Dobrý den, prosím o pomoc s počítačem, od jisté doby mi přestal fungovat program Windows Defender a některé webové stránky se nechtějí načítat. Dále mám problém s "lagováním" programu Origin.exe (spouští se přes něj všechny FIFY - počítačová hra)
Mám podezření na nějaký vir, na notebooku byl nějakou dobu nainstalovaný jistý slovenský antivir (už si nevzpomínám na jméno) ale byl jsem nucen ho odinstalovat, protože mylně mazal spouštěcí soubor Origin.exe
Děkuji předem.
Přikládám RSIT log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-09-30 15:08:21
Microsoft Windows 8.1
System drive C: has 851 GB (91%) free of 933 GB
Total RAM: 8084 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:08:29, on 30. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Users\user\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... X83CIS41US
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... X83CIS41US
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.24.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DFA4D69-472D-49A8-AB4B-F81131EF47FE}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD797C18-B2C5-4DA5-BD4C-ED30D1BC26C2}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CS1\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14419 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {4b950b50-d347-4a89-9ea88e6ba2b84a23}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe" --
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
taskhostex.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
szndesktop.exe default start
"C:\Users\user\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5764.0.2127322301\1143239903" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,21,48 --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.2.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/*BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model2/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/control/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_45ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.01,0.00018/*WebRTC-BitrateProbing/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5764.3.983213516\771482142" --font-cache-shared-handle=2568 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/*BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model2/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/control/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_45ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.01,0.00018/*WebRTC-BitrateProbing/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5764.5.945555877\1501242821" --font-cache-shared-handle=5116 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5764.7.256783829\2075701291" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/*BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model2/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableGoogleCachedCopyTextExperiment/control/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_45ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.01,0.00018/*WebRTC-BitrateProbing/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5764.14.1832702807\288156549" --font-cache-shared-handle=3752 /prefetch:673131151
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 58F483BB-B0A0-6125-6232-27C7EF098B73 -Reinvoke
"C:\Users\user\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForAdministrator.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAdministrator (null)
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)
C:\WINDOWS\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\WINDOWS\tasks\Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-05-27 131096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-05-27 131096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-08 7156296]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-09-23 3638256]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-05 766208]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-30 15:08:21 ----D---- C:\rsit
2015-09-30 15:08:21 ----D---- C:\Program Files\trend micro
2015-09-23 19:12:14 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-23 18:45:48 ----D---- C:\Program Files (x86)\Belarc
2015-09-23 17:27:51 ----D---- C:\Program Files (x86)\Registry Recycler
2015-09-23 15:44:23 ----D---- C:\Program Files (x86)\Origin
2015-09-23 15:29:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-19 09:19:31 ----A---- C:\WINDOWS\WiseHDInfo64.dll
2015-09-16 16:12:38 ----D---- C:\Program Files\Reason
2015-09-06 16:10:01 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2015-09-06 16:09:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-06 16:09:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-30 15:08:27 ----D---- C:\WINDOWS\Prefetch
2015-09-30 15:08:21 ----RD---- C:\Program Files
2015-09-30 15:06:01 ----D---- C:\WINDOWS\Temp
2015-09-30 15:02:02 ----D---- C:\WINDOWS\system32\sru
2015-09-30 14:57:59 ----D---- C:\Users\user\AppData\Roaming\Seznam.cz
2015-09-30 14:55:48 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-09-30 14:54:07 ----D---- C:\ProgramData\Origin
2015-09-30 14:53:03 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-09-30 14:52:43 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-09-30 14:52:40 ----D---- C:\ProgramData\LogMeIn
2015-09-29 21:51:11 ----D---- C:\WINDOWS\Inf
2015-09-29 21:50:05 ----D---- C:\WINDOWS\debug
2015-09-29 21:50:05 ----D---- C:\Windows
2015-09-29 21:46:31 ----RD---- C:\WINDOWS\System32
2015-09-29 15:52:18 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-29 14:45:20 ----D---- C:\WINDOWS\Tasks
2015-09-29 14:45:20 ----D---- C:\WINDOWS\system32\Tasks
2015-09-28 12:31:44 ----SHD---- C:\System Volume Information
2015-09-27 21:13:42 ----D---- C:\Users\user\AppData\Roaming\Skype
2015-09-26 22:49:12 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2015-09-24 15:15:32 ----SHD---- C:\WINDOWS\Installer
2015-09-23 22:00:51 ----HD---- C:\Program Files\WindowsApps
2015-09-23 22:00:51 ----D---- C:\WINDOWS\AppReadiness
2015-09-23 22:00:45 ----D---- C:\ProgramData\Microsoft Help
2015-09-23 21:59:18 ----D---- C:\WINDOWS\SysWOW64
2015-09-23 21:54:40 ----D---- C:\WINDOWS\system32\MRT
2015-09-23 19:09:11 ----RD---- C:\Program Files (x86)
2015-09-23 19:08:22 ----HD---- C:\ProgramData
2015-09-23 19:08:14 ----D---- C:\WINDOWS\system32\catroot2
2015-09-23 18:20:44 ----SHD---- C:\$Recycle.Bin
