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
ClassicStartMenu.exe -startup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
RPMDaemon.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"D:\Program Files (x86)\Notepad++\notepad++.exe" "C:\AdwCleaner\AdwCleaner[S8].txt"
"c:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2328.0.118624458\1800310940" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.1.303505471\72998569" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.2.1554651718\169194046" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.3.2128923202\167074706" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.4.1112280469\1886985105" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.5.1428023831\2067176711" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.6.1648715023\1189680916" /prefetch:673131151
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"D:\Program Files (x86)\Pidgin\pidgin.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"D:\totalcmd\TOTALCMD.EXE"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.79.258443114\1293625578" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2328.104.960516075\734655211" /prefetch:673131151
taskeng.exe {90780F7D-5BD9-468B-8497-BA268117276F}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

"D:\downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\1v7qlzye.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre7\bin\ssv.dll [2015-02-12 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-12 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\Gigabyte\SmartRecovery2\RPMKickstartEx.exe [2014-04-01 2320384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"ManicTime2149D51D9DB044D0"=D:\Program Files (x86)\ManicTime\ManicTime.exe [2015-02-26 45832]
"ManicTime"=D:\Program Files (x86)\ManicTime\ManicTime.exe [2015-02-26 45832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeePass 2 PreLoad"=D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-10-07 2109952]
"StartCCC"=c:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"VirtualCloneDrive"=d:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17 508800]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2014-03-20 134616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"PreRun"=C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [2013-04-29 8192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-03-06 18:32:59 ----D---- C:\rsit
2015-03-06 18:32:59 ----D---- C:\Program Files\trend micro
2015-03-06 17:40:44 ----A---- C:\TDSSKiller.3.0.0.44_06.03.2015_17.40.44_log.txt
2015-03-05 20:57:55 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2015-03-05 20:57:46 ----D---- C:\Program Files (x86)\Windows Live
2015-03-05 20:57:24 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-03-05 20:11:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-03 20:31:53 ----D---- C:\Program Files (x86)\ESET
2015-03-03 19:21:27 ----D---- C:\ProgramData\IsolatedStorage
2015-03-02 09:47:17 ----A---- C:\Windows\system32\drivers\avchv.sys
2015-03-02 01:40:02 ----D---- C:\Downloads
2015-03-02 01:39:20 ----D---- C:\Users\Daniel\AppData\Roaming\BitComet
2015-03-01 18:40:10 ----D---- C:\Users\Daniel\AppData\Roaming\Kalypso Media
2015-02-27 00:45:50 ----D---- C:\Users\Daniel\AppData\Roaming\Google
2015-02-26 22:50:42 ----D---- C:\Users\Daniel\AppData\Roaming\npm
2015-02-19 22:49:35 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-02-19 22:49:34 ----D---- C:\ProgramData\RogueKiller
2015-02-19 22:48:31 ----D---- C:\FRST
2015-02-19 19:05:36 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-19 18:34:52 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-18 23:19:38 ----A---- C:\Windows\etdrv.sys
2015-02-18 23:14:11 ----A---- C:\Windows\system32\drivers\UsbCharger.sys
2015-02-18 23:14:11 ----A---- C:\Windows\system32\drivers\AppleCharger.sys
2015-02-18 23:14:11 ----A---- C:\Windows\system32\AppleChargerSrv.exe
2015-02-15 15:37:19 ----D---- C:\Users\Daniel\AppData\Roaming\AnvSoft
2015-02-15 15:09:15 ----D---- C:\Users\Daniel\AppData\Roaming\MangoApps
2015-02-15 15:09:15 ----D---- C:\TinyTake
2015-02-12 23:30:46 ----D---- C:\Users\Daniel\AppData\Roaming\JetBrains
2015-02-12 23:30:14 ----A---- C:\HaxLogs.txt
2015-02-12 23:30:11 ----DC---- C:\Windows\system32\DRVSTORE
2015-02-12 23:24:19 ----A---- C:\Windows\system32\javaws.exe
2015-02-12 23:24:18 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-12 23:24:18 ----A---- C:\Windows\system32\javaw.exe
2015-02-12 23:24:18 ----A---- C:\Windows\system32\java.exe
2015-02-12 08:23:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 08:23:40 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 08:00:54 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-02-11 08:00:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 08:00:54 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 08:00:54 ----A---- C:\Windows\system32\certcli.dll
2015-02-11 08:00:30 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 08:00:30 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 08:00:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 08:00:29 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 08:00:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-02-11 08:00:29 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 08:00:29 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 08:00:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 08:00:29 ----A---- C:\Windows\system32\ntdll.dll
2015-02-11 08:00:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 08:00:27 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 08:00:27 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 08:00:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 08:00:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 08:00:25 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 08:00:25 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 08:00:24 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\webcheck.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\jscript.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\inetcomm.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 08:00:24 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 08:00:24 ----A---- C:\Windows\system32\actxprxy.dll
