Chybná bitová kopie - SOS !!!
Napsal: 13 led 2015 20:25
Ahoj! prosím o pomoc.. objevilo se mi okno:
dllhost.exe chybná bitová kopie
c:/windows/system32/FlashPlayerCPLApp.cpl
Ještě doplňující info - nejde mi nic... otvírat soubory, internet, fotky.. pokaždý tohle okno (Office ale třeba jdou..). Jedná se o notebook, už delší dobu hrozně pomalej...
A jsem uplnej pc negramot...
log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2015-01-13 20:09:07
Microsoft Windows 7 Home Premium
System drive C: has 73 GB (31%) free of 238 GB
Total RAM: 3958 MB (57% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4276310980-1373315075-2881649484-1000Core.job - C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4276310980-1373315075-2881649484-1000UA.job - C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\OptimizerProUpdaterLogonTask.job - C:\ProgramData\OptimizerPro\ix_updater.exe /schedule /profilepath "C:\ProgramData\OptimizerPro\profile.ini"
C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job - C:\ProgramData\OptimizerPro\ix_updater.exe /profilepath "C:\ProgramData\OptimizerPro\profile.ini"
C:\Windows\tasks\RegistryBooster.job - C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\tasks\Security Center Update - 3425793768.job - C:\Users\admin\AppData\Roaming\Kubuadm\gefopo.exe
C:\Windows\tasks\Security Center Update - 3741571091.job - C:\Users\admin\AppData\Roaming\Kyyhuz\tityidy.exe
C:\Windows\tasks\Security Center Update - 3998176165.job - C:\Users\admin\AppData\Roaming\Ixyqqa\mupuq.exe
C:\Windows\tasks\Security Center Update - 514026233.job - C:\Users\admin\AppData\Roaming\Ykqopise\igiqep.exe
C:\Windows\tasks\Security Center Update - 591574539.job - C:\Users\admin\AppData\Roaming\Ilunir\qyyvpae.exe
C:\Windows\tasks\Security Center Update - 607701921.job - C:\Users\admin\AppData\Roaming\Momawei\enqugu.exe
C:\Windows\tasks\WxDFastUpdaterLogonTask.job - C:\ProgramData\WxDFastUpdater\ix_updater.exe /schedule /profilepath "C:\ProgramData\WxDFastUpdater\profile.ini"
C:\Windows\tasks\WxDFastUpdaterRefreshTask.job - C:\ProgramData\WxDFastUpdater\ix_updater.exe /profilepath "C:\ProgramData\WxDFastUpdater\profile.ini"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-05 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-04-12 45568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-19 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2013-04-01 232448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-04-12 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-19 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]
SmileysWeLoveToolbar - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoft Toolbar - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
{CF0F43AB-9C23-4D7B-8040-201B82844854} - SmileysWeLove - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-08 98304]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-11-21 2454840]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2010-12-05 274608]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"ROC_ROC_JULY_P1"=C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192]
"CrashReportNotifyer"=C:\Users\admin\AppData\Local\Temp\temp1268733068.exe [2015-01-13 1403392]
"TimeChecker"=C:\Program Files (x86)\Microsoft Office\Office12\launch.exe [2006-10-26 1403392]
"VideoVerifyer"=C:\Program Files (x86)\Java\jre6\bin\jucheck.exe [2010-03-11 1403392]
"FolderVerifyer"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\wisptis.exe [2015-01-04 1403392]
"NetworkChecker"=C:\Program Files (x86)\Java\jre7\bin\convert.exe [2015-01-04 1403392]
"MediaNotifyer"=C:\Windows\unpack.exe [2011-04-27 1403392]
"VideoSaver"=C:\Program Files (x86)\Java\jre6\bin\lucoms.exe [2010-03-11 1403392]
"FolderUpdater"=C:\Program Files (x86)\Java\jre7\bin\hkcr.exe [2015-01-04 1403392]
"MediaVerifyer"=C:\Windows\iexplore.exe [2011-04-27 1403392]