2015-09-23 18:20:14 ----RD---- C:\Users
2015-09-23 18:09:01 ----SD---- C:\ProgramData\Microsoft
2015-09-23 17:52:33 ----D---- C:\WINDOWS\system32\wdi
2015-09-23 17:12:31 ----D---- C:\Program Files (x86)\LogMeIn
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIport.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIinit.dll
2015-09-23 15:44:36 ----D---- C:\ProgramData\Electronic Arts
2015-09-23 15:41:17 ----D---- C:\Program Files (x86)\Panda Security
2015-09-23 15:38:58 ----D---- C:\ProgramData\Panda Security
2015-09-23 15:38:42 ----RSD---- C:\WINDOWS\Fonts
2015-09-23 15:38:39 ----D---- C:\WINDOWS\system32\drivers
2015-09-23 15:38:09 ----D---- C:\Users\user\AppData\Roaming\Panda Security
2015-09-23 15:38:08 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-23 15:30:17 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-23 15:14:06 ----D---- C:\Program Files (x86)\Wise
2015-09-19 09:20:18 ----RHD---- C:\MSOCache
2015-09-03 14:54:59 ----D---- C:\ProgramData\Panda Security URL Filtering
2015-09-02 18:40:56 ----D---- C:\ProgramData\panda_url_filtering
2015-09-01 15:29:36 ----D---- C:\ProgramData\Package Cache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-22 644968]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2014-02-07 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem13.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-02-26 49200]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-08 3340616]
R3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-12-19 99288]
R3 netr28x;@oem8.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem1.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem3.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-12-19 830680]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-19 34544]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-19 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-12 12521472]
S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-12 617472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-02 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400]
S3 ssudmdm;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-12 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-12-19 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-12-19 169432]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-09-23 417640]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2015-09-23 507752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-12-19 390616]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-08-24 407424]
R2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-05-19 291336]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19 7743472]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2013-12-29 2324216]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 be938c62;SystemExtend; C:\WINDOWS\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-28 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-20 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-09-23 2057736]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zablokovaný Windows Defender aj.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
zde je log
# AdwCleaner v5.009 - Logfile created 30/09/2015 at 21:29:06
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : user - NOTEBOOK
# Running from : C:\Users\user\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ReimageRealTimeProtector
***** [ Folders ] *****
[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files (x86)\Super Optimizer
[-] Folder Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\PriceMinus
[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[!] Folder Not Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\CCouPExtensieonn
[-] Folder Deleted : C:\Program Files (x86)\CoupExotEnsion
[-] Folder Deleted : C:\Program Files (x86)\CoupExteension
[-] Folder Deleted : C:\Program Files (x86)\CoUpExTension
[-] Folder Deleted : C:\Program Files (x86)\DiscounTExttenusie
[-] Folder Deleted : C:\Program Files (x86)\JoniCoUUponn
[!] Folder Not Deleted : C:\Program Files (x86)\PriceMinus
[-] Folder Deleted : C:\Program Files (x86)\PriiceeMiNuS
[-] Folder Deleted : C:\Program Files (x86)\RandomPRice
[-] Folder Deleted : C:\Program Files (x86)\SaveaNewaAppzu
[-] Folder Deleted : C:\Program Files (x86)\SaveNewaAPpz
[-] Folder Deleted : C:\Program Files (x86)\SaveNewwaAAPPPPz
[-] Folder Deleted : C:\Program Files (x86)\ShopDrope
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\16045866333302844883
[-] Folder Deleted : C:\ProgramData\623e77e400004ea6
[-] Folder Deleted : C:\ProgramData\{152204b2-7e99-429c-1522-204b27e912c9}
[-] Folder Deleted : C:\ProgramData\{ae4ad65e-eab6-3b12-ae4a-ad65eeab597b}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjgbdlbgjeoankjijbmheneoekbghcg
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgjnhglhidbpdjbabpaglmpfofcidnm
[-] Folder Deleted : C:\users\user\AppData\Roaming\Super Optimizer
[-] Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\users\user\Documents\Super Optimizer
***** [ Files ] *****
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bjjgbdlbgjeoankjijbmheneoekbghcg_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbfmnekepjoapopniengjbcpnbljalfg_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdgjnhglhidbpdjbabpaglmpfofcidnm_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\Reimage.ini
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : Super Optimizer Schedule
[-] Task Deleted : Adobe Flash Player Updater
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\d4028201-aa7d-7b0a-c341-eeb05c4c9ea9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{be938c62}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03D19D4E-AADD-472C-93CF-63602AE5DC2E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04A0F1FA-CF83-4ECD-9F68-D94D3F8A7622}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BDAF5CA1-4082-4F20-B44D-0238A9183DCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Super Optimizer
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\Super Optimizer
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-3666991644-4098093574-3285583409-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKU\S-1-5-21-3666991644-4098093574-3285583409-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Web browsers ] *****
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14322 ... X83CIS41US