2015-02-11 08:00:18 ----A---- C:\Windows\system32\sppobjs.dll
2015-02-11 08:00:16 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 08:00:16 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 08:00:16 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 08:00:16 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 08:00:16 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 08:00:16 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 08:00:14 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-06 18:32:59 ----RD---- C:\Program Files
2015-03-06 18:32:16 ----D---- C:\Users\Daniel\AppData\Roaming\.purple
2015-03-06 18:32:01 ----D---- C:\Users\Daniel\AppData\Roaming\ClassicShell
2015-03-06 18:19:17 ----D---- C:\Windows\Temp
2015-03-06 18:14:42 ----D---- C:\Windows\Prefetch
2015-03-06 18:10:10 ----RD---- C:\Windows\System32
2015-03-06 18:09:30 ----D---- C:\Windows\Inf
2015-03-06 18:09:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-06 18:04:39 ----D---- C:\AdwCleaner
2015-03-06 18:00:00 ----D---- C:\Windows\system32\sru
2015-03-06 17:57:29 ----D---- C:\Program Files\Classic Shell
2015-03-06 17:53:25 ----D---- C:\Windows\system32\drivers
2015-03-06 17:45:14 ----D---- C:\Users\Daniel\AppData\Roaming\KeePass
2015-03-06 17:13:56 ----D---- C:\Windows
2015-03-06 17:13:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 17:09:35 ----D---- C:\Users\Daniel\AppData\Roaming\FileZilla
2015-03-06 17:09:23 ----D---- C:\Windows\SoftwareDistribution
2015-03-06 17:09:23 ----D---- C:\Windows\Minidump
2015-03-06 17:09:23 ----D---- C:\Windows\Logs
2015-03-06 17:09:23 ----D---- C:\Windows\debug
2015-03-06 17:07:42 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2015-03-06 09:21:49 ----D---- C:\Windows\system32\config
2015-03-06 09:19:47 ----D---- C:\Windows\Microsoft.NET
2015-03-06 09:19:22 ----RSD---- C:\Windows\assembly
2015-03-06 08:54:17 ----D---- C:\Users\Daniel\AppData\Roaming\eM Client
2015-03-06 08:45:45 ----D---- C:\Windows\AppReadiness
2015-03-05 21:03:24 ----SHD---- C:\Windows\Installer
2015-03-05 21:03:24 ----SD---- C:\Users\Daniel\AppData\Roaming\Microsoft
2015-03-05 20:57:55 ----RD---- C:\Program Files (x86)
2015-03-05 20:57:42 ----D---- C:\Windows\WinSxS
2015-03-05 20:57:41 ----D---- C:\Program Files\Common Files\microsoft shared
2015-03-05 20:57:35 ----SHD---- C:\System Volume Information
2015-03-05 20:55:14 ----D---- C:\Program Files (x86)\Common Files
2015-03-05 20:55:06 ----SD---- C:\ProgramData\Microsoft
2015-03-05 15:50:28 ----D---- C:\Users\Daniel\AppData\Roaming\tropico 4
2015-03-05 10:18:09 ----HD---- C:\Program Files\WindowsApps
2015-03-03 19:21:27 ----HD---- C:\ProgramData
2015-03-02 15:51:18 ----D---- C:\Windows\SysWOW64
2015-02-26 09:03:55 ----D---- C:\Windows\system32\catroot2
2015-02-25 07:36:21 ----D---- C:\Windows\CbsTemp
2015-02-19 18:34:53 ----D---- C:\Intel
2015-02-19 00:15:05 ----D---- C:\Program Files (x86)\Intel
2015-02-19 00:14:09 ----D---- C:\Windows\system32\DriverStore
2015-02-19 00:14:09 ----D---- C:\Windows\system32\catroot
2015-02-19 00:14:02 ----D---- C:\Program Files\Intel
2015-02-18 23:14:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-18 23:14:55 ----D---- C:\Program Files (x86)\Gigabyte
2015-02-18 23:14:11 ----D---- C:\Program Files\Gigabyte
2015-02-15 15:14:51 ----D---- C:\ProgramData\Package Cache
2015-02-15 15:09:15 ----D---- C:\Windows\system32\Tasks
2015-02-12 08:42:52 ----D---- C:\Windows\rescache
2015-02-11 12:27:32 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 12:27:32 ----D---- C:\Windows\system32\appraiser
2015-02-11 08:36:43 ----D---- C:\ProgramData\Microsoft Help
2015-02-11 08:36:25 ----D---- C:\Windows\system32\MRT
2015-02-11 08:34:04 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 01:10:08 ----D---- C:\Users\Daniel\AppData\Roaming\calibre
2015-02-08 14:08:28 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2013-04-17 718840]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-04-11 645480]
R0 trufos;trufos; C:\Windows\system32\DRIVERS\trufos.sys [2013-05-28 382536]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-10-28 22240]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-07-02 121928]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2013-04-22 148696]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;@oem5.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-06-21 223232]
R3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2013-04-17 593144]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-03-06 25640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-03 4753336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-28 3977944]
R3 iwdbus;@oem23.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-09-19 27000]
R3 MEIx64;@oem18.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-06-17 873688]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2013-07-24 34816]
S0 amdkmafd;@oem3.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-10-24 22240]
S3 intaud_WaveExtensible;@oem22.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-09-19 38264]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-03-06 35064]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 gadjservice;GIGABYTE Adjust; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [2014-04-16 16384]
R2 gzserv;Bitdefender Antivirus Free Edition; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-10-23 69368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-03 329104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16 107912]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-03 279952]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-16 107912]
S3 HwmRecordService;HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [2014-11-06 62784]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-05 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2015-01-25 1903472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 07 bře 2015 12:03
od altrok
Zdravim :bye:


:arrow: System mate na SSD disku?

:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin
    pokud mate zapojene jen SSDcko, test bude rychlejsi

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 07 bře 2015 16:05
od mad_doc
Díky za reakci,
ano SSD (ale stejně to i s ostatními disky trvalo 3 hodiny :) )
přikládám log


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7. 3. 2015
Scan Time: 12:18:37
Logfile: mbamlog.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.07.02
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Daniel

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 2148148
Time Elapsed: 3 hr, 37 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.RiskwareTool.CK, D:\downloads\amtlib.dll, , [f5b966dc1377c472b069268a5aa8b14f],

Physical Sectors: 0
(No malicious items detected)


(end)

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 08 bře 2015 02:46
od altrok
:arrow: Nalez smazte/presunte do karanteny.

:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 08 bře 2015 12:37
od mad_doc
Díky, first log níže (addition přiložen)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 01
Ran by Daniel (administrator) on DANEK on 08-03-2015 12:34:13
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & Daniel_2)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gigabyte Technology CO.) C:\Program Files\Gigabyte\SmartRecovery2\RPMDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(The Pidgin developer community) D:\Program Files (x86)\Pidgin\pidgin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) D:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => d:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-03-20] (Intel Corporation)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\Gigabyte\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\Run: [ManicTime2149D51D9DB044D0] => D:\Program Files (x86)\ManicTime\ManicTime.exe [45832 2015-02-26] (Finkit d.o.o.)
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\Run: [ManicTime] => D:\Program Files (x86)\ManicTime\ManicTime.exe [45832 2015-02-26] (Finkit d.o.o.)
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\MountPoints2: {9e9cf623-9d8f-11e4-8254-74d43587e1c6} - "H:\SETUP.EXE"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre7\bin\ssv.dll [2015-02-12] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\1v7qlzye.default
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\1v7qlzye.default\extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [Not Found]
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\1v7qlzye.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2015-01-16]
CHR Extension: (Web Developer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-01-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-16]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Emmet Re:View) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejoicbhllgiimigokgjdoijnpaphdp [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-16]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2015-01-16]
CHR Extension: (feedly) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-01-25]
CHR Extension: (goo.gl URL Shortener) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2015-01-16]
CHR Extension: (TrackingTime
Time Tracker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knailkjkjcfegledhjhcfacdngnicimb [2015-02-18]
CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-02-10]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Responsive Web Design Tester) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\objclahbaimlfnbjdeobicmmlnbhamkg [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-25] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-03-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-06] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 12:34 - 2015-03-08 12:34 - 00019451 _____ () C:\Users\Daniel\Desktop\FRST.txt
2015-03-08 12:32 - 2015-03-08 12:32 - 02095104 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-03-07 07:06 - 2015-03-08 08:32 - 00102800 _____ () C:\Windows\WindowsUpdate.log
2015-03-06 21:49 - 2015-03-06 22:51 - 00001761 _____ () C:\Users\Daniel\Desktop\RelicCOH.exe – zástupce.lnk
2015-03-06 21:40 - 2015-03-06 21:40 - 00000000 __SHD () C:\ProgramData\DSS
2015-03-06 21:40 - 2015-03-06 21:40 - 00000000 ____D () C:\ProgramData\Codemasters
2015-03-06 21:39 - 2015-03-06 21:39 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-03-06 21:39 - 2015-03-06 21:39 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-03-06 21:39 - 2015-03-06 21:39 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-03-06 21:39 - 2015-03-06 21:39 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-03-06 21:39 - 2015-03-06 21:39 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2015-03-06 21:39 - 2015-03-06 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-06 21:39 - 2015-03-06 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2015-03-06 21:39 - 2015-03-06 21:39 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-03-06 21:39 - 2015-03-06 21:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-03-06 21:39 - 2015-03-06 21:39 - 00000000 ____D () C:\Program Files (x86)\BRS