"ConnectionChecker"=C:\Program Files (x86)\Java\jre7\bin\jucheck.exe [2015-01-04 1403392]
"FolderChecker"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\hkcr.exe [2015-01-04 1403392]
"ConnectionSaver"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\winlogon.exe [2015-01-04 1403392]
"NetworkNotifyer"=C:\Windows\hkcr.exe [2011-04-27 1403392]
"NetworkInformer"=C:\Windows\wisptis.exe [2011-04-27 1403392]
"x86kernel2"=c:\42686079\svchost.exe [2015-01-06 78505]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"14207"=C:\PROGRA~3\LOCALS~1\Temp\msiwkmui.com [2009-07-14 151552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Users\admin\AppData\Roaming\QipGuard\QipGuard.exe [2010-04-12 181760]
"RegistryBooster"=C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe delay 20000 []
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"Facebook Update"=C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-20 138096]
"Pokki"=C:\Users\admin\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2015-01-01 10232648]
"UpdateChecker"=C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe [2013-08-25 7168]
"Ipgz"=rundll32 C:\Users\admin\AppData\Roaming\da-DK4.dll,Vogd []
"ifvnmor"=rundll32 C:\Users\admin\AppData\Local\ifvnmor.dll,ifvnmor []
"Svc2dll"=C:\Users\admin\AppData\Local\svcxdcl32.exe [2014-12-27 137728]
""=C:\Users\admin\AppData\Local\gpSYIHaammVRyNy.exe []
"bimouri"=rundll32 C:\Users\admin\AppData\Local\bimouri.dll,bimouri []
"JuseZvucu"=regsvr32.exe C:\ProgramData\JuseZvucu\BaqoFcus.xqd []
"CrashReportNotifyer"=C:\Users\admin\AppData\Local\Temp\temp1268733068.exe [2015-01-13 1403392]
"x86kernel2"=c:\42686079\svchost.exe [2015-01-06 78505]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\admin\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cmjahae]
C:\Windows\system32\config\systemprofile\AppData\Local\cmjahae.dll [2015-01-12 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cnjahae]
C:\Windows\system32\config\systemprofile\AppData\Local\cnjahae.dll [2015-01-11 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\laominx]
C:\Windows\system32\config\systemprofile\AppData\Local\laominx.dll [2015-01-04 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\laymegx]
C:\Windows\system32\config\systemprofile\AppData\Local\laymegx.dll [2015-01-06 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\megxlay]
C:\Windows\system32\config\systemprofile\AppData\Local\megxlay.dll [2015-01-07 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xmeglay]
C:\Windows\system32\config\systemprofile\AppData\Local\xmeglay.dll [2015-01-08 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.divxa32"=DivXa32.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 month======
2015-01-13 20:09:08 ----D---- C:\Program Files (x86)\trend micro
2015-01-13 20:09:07 ----D---- C:\rsit
2015-01-13 17:43:08 ----D---- C:\ProgramData\Local Settings
2015-01-11 13:03:49 ----A---- C:\Windows\SysWOW64\ixykwuot.exe
2015-01-11 13:03:47 ----D---- C:\Users\admin\AppData\Roaming\Kubuadm
2015-01-08 14:57:41 ----A---- C:\Windows\SysWOW64\weirkay.exe
2015-01-08 14:57:40 ----D---- C:\Users\admin\AppData\Roaming\Ixyqqa
2015-01-08 09:09:00 ----D---- C:\Users\admin\AppData\Roaming\Ykqopise
2015-01-08 09:09:00 ----A---- C:\Windows\SysWOW64\fautkotybi.exe
2015-01-07 08:56:24 ----D---- C:\Users\admin\AppData\Roaming\Momawei
2015-01-07 08:56:24 ----A---- C:\Windows\SysWOW64\xireab.exe
2015-01-07 08:52:09 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-01-07 08:49:19 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 17:33:29 ----D---- C:\Users\admin\AppData\Roaming\42686079
2015-01-06 08:55:47 ----D---- C:\42686079
2015-01-06 08:21:07 ----D---- C:\Windows\SysWOW64\????sers
2015-01-03 21:26:27 ----A---- C:\Users\admin\AppData\Roaming\ScanDisc.exe