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bjjgbdlbgjeoankjijbmheneoekbghcg
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dbfmnekepjoapopniengjbcpnbljalfg
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mdgjnhglhidbpdjbabpaglmpfofcidnm
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ogminpmldncgcmokldnmmapddoccmhfl
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14322 ... X83CIS41US
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10479 bytes] ##########
# AdwCleaner v5.009 - Logfile created 30/09/2015 at 21:29:06
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : user - NOTEBOOK
# Running from : C:\Users\user\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ReimageRealTimeProtector
***** [ Folders ] *****
[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files (x86)\Super Optimizer
[-] Folder Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\PriceMinus
[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[!] Folder Not Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\CCouPExtensieonn
[-] Folder Deleted : C:\Program Files (x86)\CoupExotEnsion
[-] Folder Deleted : C:\Program Files (x86)\CoupExteension
[-] Folder Deleted : C:\Program Files (x86)\CoUpExTension
[-] Folder Deleted : C:\Program Files (x86)\DiscounTExttenusie
[-] Folder Deleted : C:\Program Files (x86)\JoniCoUUponn
[!] Folder Not Deleted : C:\Program Files (x86)\PriceMinus
[-] Folder Deleted : C:\Program Files (x86)\PriiceeMiNuS
[-] Folder Deleted : C:\Program Files (x86)\RandomPRice
[-] Folder Deleted : C:\Program Files (x86)\SaveaNewaAppzu
[-] Folder Deleted : C:\Program Files (x86)\SaveNewaAPpz
[-] Folder Deleted : C:\Program Files (x86)\SaveNewwaAAPPPPz
[-] Folder Deleted : C:\Program Files (x86)\ShopDrope
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\16045866333302844883
[-] Folder Deleted : C:\ProgramData\623e77e400004ea6
[-] Folder Deleted : C:\ProgramData\{152204b2-7e99-429c-1522-204b27e912c9}
[-] Folder Deleted : C:\ProgramData\{ae4ad65e-eab6-3b12-ae4a-ad65eeab597b}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjgbdlbgjeoankjijbmheneoekbghcg
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg
[-] Folder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdgjnhglhidbpdjbabpaglmpfofcidnm
[-] Folder Deleted : C:\users\user\AppData\Roaming\Super Optimizer
[-] Folder Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\users\user\Documents\Super Optimizer
***** [ Files ] *****
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bjjgbdlbgjeoankjijbmheneoekbghcg_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbfmnekepjoapopniengjbcpnbljalfg_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdgjnhglhidbpdjbabpaglmpfofcidnm_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\Reimage.ini
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : Super Optimizer Schedule
[-] Task Deleted : Adobe Flash Player Updater
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\d4028201-aa7d-7b0a-c341-eeb05c4c9ea9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{be938c62}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03D19D4E-AADD-472C-93CF-63602AE5DC2E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04A0F1FA-CF83-4ECD-9F68-D94D3F8A7622}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BDAF5CA1-4082-4F20-B44D-0238A9183DCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Super Optimizer
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\Super Optimizer
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-3666991644-4098093574-3285583409-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKU\S-1-5-21-3666991644-4098093574-3285583409-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Web browsers ] *****
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14322 ... X83CIS41US
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bjjgbdlbgjeoankjijbmheneoekbghcg
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dbfmnekepjoapopniengjbcpnbljalfg
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mdgjnhglhidbpdjbabpaglmpfofcidnm
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ogminpmldncgcmokldnmmapddoccmhfl
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14322 ... X83CIS41US
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10479 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
zde je RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-09-30 22:25:23
Microsoft Windows 8.1
System drive C: has 846 GB (91%) free of 933 GB
Total RAM: 8084 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:25:26, on 30. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Users\user\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.24.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DFA4D69-472D-49A8-AB4B-F81131EF47FE}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD797C18-B2C5-4DA5-BD4C-ED30D1BC26C2}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CS1\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13232 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\WINDOWS\system32\svchost.exe -k apphost
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {cd5f7b81-792e-4c5d-a4bb0761a50681b4}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe" --
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
szndesktop.exe default start
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\user\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5084.0.1640250696\1715851317" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,21,48 --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.2.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Enabled/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/control/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_40ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.012,0.0003/*WebRTC-BitrateProbing/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5084.8.1442281926\1302645682" --font-cache-shared-handle=3980 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Enabled/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/control/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_40ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.012,0.0003/*WebRTC-BitrateProbing/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5084.9.962953210\1086030298" --font-cache-shared-handle=5752 /prefetch:673131151
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart /Installed:9.9.1.62656