2015-03-06 21:39 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2015-03-06 21:39 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2015-03-06 18:32 - 2015-03-06 18:33 - 00000000 ____D () C:\rsit
2015-03-06 18:32 - 2015-03-06 18:33 - 00000000 ____D () C:\Program Files\trend micro
2015-03-06 17:13 - 2015-03-08 10:46 - 00003828 _____ () C:\Windows\setupact.log
2015-03-06 17:13 - 2015-03-06 17:13 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-05 20:57 - 2015-03-05 20:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-03-05 20:57 - 2015-03-05 20:57 - 00000000 ____D () C:\Program Files (x86)\Windows Live SkyDrive
2015-03-05 20:57 - 2015-03-05 20:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-03-05 20:54 - 2015-03-05 20:54 - 00000000 ____D () C:\Users\Daniel\AppData\Local\IsolatedStorage
2015-03-05 20:50 - 2015-03-05 20:50 - 00000000 ____D () C:\Users\Daniel\Documents\Expression
2015-03-05 20:50 - 2015-03-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-03-05 20:11 - 2015-03-05 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 17:10 - 2015-03-05 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2015-03-05 12:55 - 2015-03-05 12:55 - 06208736 _____ (Tim Kosse) C:\Users\Daniel\Downloads\FileZilla_3.10.2_win32-setup.exe
2015-03-03 20:31 - 2015-03-03 20:31 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-03 19:21 - 2015-03-03 19:21 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-03-02 17:49 - 2015-03-02 17:49 - 00000525 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brackets.lnk
2015-03-02 09:47 - 2015-03-02 09:47 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-03-02 09:10 - 2015-03-02 09:10 - 00000988 _____ () C:\Users\Daniel\Desktop\03-2015.xlsx – zástupce.lnk
2015-03-02 01:39 - 2015-03-02 01:40 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\BitComet
2015-03-01 18:40 - 2015-03-01 18:40 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Kalypso Media
2015-03-01 16:13 - 2015-03-01 16:13 - 00000000 ____D () C:\Users\Daniel\Documents\Thief
2015-03-01 12:36 - 2015-03-01 12:36 - 00000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-03-01 12:36 - 2015-03-01 12:36 - 00000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2015-03-01 12:36 - 2015-03-01 12:36 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Finkit
2015-03-01 12:35 - 2015-03-03 09:30 - 00001737 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2015-02-28 23:33 - 2015-02-28 23:33 - 00048128 _____ () C:\Users\Daniel\genymotion-log.zip
2015-02-28 23:33 - 2015-02-28 23:33 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Genymobile
2015-02-28 23:32 - 2015-02-28 23:32 - 00000842 _____ () C:\Users\Public\Desktop\Genymotion.lnk
2015-02-28 23:32 - 2015-02-28 23:32 - 00000839 _____ () C:\Users\Public\Desktop\Genymotion Shell.lnk
2015-02-28 23:32 - 2015-02-28 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2015-02-28 22:13 - 2015-02-28 22:14 - 00000000 ____D () C:\Users\Daniel\Documents\Spiele
2015-02-28 22:13 - 2015-02-28 22:13 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Gas Powered Games
2015-02-27 00:45 - 2015-03-06 17:13 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdWords Editor
2015-02-27 00:45 - 2015-02-27 00:45 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Google
2015-02-26 22:50 - 2015-02-26 22:50 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\npm
2015-02-26 22:18 - 2015-02-26 22:18 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2015-02-25 22:04 - 2015-02-25 22:04 - 00000775 _____ () C:\Users\Public\Desktop\Mixxx.lnk
2015-02-25 22:04 - 2015-02-25 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx
2015-02-25 07:03 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 07:03 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-22 18:09 - 2015-03-06 21:40 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2015-02-19 22:49 - 2015-03-06 17:53 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-19 22:49 - 2015-02-19 22:49 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-19 22:48 - 2015-03-08 12:34 - 00000000 ____D () C:\FRST
2015-02-19 19:16 - 2015-02-19 19:16 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Steam
2015-02-19 19:05 - 2015-02-19 19:05 - 00000118 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-19 18:34 - 2015-02-19 18:34 - 00000425 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-18 23:19 - 2015-03-06 12:55 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2015-02-18 23:14 - 2013-10-28 10:02 - 00022240 _____ () C:\Windows\system32\Drivers\AppleCharger.sys
2015-02-18 23:14 - 2013-10-24 17:29 - 00022240 _____ () C:\Windows\system32\Drivers\UsbCharger.sys
2015-02-18 23:14 - 2010-04-06 16:30 - 00031272 _____ () C:\Windows\system32\AppleChargerSrv.exe
2015-02-18 18:47 - 2015-02-18 18:47 - 00002333 _____ () C:\Users\Daniel\Desktop\Spouštěč aplikací Chrome.lnk
2015-02-18 18:47 - 2015-02-18 18:47 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-18 18:47 - 2015-02-18 18:47 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2015-02-17 16:58 - 2015-02-17 16:58 - 00003075 _____ () C:\Users\Daniel\Desktop\Screen Recorder.lnk