2014-12-24 14:40:27 ----A---- C:\Users\admin\AppData\Roaming\svcxdcl32.exe
2014-12-23 14:44:43 ----D---- C:\Users\admin\AppData\Roaming\CrystalIdea Software
2014-12-22 23:01:51 ----A---- C:\Windows\fjEeGHhRviMexXc.exe
2014-12-19 19:02:59 ----D---- C:\ProgramData\AskPartnerNetwork
2014-12-19 19:02:59 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-12-19 19:02:49 ----D---- C:\ProgramData\APN
2014-12-19 19:00:45 ----D---- C:\Program Files (x86)\Common Files\Java
2014-12-19 18:59:57 ----D---- C:\ProgramData\Oracle
2014-12-18 20:35:59 ----D---- C:\Users\admin\AppData\Roaming\Ilunir
2014-12-18 20:34:36 ----D---- C:\ProgramData\JuseZvucu
2014-12-16 20:12:57 ----SHD---- C:\found.000
2014-12-15 20:49:20 ----D---- C:\Users\admin\AppData\Roaming\Kyyhuz
2014-12-15 20:47:56 ----D---- C:\ProgramData\vrxkwql
======List of files/folders modified in the last 1 month======
2015-01-13 20:09:10 ----D---- C:\Windows\Temp
2015-01-13 20:09:08 ----RD---- C:\Program Files (x86)
2015-01-13 20:09:01 ----D---- C:\Windows\SysWOW64
2015-01-13 20:06:02 ----D---- C:\Windows
2015-01-13 20:04:55 ----D---- C:\Windows\inf
2015-01-13 20:04:33 ----D---- C:\Windows\Tasks
2015-01-13 19:59:16 ----D---- C:\Windows\SoftwareDistribution
2015-01-13 19:59:16 ----D---- C:\Windows\Minidump
2015-01-13 19:18:33 ----D---- C:\Users\admin\AppData\Roaming\BitTorrent
2015-01-13 19:18:32 ----D---- C:\Users\admin\AppData\Roaming\Babylon
2015-01-13 19:18:31 ----RD---- C:\Users
2015-01-13 19:18:23 ----D---- C:\Users\admin\AppData\Roaming\Mozilla
2015-01-13 19:18:04 ----D---- C:\Users\admin\AppData\Roaming\MyHeritage
2015-01-13 19:17:57 ----D---- C:\Users\admin\AppData\Roaming\Uniblue
2015-01-13 19:17:56 ----D---- C:\Users\admin\AppData\Roaming\YoudaGames
2015-01-13 19:17:48 ----D---- C:\Users\admin\AppData\Roaming\Real
2015-01-13 19:17:45 ----D---- C:\Users\admin\AppData\Roaming\Adobe
2015-01-13 19:17:41 ----D---- C:\Users\admin\AppData\Roaming\Samsung
2015-01-13 19:17:40 ----D---- C:\Users\admin\AppData\Roaming\Skype
2015-01-13 19:17:36 ----D---- C:\Users\admin\AppData\Roaming\Toshiba
2015-01-13 19:17:17 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2015-01-13 19:17:16 ----D---- C:\Users\admin\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
2015-01-13 19:16:50 ----D---- C:\Windows\Prefetch
2015-01-13 19:13:17 ----D---- C:\Program Files (x86)\ChatZum Toolbar
2015-01-13 19:12:21 ----D---- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2015-01-13 19:12:02 ----D---- C:\PC TRANSLATOR DEMO
2015-01-13 19:11:28 ----D---- C:\Program Files (x86)\eBay
2015-01-13 17:46:45 ----D---- C:\Works
2015-01-13 17:46:33 ----HD---- C:\ProgramData
2015-01-13 17:45:58 ----D---- C:\ProgramData\wxDfast
2015-01-13 17:45:57 ----SD---- C:\ProgramData\Microsoft
2015-01-13 17:45:57 ----D---- C:\ProgramData\MyHeritage
2015-01-13 17:45:56 ----D---- C:\ProgramData\TOSHIBA
2015-01-13 17:45:56 ----D---- C:\ProgramData\Skype
2015-01-13 17:45:56 ----D---- C:\ProgramData\SiteAdvisor
2015-01-13 17:45:55 ----D---- C:\Toshiba
2015-01-13 17:45:55 ----D---- C:\ProgramData\DivX
2015-01-13 17:45:41 ----RD---- C:\Program Files (x86)\Skype
2015-01-13 17:45:41 ----D---- C:\Program Files (x86)\TNod User & Password Finder
2015-01-13 17:45:41 ----D---- C:\Program Files (x86)\Miranda IM
2015-01-13 17:45:35 ----D---- C:\Program Files (x86)\Microsoft Works
2015-01-13 17:45:20 ----D---- C:\Program Files (x86)\MediaMonkey
2015-01-13 17:45:14 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2015-01-13 17:45:04 ----D---- C:\Program Files (x86)\ATI Technologies
2015-01-13 17:44:43 ----D---- C:\Program Files (x86)\Toshiba TEMPRO
2015-01-13 17:44:40 ----SHD---- C:\$RECYCLE.BIN
2015-01-13 17:44:37 ----D---- C:\ProgramData\Partner
2015-01-13 17:37:48 ----A---- C:\Windows\SysWOW64\log.txt
2015-01-12 15:03:19 ----SHD---- C:\System Volume Information