"C:\Users\user\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForAdministrator.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAdministrator (null)
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)
C:\WINDOWS\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\WINDOWS\tasks\Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-05-27 131096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-05-27 131096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-08 7156296]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-09-30 3638768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-05 766208]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-30 21:23:01 ----D---- C:\AdwCleaner
2015-09-30 15:08:21 ----D---- C:\rsit
2015-09-30 15:08:21 ----D---- C:\Program Files\trend micro
2015-09-23 19:12:14 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-23 18:45:48 ----D---- C:\Program Files (x86)\Belarc
2015-09-23 17:27:51 ----D---- C:\Program Files (x86)\Registry Recycler
2015-09-23 15:44:23 ----D---- C:\Program Files (x86)\Origin
2015-09-23 15:29:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-19 09:19:31 ----A---- C:\WINDOWS\WiseHDInfo64.dll
2015-09-16 16:12:38 ----D---- C:\Program Files\Reason
2015-09-06 16:10:01 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2015-09-06 16:09:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-06 16:09:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-30 22:00:37 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-30 22:00:23 ----D---- C:\WINDOWS\Temp
2015-09-30 22:00:03 ----D---- C:\WINDOWS\system32\sru
2015-09-30 21:38:10 ----D---- C:\Users\user\AppData\Roaming\Seznam.cz
2015-09-30 21:37:40 ----D---- C:\WINDOWS\Tasks
2015-09-30 21:37:40 ----D---- C:\WINDOWS\system32\Tasks
2015-09-30 21:36:56 ----D---- C:\ProgramData\Origin
2015-09-30 21:36:45 ----D---- C:\WINDOWS\Prefetch
2015-09-30 21:36:03 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-09-30 21:33:22 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-09-30 21:33:01 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-09-30 21:32:26 ----D---- C:\Windows
2015-09-30 21:29:10 ----HD---- C:\ProgramData
2015-09-30 21:29:09 ----RD---- C:\Program Files (x86)
2015-09-30 21:29:09 ----RD---- C:\Program Files
2015-09-30 15:25:34 ----D---- C:\WINDOWS\debug
2015-09-30 14:52:40 ----D---- C:\ProgramData\LogMeIn
2015-09-29 21:51:11 ----D---- C:\WINDOWS\Inf
2015-09-29 21:46:31 ----RD---- C:\WINDOWS\System32
2015-09-28 12:31:44 ----SHD---- C:\System Volume Information
2015-09-27 21:13:42 ----D---- C:\Users\user\AppData\Roaming\Skype
2015-09-26 22:49:12 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2015-09-24 15:15:32 ----SHD---- C:\WINDOWS\Installer
2015-09-23 22:00:51 ----HD---- C:\Program Files\WindowsApps
2015-09-23 22:00:51 ----D---- C:\WINDOWS\AppReadiness
2015-09-23 22:00:45 ----D---- C:\ProgramData\Microsoft Help
2015-09-23 21:59:18 ----D---- C:\WINDOWS\SysWOW64
2015-09-23 21:58:17 ----D---- C:\WINDOWS\system32\MRT
2015-09-23 19:08:14 ----D---- C:\WINDOWS\system32\catroot2
2015-09-23 18:20:44 ----SHD---- C:\$Recycle.Bin
2015-09-23 18:20:14 ----RD---- C:\Users
2015-09-23 18:09:01 ----SD---- C:\ProgramData\Microsoft
2015-09-23 17:52:33 ----D---- C:\WINDOWS\system32\wdi
2015-09-23 17:12:31 ----D---- C:\Program Files (x86)\LogMeIn
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIport.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIinit.dll
2015-09-23 15:44:36 ----D---- C:\ProgramData\Electronic Arts
2015-09-23 15:41:17 ----D---- C:\Program Files (x86)\Panda Security
2015-09-23 15:38:58 ----D---- C:\ProgramData\Panda Security
2015-09-23 15:38:42 ----RSD---- C:\WINDOWS\Fonts
2015-09-23 15:38:39 ----D---- C:\WINDOWS\system32\drivers
2015-09-23 15:38:09 ----D---- C:\Users\user\AppData\Roaming\Panda Security
2015-09-23 15:38:08 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-23 15:30:17 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-23 15:14:06 ----D---- C:\Program Files (x86)\Wise
2015-09-19 09:20:18 ----RHD---- C:\MSOCache
2015-09-03 14:54:59 ----D---- C:\ProgramData\Panda Security URL Filtering
2015-09-02 18:40:56 ----D---- C:\ProgramData\panda_url_filtering
2015-09-01 15:29:36 ----D---- C:\ProgramData\Package Cache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-22 644968]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2014-02-07 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem13.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-02-26 49200]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-08 3340616]
R3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-12-19 99288]
R3 netr28x;@oem8.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem1.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem3.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-12-19 830680]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-19 34544]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-19 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-12 12521472]
S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-12 617472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-02 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400]
S3 ssudmdm;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-12 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-12-19 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-12-19 169432]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-09-23 417640]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2015-09-23 507752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-12-19 390616]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-08-24 407424]
R2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-05-19 291336]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2013-12-29 2324216]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 be938c62;SystemExtend; C:\WINDOWS\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-28 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-20 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-09-30 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-09-30 22:25:23
Microsoft Windows 8.1
System drive C: has 846 GB (91%) free of 933 GB