2015-02-17 16:58 - 2015-02-17 16:58 - 00003035 _____ () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screen Recorder.lnk
2015-02-17 16:58 - 2015-02-17 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2015-02-15 17:56 - 2015-02-15 17:56 - 00001085 _____ () C:\Users\Daniel\Desktop\Record or stream video and or audio.lnk
2015-02-15 17:30 - 2015-02-15 17:30 - 00000000 ____D () C:\Users\Daniel\.sensible_cinema_storage
2015-02-15 17:30 - 2015-02-15 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Capturer Recorder
2015-02-15 15:37 - 2015-02-15 15:37 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\AnvSoft
2015-02-15 15:35 - 2015-02-15 15:35 - 00000000 ____D () C:\Users\Daniel\Documents\Any Video Recorder
2015-02-15 15:09 - 2015-02-15 15:12 - 00000000 ____D () C:\TinyTake
2015-02-15 15:09 - 2015-02-15 15:09 - 00003564 _____ () C:\Windows\System32\Tasks\TinyTakeUpgrade
2015-02-12 23:35 - 2015-02-12 23:35 - 00000000 ____D () C:\Users\Daniel\.gradle
2015-02-12 23:30 - 2015-02-22 20:28 - 00000000 ____D () C:\Users\Daniel\.android
2015-02-12 23:30 - 2015-02-12 23:30 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\JetBrains
2015-02-12 23:30 - 2015-02-12 23:30 - 00000000 ____D () C:\Users\Daniel\.AndroidStudio
2015-02-12 23:30 - 2015-02-12 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2015-02-12 23:24 - 2015-02-12 23:24 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-12 23:24 - 2015-02-12 23:24 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-12 23:24 - 2015-02-12 23:24 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-12 23:24 - 2015-02-12 23:24 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-02-12 08:23 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 08:23 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 08:00 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 08:00 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 08:00 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 08:00 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 08:00 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 08:00 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 08:00 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 08:00 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 08:00 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 08:00 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 08:00 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 08:00 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 08:00 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 08:00 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 08:00 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 08:00 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 08:00 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 08:00 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 08:00 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 08:00 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 08:00 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 08:00 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 08:00 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 08:00 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 08:00 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 08:00 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 08:00 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 08:00 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 08:00 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 08:00 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 08:00 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 08:00 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 08:00 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 08:00 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 08:00 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 08:00 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 08:00 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 08:00 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 08:00 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 08:00 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 08:00 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 08:00 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 08:00 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 08:00 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 08:00 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 08:00 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 08:00 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 08:00 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 08:00 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 08:00 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 08:00 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 08:00 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 08:00 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 08:00 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 08:00 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 08:00 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 08:00 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 08:00 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-10 20:05 - 2015-02-17 10:32 - 00004608 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 12:30 - 2015-01-16 12:20 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 12:10 - 2015-01-16 12:58 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\.purple