2015-01-12 13:57:31 ----A---- C:\Users\admin\AppData\Roaming\HELP_DECRYPT.TXT.wdfljvj
2015-01-07 18:39:23 ----SHD---- C:\Config.Msi
2015-01-07 08:53:37 ----SHD---- C:\Windows\Installer
2015-01-07 08:52:10 ----RD---- C:\Program Files
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Realtek
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Real
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\QIP 2010
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\QIP
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Pidgin
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Photo Story 3 for Windows
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Nero
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\MSBuild
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Office
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Games
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\MarkAny
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Java
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Internet Explorer
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Intel
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Google
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Electronic Arts
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\EA GAMES
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\DivX
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Conduit
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\xing shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Toshiba Shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\System
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\SpeechEngines
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Skype
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Services
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\postureAgent
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\DivX Shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Adobe
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Adobe
2014-12-19 19:00:12 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys []
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys []
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys []
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []
S1 StarOpen;StarOpen; C:\Windows\SysWOW64\drivers\StarOpen.sys [2006-07-24 5632]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\Windows\system32\drivers\btserial.sys [2004-11-29 23271]
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\Windows\system32\drivers\btslbcsp.sys [2004-11-29 222876]
S3 a631uscf;a631uscf; C:\Windows\SysWOW64\drivers\a631uscf.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-22 225280]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-03-31 16392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-11-24 166296]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-10-15 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 251760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 824688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SecurityCenterServer3425793768;Security Center Server - 3425793768; C:\Windows\SysWOW64\ixykwuot.exe [2014-02-24 507576]
S2 SecurityCenterServer3998176165;Security Center Server - 3998176165; C:\Windows\SysWOW64\weirkay.exe [2014-01-19 509100]
S2 SecurityCenterServer514026233;Security Center Server - 514026233; C:\Windows\SysWOW64\fautkotybi.exe [2011-01-16 508951]
S2 SecurityCenterServer607701921;Security Center Server - 607701921; C:\Windows\SysWOW64\xireab.exe [2014-07-31 505504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
dllhost.exe chybná bitová kopie
c:/windows/system32/FlashPlayerCPLApp.cpl
Ještě doplňující info - nejde mi nic... otvírat soubory, internet, fotky.. pokaždý tohle okno (Office ale třeba jdou..). Jedná se o notebook, už delší dobu hrozně pomalej...