Total RAM: 8084 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:25:26, on 30. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Users\user\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.24.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DFA4D69-472D-49A8-AB4B-F81131EF47FE}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD797C18-B2C5-4DA5-BD4C-ED30D1BC26C2}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CS1\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13232 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\WINDOWS\system32\svchost.exe -k apphost
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {cd5f7b81-792e-4c5d-a4bb0761a50681b4}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe" --
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
szndesktop.exe default start
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\user\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5084.0.1640250696\1715851317" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,21,48 --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.2.2000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Enabled/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/control/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_40ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.012,0.0003/*WebRTC-BitrateProbing/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5084.8.1442281926\1302645682" --font-cache-shared-handle=3980 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Enabled/*AutofillClassifier/Enabled/*AutomaticTabDiscarding/Enabled_Once/*BackgroundTracing/default/CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/FeedbackRanker Mixed 1/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Disabled/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/control/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Enabled/*LocalNTPSuggestionsService/Control/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1399R2/*OutOfProcessPac/Enabled/PasswordBranding/SmartLockBranding/*PasswordGeneration/Enabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PushApiBackgroundMode/Disabled/*QUIC/Disabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/SRTCanary/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Disabled/SafeBrowsingUpdateFrequency/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SimpleCacheTrial/ExperimentControl/SlimmingPaint/Control/StackProfiling/Report profiles/*StunProbeTrial/Shared_Port_40ms/SyncBackingDatabase32K/Enabled/TabSyncByRecency/Control/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-AdaptiveBweThreshold/Enabled-0.012,0.0003/*WebRTC-BitrateProbing/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5084.9.962953210\1086030298" --font-cache-shared-handle=5752 /prefetch:673131151
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart /Installed:9.9.1.62656
"C:\Users\user\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForAdministrator.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAdministrator (null)
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)
C:\WINDOWS\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\WINDOWS\tasks\Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-05-27 131096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-05-27 131096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-08 7156296]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-09-30 3638768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-05 766208]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-30 21:23:01 ----D---- C:\AdwCleaner
2015-09-30 15:08:21 ----D---- C:\rsit
2015-09-30 15:08:21 ----D---- C:\Program Files\trend micro
2015-09-23 19:12:14 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-23 18:45:48 ----D---- C:\Program Files (x86)\Belarc
2015-09-23 17:27:51 ----D---- C:\Program Files (x86)\Registry Recycler
2015-09-23 15:44:23 ----D---- C:\Program Files (x86)\Origin
2015-09-23 15:29:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-19 09:19:31 ----A---- C:\WINDOWS\WiseHDInfo64.dll
2015-09-16 16:12:38 ----D---- C:\Program Files\Reason
2015-09-06 16:10:01 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2015-09-06 16:09:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-06 16:09:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-30 22:00:37 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-30 22:00:23 ----D---- C:\WINDOWS\Temp
2015-09-30 22:00:03 ----D---- C:\WINDOWS\system32\sru
2015-09-30 21:38:10 ----D---- C:\Users\user\AppData\Roaming\Seznam.cz
2015-09-30 21:37:40 ----D---- C:\WINDOWS\Tasks
2015-09-30 21:37:40 ----D---- C:\WINDOWS\system32\Tasks
2015-09-30 21:36:56 ----D---- C:\ProgramData\Origin
2015-09-30 21:36:45 ----D---- C:\WINDOWS\Prefetch
2015-09-30 21:36:03 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-09-30 21:33:22 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-09-30 21:33:01 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-09-30 21:32:26 ----D---- C:\Windows
2015-09-30 21:29:10 ----HD---- C:\ProgramData
2015-09-30 21:29:09 ----RD---- C:\Program Files (x86)
2015-09-30 21:29:09 ----RD---- C:\Program Files
2015-09-30 15:25:34 ----D---- C:\WINDOWS\debug
2015-09-30 14:52:40 ----D---- C:\ProgramData\LogMeIn
2015-09-29 21:51:11 ----D---- C:\WINDOWS\Inf
2015-09-29 21:46:31 ----RD---- C:\WINDOWS\System32
2015-09-28 12:31:44 ----SHD---- C:\System Volume Information
2015-09-27 21:13:42 ----D---- C:\Users\user\AppData\Roaming\Skype
2015-09-26 22:49:12 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2015-09-24 15:15:32 ----SHD---- C:\WINDOWS\Installer
2015-09-23 22:00:51 ----HD---- C:\Program Files\WindowsApps
2015-09-23 22:00:51 ----D---- C:\WINDOWS\AppReadiness
2015-09-23 22:00:45 ----D---- C:\ProgramData\Microsoft Help
2015-09-23 21:59:18 ----D---- C:\WINDOWS\SysWOW64
2015-09-23 21:58:17 ----D---- C:\WINDOWS\system32\MRT
2015-09-23 19:08:14 ----D---- C:\WINDOWS\system32\catroot2
2015-09-23 18:20:44 ----SHD---- C:\$Recycle.Bin
2015-09-23 18:20:14 ----RD---- C:\Users
2015-09-23 18:09:01 ----SD---- C:\ProgramData\Microsoft
2015-09-23 17:52:33 ----D---- C:\WINDOWS\system32\wdi
2015-09-23 17:12:31 ----D---- C:\Program Files (x86)\LogMeIn
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIport.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIinit.dll
2015-09-23 15:44:36 ----D---- C:\ProgramData\Electronic Arts
2015-09-23 15:41:17 ----D---- C:\Program Files (x86)\Panda Security
2015-09-23 15:38:58 ----D---- C:\ProgramData\Panda Security
2015-09-23 15:38:42 ----RSD---- C:\WINDOWS\Fonts