2015-03-08 12:07 - 2015-01-26 20:32 - 00218213 _____ () C:\Windows\SysWOW64\Gms.log
2015-03-08 11:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-08 09:13 - 2015-01-16 15:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\eM Client
2015-03-08 08:29 - 2015-01-16 12:18 - 00000000 ___DO () C:\Users\Daniel\OneDrive
2015-03-08 08:15 - 2015-01-16 12:19 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E20A7A10-DCBE-458D-93DA-A66A479ACA7B}
2015-03-08 08:12 - 2015-01-26 20:21 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-08 08:12 - 2015-01-16 12:20 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 21:15 - 2015-01-16 12:26 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\ClassicShell
2015-03-07 16:29 - 2015-01-16 13:58 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\KeePass
2015-03-07 14:28 - 2015-01-16 19:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2015-03-07 12:18 - 2015-01-18 20:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-07 07:37 - 2015-01-16 12:24 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4076607240-3047126870-3847524387-1001
2015-03-06 22:49 - 2015-01-21 23:04 - 00000000 ____D () C:\Users\Daniel\Documents\my games
2015-03-06 20:52 - 2015-01-26 17:47 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Stencyl
2015-03-06 20:28 - 2015-01-16 22:11 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\tropico 4
2015-03-06 20:15 - 2015-01-17 23:49 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\FileZilla
2015-03-06 18:09 - 2014-03-18 16:33 - 01749406 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 18:09 - 2014-03-18 15:54 - 00739720 _____ () C:\Windows\system32\perfh005.dat
2015-03-06 18:09 - 2014-03-18 15:54 - 00151940 _____ () C:\Windows\system32\perfc005.dat
2015-03-06 18:05 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-06 18:04 - 2015-01-25 06:51 - 00000000 ____D () C:\AdwCleaner
2015-03-06 17:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-06 17:57 - 2015-01-16 12:25 - 00000000 ____D () C:\Program Files\Classic Shell
2015-03-06 17:13 - 2015-01-24 17:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 17:09 - 2015-01-20 09:51 - 00000000 ____D () C:\Windows\Minidump
2015-03-06 13:12 - 2015-01-17 23:49 - 00000908 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-03-06 13:12 - 2015-01-17 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-03-06 08:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-05 20:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-05 20:11 - 2015-01-18 12:25 - 00000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2015-03-04 00:59 - 2015-01-16 12:15 - 00000000 ____D () C:\Users\Daniel
2015-02-27 00:45 - 2015-01-16 12:20 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google
2015-02-25 07:36 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-23 23:45 - 2015-01-23 23:52 - 00001480 _____ () C:\Users\Daniel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-02-20 07:31 - 2015-01-16 12:21 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 18:34 - 2015-01-17 10:25 - 00000000 ____D () C:\Intel
2015-02-19 00:15 - 2015-01-17 10:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-19 00:14 - 2015-01-17 10:33 - 00000000 ____D () C:\Program Files\Intel
2015-02-18 23:14 - 2015-01-26 21:04 - 00000000 ____D () C:\Program Files\Gigabyte
2015-02-18 23:14 - 2015-01-26 20:19 - 00000000 ____D () C:\Program Files (x86)\Gigabyte
2015-02-18 23:14 - 2015-01-17 10:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-15 15:14 - 2015-01-16 12:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-12 08:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-11 17:07 - 2013-08-22 15:44 - 05031048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 12:27 - 2015-01-16 14:47 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 12:27 - 2015-01-16 14:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 08:36 - 2015-01-16 17:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 08:36 - 2015-01-16 13:47 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 08:34 - 2015-01-16 13:47 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 01:10 - 2015-01-28 01:14 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\calibre
2015-02-11 01:03 - 2015-01-28 01:14 - 00000756 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-02-11 01:03 - 2015-01-28 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-02-08 14:08 - 2015-01-17 20:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-06 08:24 - 2015-01-18 15:20 - 00000000 ____D () C:\Users\Daniel\Documents\oCam