A jsem uplnej pc negramot...
log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2015-01-13 20:09:07
Microsoft Windows 7 Home Premium
System drive C: has 73 GB (31%) free of 238 GB
Total RAM: 3958 MB (57% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4276310980-1373315075-2881649484-1000Core.job - C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4276310980-1373315075-2881649484-1000UA.job - C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\OptimizerProUpdaterLogonTask.job - C:\ProgramData\OptimizerPro\ix_updater.exe /schedule /profilepath "C:\ProgramData\OptimizerPro\profile.ini"
C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job - C:\ProgramData\OptimizerPro\ix_updater.exe /profilepath "C:\ProgramData\OptimizerPro\profile.ini"
C:\Windows\tasks\RegistryBooster.job - C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\tasks\Security Center Update - 3425793768.job - C:\Users\admin\AppData\Roaming\Kubuadm\gefopo.exe
C:\Windows\tasks\Security Center Update - 3741571091.job - C:\Users\admin\AppData\Roaming\Kyyhuz\tityidy.exe
C:\Windows\tasks\Security Center Update - 3998176165.job - C:\Users\admin\AppData\Roaming\Ixyqqa\mupuq.exe
C:\Windows\tasks\Security Center Update - 514026233.job - C:\Users\admin\AppData\Roaming\Ykqopise\igiqep.exe
C:\Windows\tasks\Security Center Update - 591574539.job - C:\Users\admin\AppData\Roaming\Ilunir\qyyvpae.exe
C:\Windows\tasks\Security Center Update - 607701921.job - C:\Users\admin\AppData\Roaming\Momawei\enqugu.exe
C:\Windows\tasks\WxDFastUpdaterLogonTask.job - C:\ProgramData\WxDFastUpdater\ix_updater.exe /schedule /profilepath "C:\ProgramData\WxDFastUpdater\profile.ini"
C:\Windows\tasks\WxDFastUpdaterRefreshTask.job - C:\ProgramData\WxDFastUpdater\ix_updater.exe /profilepath "C:\ProgramData\WxDFastUpdater\profile.ini"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-05 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-04-12 45568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-19 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2013-04-01 232448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-04-12 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-19 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]
SmileysWeLoveToolbar - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoft Toolbar - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
{CF0F43AB-9C23-4D7B-8040-201B82844854} - SmileysWeLove - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-08 98304]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-11-21 2454840]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2010-12-05 274608]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"ROC_ROC_JULY_P1"=C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192]
"CrashReportNotifyer"=C:\Users\admin\AppData\Local\Temp\temp1268733068.exe [2015-01-13 1403392]
"TimeChecker"=C:\Program Files (x86)\Microsoft Office\Office12\launch.exe [2006-10-26 1403392]
"VideoVerifyer"=C:\Program Files (x86)\Java\jre6\bin\jucheck.exe [2010-03-11 1403392]
"FolderVerifyer"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\wisptis.exe [2015-01-04 1403392]
"NetworkChecker"=C:\Program Files (x86)\Java\jre7\bin\convert.exe [2015-01-04 1403392]
"MediaNotifyer"=C:\Windows\unpack.exe [2011-04-27 1403392]
"VideoSaver"=C:\Program Files (x86)\Java\jre6\bin\lucoms.exe [2010-03-11 1403392]
"FolderUpdater"=C:\Program Files (x86)\Java\jre7\bin\hkcr.exe [2015-01-04 1403392]
"MediaVerifyer"=C:\Windows\iexplore.exe [2011-04-27 1403392]
"ConnectionChecker"=C:\Program Files (x86)\Java\jre7\bin\jucheck.exe [2015-01-04 1403392]
"FolderChecker"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\hkcr.exe [2015-01-04 1403392]