2015-09-23 15:38:39 ----D---- C:\WINDOWS\system32\drivers
2015-09-23 15:38:09 ----D---- C:\Users\user\AppData\Roaming\Panda Security
2015-09-23 15:38:08 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-23 15:30:17 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-23 15:14:06 ----D---- C:\Program Files (x86)\Wise
2015-09-19 09:20:18 ----RHD---- C:\MSOCache
2015-09-03 14:54:59 ----D---- C:\ProgramData\Panda Security URL Filtering
2015-09-02 18:40:56 ----D---- C:\ProgramData\panda_url_filtering
2015-09-01 15:29:36 ----D---- C:\ProgramData\Package Cache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-22 644968]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2014-02-07 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem13.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-02-26 49200]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-08 3340616]
R3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-12-19 99288]
R3 netr28x;@oem8.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem1.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem3.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-12-19 830680]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-19 34544]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-19 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-12 12521472]
S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-12 617472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-02 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400]
S3 ssudmdm;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-12 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-12-19 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-12-19 169432]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-09-23 417640]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2015-09-23 507752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-12-19 390616]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-08-24 407424]
R2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-05-19 291336]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2013-12-29 2324216]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 be938c62;SystemExtend; C:\WINDOWS\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-28 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-20 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-09-30 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
be938c62
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
zde je nový RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-10-01 18:38:51
Microsoft Windows 8.1
System drive C: has 846 GB (91%) free of 933 GB
Total RAM: 8084 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:39:02, on 1. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\user\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.24.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DFA4D69-472D-49A8-AB4B-F81131EF47FE}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD797C18-B2C5-4DA5-BD4C-ED30D1BC26C2}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CS1\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12607 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
taskeng.exe {1CFA8A4E-4B95-4364-A616-2AAF2E34C8A9}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {B0267908-6330-4F25-9E3A-E48547368F78}
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {14dabc1e-a5ab-4591-92805f1adb67c2ba}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe" --
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\10012015_183532.log
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
szndesktop.exe default start
"C:\Users\user\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\user\Desktop\RSITx64.exe"
C:\WINDOWS\System32\ThumbnailExtractionHost.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPCeeScheduleForAdministrator.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAdministrator (null)
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)
C:\WINDOWS\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\WINDOWS\tasks\Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-08 7156296]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-09-30 3638768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-05 766208]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-01 18:35:32 ----D---- C:\_OTM
2015-09-30 21:23:01 ----D---- C:\AdwCleaner
2015-09-30 15:08:21 ----D---- C:\rsit
2015-09-30 15:08:21 ----D---- C:\Program Files\trend micro
2015-09-23 19:12:14 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-23 18:45:48 ----D---- C:\Program Files (x86)\Belarc
2015-09-23 17:27:51 ----D---- C:\Program Files (x86)\Registry Recycler
2015-09-23 15:44:23 ----D---- C:\Program Files (x86)\Origin
2015-09-23 15:29:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-19 09:19:31 ----A---- C:\WINDOWS\WiseHDInfo64.dll
2015-09-16 16:12:38 ----D---- C:\Program Files\Reason
2015-09-06 16:10:01 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2015-09-06 16:09:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-06 16:09:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-10-01 18:37:38 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-10-01 18:37:33 ----D---- C:\ProgramData\Origin
2015-10-01 18:37:15 ----D---- C:\WINDOWS\Temp
2015-10-01 18:36:44 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-10-01 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-10-01 18:35:32 ----D---- C:\WINDOWS\Tasks
2015-10-01 18:35:32 ----D---- C:\Program Files (x86)\Google
2015-10-01 18:35:21 ----D---- C:\WINDOWS\Prefetch
2015-10-01 18:32:44 ----D---- C:\WINDOWS\system32\sru
2015-10-01 18:32:43 ----D---- C:\ProgramData\LogMeIn
2015-09-30 22:00:37 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-30 21:38:10 ----D---- C:\Users\user\AppData\Roaming\Seznam.cz
2015-09-30 21:37:40 ----D---- C:\WINDOWS\system32\Tasks
2015-09-30 21:32:26 ----D---- C:\Windows
2015-09-30 21:29:10 ----HD---- C:\ProgramData
2015-09-30 21:29:09 ----RD---- C:\Program Files (x86)
2015-09-30 21:29:09 ----RD---- C:\Program Files
2015-09-30 15:25:34 ----D---- C:\WINDOWS\debug
2015-09-29 21:51:11 ----D---- C:\WINDOWS\Inf
2015-09-29 21:46:31 ----RD---- C:\WINDOWS\System32
2015-09-28 12:31:44 ----SHD---- C:\System Volume Information
2015-09-27 21:13:42 ----D---- C:\Users\user\AppData\Roaming\Skype