==================== Files in the root of some directories =======

2015-01-27 16:20 - 2015-01-27 16:57 - 0000096 _____ () C:\Users\Daniel\AppData\Roaming\Camdata.ini
2015-01-27 16:20 - 2015-01-27 16:57 - 0000408 _____ () C:\Users\Daniel\AppData\Roaming\CamLayout.ini
2015-01-27 16:20 - 2015-01-27 16:57 - 0000408 _____ () C:\Users\Daniel\AppData\Roaming\CamShapes.ini
2015-01-27 16:20 - 2015-01-27 16:57 - 0004520 _____ () C:\Users\Daniel\AppData\Roaming\CamStudio.cfg
2015-01-23 23:52 - 2015-02-23 23:45 - 0001480 _____ () C:\Users\Daniel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-02-10 20:05 - 2015-02-17 10:32 - 0004608 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-18 12:25 - 2015-03-05 20:11 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2015-01-17 12:08 - 2015-01-17 12:08 - 0215980 _____ () C:\ProgramData\1421492522.bdinstall.bin
2015-01-17 10:32 - 2015-01-17 10:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-01 12:36 - 2015-03-01 12:36 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-03-01 12:36 - 2015-03-01 12:36 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-28 14:53

==================== End Of Log ============================

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 08 bře 2015 22:54
od altrok
:arrow: Aplikace Classic Shell funguje v poradku?

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\MountPoints2: {9e9cf623-9d8f-11e4-8254-74d43587e1c6} - "H:\SETUP.EXE" 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
2015-03-06 18:32 - 2015-03-06 18:33 - 00000000 ____D () C:\rsit
2015-03-06 18:32 - 2015-03-06 18:33 - 00000000 ____D () C:\Program Files\trend micro
2015-01-17 10:32 - 2015-01-17 10:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
End

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 08 bře 2015 23:34
od mad_doc
Classic shell ano - je to úprava aby byla ve win8 dostupná klasická lišta Start (předtím jsem ji samozřejmě testoval na virustotal) a problémy nepozoruji.