"ConnectionSaver"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\winlogon.exe [2015-01-04 1403392]
"NetworkNotifyer"=C:\Windows\hkcr.exe [2011-04-27 1403392]
"NetworkInformer"=C:\Windows\wisptis.exe [2011-04-27 1403392]
"x86kernel2"=c:\42686079\svchost.exe [2015-01-06 78505]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"14207"=C:\PROGRA~3\LOCALS~1\Temp\msiwkmui.com [2009-07-14 151552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Users\admin\AppData\Roaming\QipGuard\QipGuard.exe [2010-04-12 181760]
"RegistryBooster"=C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe delay 20000 []
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"Facebook Update"=C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-20 138096]
"Pokki"=C:\Users\admin\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2015-01-01 10232648]
"UpdateChecker"=C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe [2013-08-25 7168]
"Ipgz"=rundll32 C:\Users\admin\AppData\Roaming\da-DK4.dll,Vogd []
"ifvnmor"=rundll32 C:\Users\admin\AppData\Local\ifvnmor.dll,ifvnmor []
"Svc2dll"=C:\Users\admin\AppData\Local\svcxdcl32.exe [2014-12-27 137728]
""=C:\Users\admin\AppData\Local\gpSYIHaammVRyNy.exe []
"bimouri"=rundll32 C:\Users\admin\AppData\Local\bimouri.dll,bimouri []
"JuseZvucu"=regsvr32.exe C:\ProgramData\JuseZvucu\BaqoFcus.xqd []
"CrashReportNotifyer"=C:\Users\admin\AppData\Local\Temp\temp1268733068.exe [2015-01-13 1403392]
"x86kernel2"=c:\42686079\svchost.exe [2015-01-06 78505]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\admin\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cmjahae]
C:\Windows\system32\config\systemprofile\AppData\Local\cmjahae.dll [2015-01-12 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cnjahae]
C:\Windows\system32\config\systemprofile\AppData\Local\cnjahae.dll [2015-01-11 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\laominx]
C:\Windows\system32\config\systemprofile\AppData\Local\laominx.dll [2015-01-04 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\laymegx]
C:\Windows\system32\config\systemprofile\AppData\Local\laymegx.dll [2015-01-06 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\megxlay]
C:\Windows\system32\config\systemprofile\AppData\Local\megxlay.dll [2015-01-07 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xmeglay]
C:\Windows\system32\config\systemprofile\AppData\Local\xmeglay.dll [2015-01-08 51200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.divxa32"=DivXa32.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 month======
2015-01-13 20:09:08 ----D---- C:\Program Files (x86)\trend micro
2015-01-13 20:09:07 ----D---- C:\rsit
2015-01-13 17:43:08 ----D---- C:\ProgramData\Local Settings
2015-01-11 13:03:49 ----A---- C:\Windows\SysWOW64\ixykwuot.exe
2015-01-11 13:03:47 ----D---- C:\Users\admin\AppData\Roaming\Kubuadm
2015-01-08 14:57:41 ----A---- C:\Windows\SysWOW64\weirkay.exe
2015-01-08 14:57:40 ----D---- C:\Users\admin\AppData\Roaming\Ixyqqa
2015-01-08 09:09:00 ----D---- C:\Users\admin\AppData\Roaming\Ykqopise
2015-01-08 09:09:00 ----A---- C:\Windows\SysWOW64\fautkotybi.exe
2015-01-07 08:56:24 ----D---- C:\Users\admin\AppData\Roaming\Momawei
2015-01-07 08:56:24 ----A---- C:\Windows\SysWOW64\xireab.exe
2015-01-07 08:52:09 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-01-07 08:49:19 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 17:33:29 ----D---- C:\Users\admin\AppData\Roaming\42686079
2015-01-06 08:55:47 ----D---- C:\42686079
2015-01-06 08:21:07 ----D---- C:\Windows\SysWOW64\????sers
2015-01-03 21:26:27 ----A---- C:\Users\admin\AppData\Roaming\ScanDisc.exe
2014-12-24 14:40:27 ----A---- C:\Users\admin\AppData\Roaming\svcxdcl32.exe
2014-12-23 14:44:43 ----D---- C:\Users\admin\AppData\Roaming\CrystalIdea Software
2014-12-22 23:01:51 ----A---- C:\Windows\fjEeGHhRviMexXc.exe
2014-12-19 19:02:59 ----D---- C:\ProgramData\AskPartnerNetwork
2014-12-19 19:02:59 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-12-19 19:02:49 ----D---- C:\ProgramData\APN
2014-12-19 19:00:45 ----D---- C:\Program Files (x86)\Common Files\Java
2014-12-19 18:59:57 ----D---- C:\ProgramData\Oracle
2014-12-18 20:35:59 ----D---- C:\Users\admin\AppData\Roaming\Ilunir
2014-12-18 20:34:36 ----D---- C:\ProgramData\JuseZvucu
2014-12-16 20:12:57 ----SHD---- C:\found.000
2014-12-15 20:49:20 ----D---- C:\Users\admin\AppData\Roaming\Kyyhuz
2014-12-15 20:47:56 ----D---- C:\ProgramData\vrxkwql
======List of files/folders modified in the last 1 month======
2015-01-13 20:09:10 ----D---- C:\Windows\Temp
2015-01-13 20:09:08 ----RD---- C:\Program Files (x86)
2015-01-13 20:09:01 ----D---- C:\Windows\SysWOW64
2015-01-13 20:06:02 ----D---- C:\Windows
2015-01-13 20:04:55 ----D---- C:\Windows\inf
2015-01-13 20:04:33 ----D---- C:\Windows\Tasks
2015-01-13 19:59:16 ----D---- C:\Windows\SoftwareDistribution
2015-01-13 19:59:16 ----D---- C:\Windows\Minidump
2015-01-13 19:18:33 ----D---- C:\Users\admin\AppData\Roaming\BitTorrent
2015-01-13 19:18:32 ----D---- C:\Users\admin\AppData\Roaming\Babylon
2015-01-13 19:18:31 ----RD---- C:\Users
2015-01-13 19:18:23 ----D---- C:\Users\admin\AppData\Roaming\Mozilla
2015-01-13 19:18:04 ----D---- C:\Users\admin\AppData\Roaming\MyHeritage
2015-01-13 19:17:57 ----D---- C:\Users\admin\AppData\Roaming\Uniblue
2015-01-13 19:17:56 ----D---- C:\Users\admin\AppData\Roaming\YoudaGames
2015-01-13 19:17:48 ----D---- C:\Users\admin\AppData\Roaming\Real
2015-01-13 19:17:45 ----D---- C:\Users\admin\AppData\Roaming\Adobe
2015-01-13 19:17:41 ----D---- C:\Users\admin\AppData\Roaming\Samsung
2015-01-13 19:17:40 ----D---- C:\Users\admin\AppData\Roaming\Skype
2015-01-13 19:17:36 ----D---- C:\Users\admin\AppData\Roaming\Toshiba
2015-01-13 19:17:17 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2015-01-13 19:17:16 ----D---- C:\Users\admin\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
2015-01-13 19:16:50 ----D---- C:\Windows\Prefetch
2015-01-13 19:13:17 ----D---- C:\Program Files (x86)\ChatZum Toolbar
2015-01-13 19:12:21 ----D---- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2015-01-13 19:12:02 ----D---- C:\PC TRANSLATOR DEMO
2015-01-13 19:11:28 ----D---- C:\Program Files (x86)\eBay
2015-01-13 17:46:45 ----D---- C:\Works
2015-01-13 17:46:33 ----HD---- C:\ProgramData
2015-01-13 17:45:58 ----D---- C:\ProgramData\wxDfast
2015-01-13 17:45:57 ----SD---- C:\ProgramData\Microsoft
2015-01-13 17:45:57 ----D---- C:\ProgramData\MyHeritage
2015-01-13 17:45:56 ----D---- C:\ProgramData\TOSHIBA
2015-01-13 17:45:56 ----D---- C:\ProgramData\Skype
2015-01-13 17:45:56 ----D---- C:\ProgramData\SiteAdvisor
2015-01-13 17:45:55 ----D---- C:\Toshiba
2015-01-13 17:45:55 ----D---- C:\ProgramData\DivX
2015-01-13 17:45:41 ----RD---- C:\Program Files (x86)\Skype
2015-01-13 17:45:41 ----D---- C:\Program Files (x86)\TNod User & Password Finder
2015-01-13 17:45:41 ----D---- C:\Program Files (x86)\Miranda IM
2015-01-13 17:45:35 ----D---- C:\Program Files (x86)\Microsoft Works
2015-01-13 17:45:20 ----D---- C:\Program Files (x86)\MediaMonkey
2015-01-13 17:45:14 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2015-01-13 17:45:04 ----D---- C:\Program Files (x86)\ATI Technologies
2015-01-13 17:44:43 ----D---- C:\Program Files (x86)\Toshiba TEMPRO
2015-01-13 17:44:40 ----SHD---- C:\$RECYCLE.BIN
2015-01-13 17:44:37 ----D---- C:\ProgramData\Partner
2015-01-13 17:37:48 ----A---- C:\Windows\SysWOW64\log.txt
2015-01-12 15:03:19 ----SHD---- C:\System Volume Information
2015-01-12 13:57:31 ----A---- C:\Users\admin\AppData\Roaming\HELP_DECRYPT.TXT.wdfljvj
2015-01-07 18:39:23 ----SHD---- C:\Config.Msi
2015-01-07 08:53:37 ----SHD---- C:\Windows\Installer
2015-01-07 08:52:10 ----RD---- C:\Program Files
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Realtek
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Real
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\QIP 2010
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\QIP
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Pidgin
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Photo Story 3 for Windows
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Nero
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\MSBuild
2015-01-04 15:20:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Office
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft Games
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Microsoft
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\MarkAny
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Java
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Internet Explorer
2015-01-04 15:20:02 ----D---- C:\Program Files (x86)\Intel
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Google
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Electronic Arts
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\EA GAMES
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\DivX
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Conduit
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\xing shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Toshiba Shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\System
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\SpeechEngines
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Skype
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Services
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\postureAgent
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\DivX Shared
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files\Adobe
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Common Files
2015-01-04 15:20:01 ----D---- C:\Program Files (x86)\Adobe
2014-12-19 19:00:12 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys []
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys []
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys []
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []
S1 StarOpen;StarOpen; C:\Windows\SysWOW64\drivers\StarOpen.sys [2006-07-24 5632]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\Windows\system32\drivers\btserial.sys [2004-11-29 23271]
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\Windows\system32\drivers\btslbcsp.sys [2004-11-29 222876]
S3 a631uscf;a631uscf; C:\Windows\SysWOW64\drivers\a631uscf.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-22 225280]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-03-31 16392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-11-24 166296]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-10-15 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 251760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 824688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S2 SecurityCenterServer3425793768;Security Center Server - 3425793768; C:\Windows\SysWOW64\ixykwuot.exe [2014-02-24 507576]
S2 SecurityCenterServer3998176165;Security Center Server - 3998176165; C:\Windows\SysWOW64\weirkay.exe [2014-01-19 509100]
S2 SecurityCenterServer514026233;Security Center Server - 514026233; C:\Windows\SysWOW64\fautkotybi.exe [2011-01-16 508951]
S2 SecurityCenterServer607701921;Security Center Server - 607701921; C:\Windows\SysWOW64\xireab.exe [2014-07-31 505504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------