2015-09-26 22:49:12 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2015-09-24 15:15:32 ----SHD---- C:\WINDOWS\Installer
2015-09-23 22:00:51 ----HD---- C:\Program Files\WindowsApps
2015-09-23 22:00:51 ----D---- C:\WINDOWS\AppReadiness
2015-09-23 22:00:45 ----D---- C:\ProgramData\Microsoft Help
2015-09-23 21:59:18 ----D---- C:\WINDOWS\SysWOW64
2015-09-23 21:58:17 ----D---- C:\WINDOWS\system32\MRT
2015-09-23 19:08:14 ----D---- C:\WINDOWS\system32\catroot2
2015-09-23 18:20:44 ----SHD---- C:\$Recycle.Bin
2015-09-23 18:20:14 ----RD---- C:\Users
2015-09-23 18:09:01 ----SD---- C:\ProgramData\Microsoft
2015-09-23 17:52:33 ----D---- C:\WINDOWS\system32\wdi
2015-09-23 17:12:31 ----D---- C:\Program Files (x86)\LogMeIn
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIport.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIinit.dll
2015-09-23 15:44:36 ----D---- C:\ProgramData\Electronic Arts
2015-09-23 15:41:17 ----D---- C:\Program Files (x86)\Panda Security
2015-09-23 15:38:58 ----D---- C:\ProgramData\Panda Security
2015-09-23 15:38:42 ----RSD---- C:\WINDOWS\Fonts
2015-09-23 15:38:39 ----D---- C:\WINDOWS\system32\drivers
2015-09-23 15:38:09 ----D---- C:\Users\user\AppData\Roaming\Panda Security
2015-09-23 15:38:08 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-23 15:30:17 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-23 15:14:06 ----D---- C:\Program Files (x86)\Wise
2015-09-19 09:20:18 ----RHD---- C:\MSOCache
2015-09-03 14:54:59 ----D---- C:\ProgramData\Panda Security URL Filtering
2015-09-02 18:40:56 ----D---- C:\ProgramData\panda_url_filtering
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-22 644968]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2014-02-07 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem13.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-02-26 49200]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-08 3340616]
R3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-12-19 99288]
R3 netr28x;@oem8.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem1.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem3.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-12-19 830680]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-19 34544]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-19 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-12 12521472]
S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-12 617472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-02 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400]
S3 ssudmdm;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-12 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-09-23 417640]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2015-09-23 507752]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-08-24 407424]
R2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-05-19 291336]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2013-12-29 2324216]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-12-19 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-12-19 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-12-19 390616]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-28 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-20 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-09-30 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-10-01 18:38:51
Microsoft Windows 8.1
System drive C: has 846 GB (91%) free of 933 GB
Total RAM: 8084 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:39:02, on 1. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\user\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.24.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DFA4D69-472D-49A8-AB4B-F81131EF47FE}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD797C18-B2C5-4DA5-BD4C-ED30D1BC26C2}: NameServer = 82.163.143.169,82.163.142.171
O17 - HKLM\System\CS1\Services\Tcpip\..\{15FA8E7F-1728-42D2-8F23-5D1D412E52C5}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12607 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
taskeng.exe {1CFA8A4E-4B95-4364-A616-2AAF2E34C8A9}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {B0267908-6330-4F25-9E3A-E48547368F78}
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {14dabc1e-a5ab-4591-92805f1adb67c2ba}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe" --
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\10012015_183532.log
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
szndesktop.exe default start
"C:\Users\user\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\user\Desktop\RSITx64.exe"
C:\WINDOWS\System32\ThumbnailExtractionHost.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPCeeScheduleForAdministrator.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAdministrator (null)
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)
C:\WINDOWS\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\WINDOWS\tasks\Wise Turbo Checker.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6fyyp2ec.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-08 7156296]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-09-30 3638768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-05 766208]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-01 18:35:32 ----D---- C:\_OTM
2015-09-30 21:23:01 ----D---- C:\AdwCleaner
2015-09-30 15:08:21 ----D---- C:\rsit
2015-09-30 15:08:21 ----D---- C:\Program Files\trend micro
2015-09-23 19:12:14 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-23 18:45:48 ----D---- C:\Program Files (x86)\Belarc
2015-09-23 17:27:51 ----D---- C:\Program Files (x86)\Registry Recycler
2015-09-23 15:44:23 ----D---- C:\Program Files (x86)\Origin
2015-09-23 15:29:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-19 09:19:31 ----A---- C:\WINDOWS\WiseHDInfo64.dll
2015-09-16 16:12:38 ----D---- C:\Program Files\Reason
2015-09-06 16:10:01 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2015-09-06 16:09:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-06 16:09:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-10-01 18:37:38 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-10-01 18:37:33 ----D---- C:\ProgramData\Origin
2015-10-01 18:37:15 ----D---- C:\WINDOWS\Temp
2015-10-01 18:36:44 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-10-01 18:36:42 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-10-01 18:35:32 ----D---- C:\WINDOWS\Tasks
2015-10-01 18:35:32 ----D---- C:\Program Files (x86)\Google
2015-10-01 18:35:21 ----D---- C:\WINDOWS\Prefetch
2015-10-01 18:32:44 ----D---- C:\WINDOWS\system32\sru
2015-10-01 18:32:43 ----D---- C:\ProgramData\LogMeIn
2015-09-30 22:00:37 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-30 21:38:10 ----D---- C:\Users\user\AppData\Roaming\Seznam.cz
2015-09-30 21:37:40 ----D---- C:\WINDOWS\system32\Tasks
2015-09-30 21:32:26 ----D---- C:\Windows
2015-09-30 21:29:10 ----HD---- C:\ProgramData
2015-09-30 21:29:09 ----RD---- C:\Program Files (x86)
2015-09-30 21:29:09 ----RD---- C:\Program Files
2015-09-30 15:25:34 ----D---- C:\WINDOWS\debug
2015-09-29 21:51:11 ----D---- C:\WINDOWS\Inf
2015-09-29 21:46:31 ----RD---- C:\WINDOWS\System32
2015-09-28 12:31:44 ----SHD---- C:\System Volume Information
2015-09-27 21:13:42 ----D---- C:\Users\user\AppData\Roaming\Skype
2015-09-26 22:49:12 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2015-09-24 15:15:32 ----SHD---- C:\WINDOWS\Installer
2015-09-23 22:00:51 ----HD---- C:\Program Files\WindowsApps
2015-09-23 22:00:51 ----D---- C:\WINDOWS\AppReadiness
2015-09-23 22:00:45 ----D---- C:\ProgramData\Microsoft Help
2015-09-23 21:59:18 ----D---- C:\WINDOWS\SysWOW64
2015-09-23 21:58:17 ----D---- C:\WINDOWS\system32\MRT
2015-09-23 19:08:14 ----D---- C:\WINDOWS\system32\catroot2
2015-09-23 18:20:44 ----SHD---- C:\$Recycle.Bin
2015-09-23 18:20:14 ----RD---- C:\Users
2015-09-23 18:09:01 ----SD---- C:\ProgramData\Microsoft
2015-09-23 17:52:33 ----D---- C:\WINDOWS\system32\wdi
2015-09-23 17:12:31 ----D---- C:\Program Files (x86)\LogMeIn
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIport.dll
2015-09-23 17:11:55 ----A---- C:\WINDOWS\system32\LMIinit.dll
2015-09-23 15:44:36 ----D---- C:\ProgramData\Electronic Arts
2015-09-23 15:41:17 ----D---- C:\Program Files (x86)\Panda Security
2015-09-23 15:38:58 ----D---- C:\ProgramData\Panda Security
2015-09-23 15:38:42 ----RSD---- C:\WINDOWS\Fonts
2015-09-23 15:38:39 ----D---- C:\WINDOWS\system32\drivers
2015-09-23 15:38:09 ----D---- C:\Users\user\AppData\Roaming\Panda Security
2015-09-23 15:38:08 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-23 15:30:17 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-23 15:14:06 ----D---- C:\Program Files (x86)\Wise
2015-09-19 09:20:18 ----RHD---- C:\MSOCache
2015-09-03 14:54:59 ----D---- C:\ProgramData\Panda Security URL Filtering
2015-09-02 18:40:56 ----D---- C:\ProgramData\panda_url_filtering
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-22 644968]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2014-02-07 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem13.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-02-26 49200]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-08 3340616]
R3 IntcDAud;@oem18.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-12-19 99288]
R3 netr28x;@oem8.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem1.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem3.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-12-19 830680]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-19 34544]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-19 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-12 12521472]
S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-12 617472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-02 448072]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400]
S3 ssudmdm;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-12 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-22 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-09-23 417640]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2015-09-23 507752]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-08-24 407424]
R2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-05-19 291336]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2013-12-29 2324216]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-12-19 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-12-19 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-12-19 390616]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-28 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-20 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-09-30 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
Origin funguje lépe a zatím nevyskakují reklamy při prohlížení internetu, ale WIndows defender stále nejde spustit. Chybová hláška je tato: An error has occured during program initialization. If this problem continues, please contact your administrator. Error Code:0x80073b01
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Zde je videonávod k opravě: https://www.youtube.com/watch?v=RMkzNwVdmMM . Bohužel v Aj.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
To jsem se už nedávno pokoušel udělat, ale jakmile najedu do příkazového řádku a napíšu sfc/scannow, tak mi to vyhodí chybu: Windows Resource Protection could not start the repair service.. A s tím už jsem si neporadil, jelikož se natolik nevyznám v procesech, abych ho zapnul, pokud to vůbec jde 
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Bude tam něco poškozeno: Tady o tom něco je: https://translate.google.cz/translate?h ... rev=search .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
To asi bude všechno k ničemu Když jsem chtěl spustit onu službu TrustedInstaller, tak se mi napsalo, že v počítači chybí tento soubor a nelze ji spustit. Je vůbec ještě nějaká šance, aby se systém dal aspoň do trochu původního stavu? Nebo bude třeba ho celý přeinstalovat?
Když jsem chtěl spustit onu službu TrustedInstaller, tak se mi napsalo, že v počítači chybí tento soubor a nelze ji spustit. Je vůbec ještě nějaká šance, aby se systém dal aspoň do trochu původního stavu? Nebo bude třeba ho celý přeinstalovat?-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows Defender aj.
Ještě lze zkusit obnovu systému k datu, kdy korektně fungoval. Wundwf je jeden problém a to, co jsme opravili druhý. Systém, bohužel ten souběh problémů nezvládl.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
marekjancar
- Návštěvník
- Příspěvky: 77
- Registrován: 11 srp 2013 09:56
Re: Zablokovaný Windows Defender aj.
Díval jsem se, body obnovy byly zřejmě smazány tím virem nebo co to bylo. Poslední použitelná je z konce září a ten notebook korektně fungoval naposledy koncem července
Přispějete na provoz fóra?