Níže uvádím log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-03-2015 01
Ran by Daniel at 2015-03-08 23:31:01 Run:1
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & Daniel_2)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\...\MountPoints2: {9e9cf623-9d8f-11e4-8254-74d43587e1c6} - "H:\SETUP.EXE"
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-03-06 18:32 - 2015-03-06 18:33 - 00000000 ____D () C:\rsit
2015-03-06 18:32 - 2015-03-06 18:33 - 00000000 ____D () C:\Program Files\trend micro
2015-01-17 10:32 - 2015-01-17 10:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Daniel\AppData\Local\Temp
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
"HKU\S-1-5-21-4076607240-3047126870-3847524387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e9cf623-9d8f-11e4-8254-74d43587e1c6}" => Key deleted successfully.
HKCR\CLSID\{9e9cf623-9d8f-11e4-8254-74d43587e1c6} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.

"C:\Users\Daniel\AppData\Local\Temp" directory move:

Could not move "C:\Users\Daniel\AppData\Local\Temp" directory. => Scheduled to move on reboot.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-08 23:31:46)<=

"C:\Users\Daniel\AppData\Local\Temp" => Directory could not move.

==== End of Fixlog 23:31:49 ====

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 08 bře 2015 23:42
od altrok
Classic Shell - z logu to vypada, ze muze byt poskozeny (nebo se muze jednat o chybu FRST), proto se ptam.


Na havet vypada cisto... uvodni problem pretrvava?

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 08 bře 2015 23:49
od mad_doc
Aha, jasně chápu. No problémy nedělá.

Jinak problém - no jak jsem uváděl ze startu, samozřejmě nejsem nutně přesvědčen, jde-li o nějakou havěť, jen jsem chtěl mít o něco větší jistotu, že to tou havětí být nemusí. Jen se mi teď po posledním fixu, který jsem sem vložil zhroutil po tom, co jsem sem vložil ten log, antivir Bitdefender (program Bitdefender přestal pracovat), ale po restartu už opět šlape. Ale nevím, má-li to samozřejmě nějakou souvislost. Mimo prohlížeče jsem do té doby další sw nespouštěl.

Jinak potíže s připojením byly náhodné - prozatím v pořádku, ale uvidím až během delšího času (horizont několika hodin práce s PC), abych mohl s jistotou říct, došlo-li ke změně.

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 09 bře 2015 00:37
od altrok
Jasne, sledujte stav a dejte vedet.

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 16 bře 2015 11:23
od mad_doc
Párkrát k tomu zase došlo, takže budu hledat problém patrně někde v hw. Každopádně děkuji za váš čas a pomoc! :worship:

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 16 bře 2015 12:37
od altrok
Jeste nakoukneme do protokolu.


:arrow: Start -> spustit -> eventvwr, vlevo rozkliknete Protokoly systemu Windows, pravej klik na System, vyberte Ulozit vsechny udalosti jako, typ souboru *.evtx, vysledny soubor zabalte a upnete na leteckou postu - link (odkaz na stazeni) dejte do pristi odpovedi.

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 16 bře 2015 14:35
od mad_doc
http://leteckaposta.cz/448455135

Re: Ne zcela běžné "seky" internetu win8-64bit

Napsal: 22 bře 2015 10:04
od MiliNess
Ahoj. Pravděpodobně tam budeš mít nějakou HW vadu.

1) upni soubory ze složky Windows\Minidump na http://www.leteckaposta.cz. V poslední době ti dvakrát spadl operační systém.
Jedna chyba se týkala grafického subsystému (vada VGA, přehřívání VGA, chyba v grafickém ovladači)

2) stáhni utilitu CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky vlož do příspěvku pomocí Ctrl+V.
V protokolu byla jedna událost od ovladače uložiště iaStor.sys, informující o chybě zařízení, které je připojené k portu 0. (\Device\RaidPort0) Bude to SSD nebo pevný disk.

3) Spusť HeavyLoad a Hardware Monitor (nebo Open Hardware Monitor). V HeavyLoad spusť zátěžový test
a zhruba po 10 minutách udělej screenshot Hardware Monitoru. Ten pak vlož do příspěvku.


Nic, co by se týkalo problémů se sítí, jsem v protokolu paradoxně nenašel. Mohl by to ale způsobovat např. filtr BitDefenderu.
Zkus ho odinstalovat a vyzkoušej, zda k problémům dochází i bez něho.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz