Ahojte, nejak sa mi spomalil notebook a je to dosť citeľné aj pri bežných hrách je to vidieť, že mi to seká, preto mám podozrenie z veľkého bordelu. :/ Prikladám teda log z RSIT-u
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomík at 2013-03-30 14:00:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (59%) free of 278 GB
Total RAM: 4010 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:00:49, on 30. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\gql\gql.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1197 ... A97157FB4D
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [GoogleQuery] C:\gql\gql.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.ukf.sk
O17 - HKLM\System\CCS\Services\Tcpip\..\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\SysWOW64\AsusService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RelevantKnowledge - Intel(R) Corporation - (no file)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) - Unknown owner - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15242 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
taskeng.exe {DC9496B1-DA2A-4DDC-86B2-8707A8B99C15}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
C:\Windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE
C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\WLANExt.exe 33368512
\??\C:\windows\system32\conhost.exe "235321850212837154311734074901245379059135416194219455742261847019943-498264272
"C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe" /SERVICE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2592
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
taskeng.exe {295B76E8-4909-412A-A975-110DE1AD6D6E}
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\gql\gql.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {F835705C-FA4B-491F-9517-B153ABB91E1C}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
"C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe"
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Tomík\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default
prefs.js - "browser.startup.homepage" - "http://www.delta-search.com/?affID=1197 ... A97157FB4D"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Zásvuný modul iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
quickstores@quickstores.de
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
avg-secure-search.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\
ascsurfingprotection@iobit.com
ffxtlbr@babylon.com
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\searchplugins\
delta.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2013-01-10 197920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2012-03-20 1056320]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{98889811-442D-49dd-99D7-DC866BE87DBC}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
"GoogleQuery"=C:\gql\gql.exe [2013-01-28 15872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-10 417792]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-01-10 390656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-30 14:00:43 ----D---- C:\rsit
2013-03-30 14:00:43 ----D---- C:\Program Files\trend micro
2013-03-30 00:30:04 ----D---- C:\Program Files (x86)\Audiggle
2013-03-28 18:44:46 ----D---- C:\Users\Tomík\AppData\Roaming\BabSolution
2013-03-28 18:44:10 ----D---- C:\Users\Tomík\AppData\Roaming\File Scout
2013-03-28 18:44:10 ----D---- C:\Program Files (x86)\Gophoto.it
2013-03-28 18:44:08 ----D---- C:\Program Files (x86)\PutLockerDownloader
2013-03-18 21:32:16 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 10:05:25 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieui.dll
2013-03-14 10:05:23 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\url.dll
2013-03-14 10:05:22 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 10:05:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 10:05:19 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 10:05:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 10:05:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 10:04:17 ----SHD---- C:\windows\SYSWOW64\%APPDATA%
2013-03-14 10:04:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 10:04:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-09 14:42:23 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\java.exe
2013-03-09 14:42:00 ----D---- C:\Program Files (x86)\Java
2013-03-08 02:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-03-30 14:00:49 ----D---- C:\windows\Prefetch
2013-03-30 14:00:43 ----RD---- C:\Program Files
2013-03-30 14:00:35 ----D---- C:\windows\System32
2013-03-30 14:00:35 ----D---- C:\windows\inf
2013-03-30 14:00:35 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-30 14:00:34 ----D---- C:\windows\Temp
2013-03-30 14:00:05 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-30 13:58:09 ----D---- C:\windows\system32\config
2013-03-30 13:57:39 ----HD---- C:\ProgramData
2013-03-30 13:57:39 ----D---- C:\Windows
2013-03-30 13:04:42 ----D---- C:\Users\Tomík\AppData\Roaming\Software Informer
2013-03-30 00:30:04 ----RD---- C:\Program Files (x86)
2013-03-29 12:23:35 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-03-29 09:54:03 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-03-29 00:12:23 ----D---- C:\Program Files (x86)\Google
2013-03-29 00:10:10 ----D---- C:\windows\system32\Tasks
2013-03-28 22:51:21 ----D---- C:\windows\debug
2013-03-28 21:02:01 ----SHD---- C:\windows\Installer
2013-03-28 19:28:52 ----SHD---- C:\System Volume Information
2013-03-28 19:27:50 ----D---- C:\Program Files (x86)\Ubisoft
2013-03-28 19:22:45 ----D---- C:\windows\system32\catroot2
2013-03-27 23:55:12 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-03-27 23:55:12 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-03-24 13:04:40 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-03-19 15:23:38 ----D---- C:\windows\winsxs
2013-03-19 15:22:11 ----D---- C:\windows\system32\DriverStore
2013-03-19 15:22:11 ----D---- C:\windows\system32\drivers
2013-03-18 21:30:29 ----D---- C:\windows\system32\catroot
2013-03-15 11:54:10 ----D---- C:\windows\Logs
2013-03-15 11:49:18 ----D---- C:\Program Files (x86)\Common Files
2013-03-15 00:23:19 ----D---- C:\windows\rescache
2013-03-14 20:02:49 ----D---- C:\Program Files (x86)\JDownloader
2013-03-14 10:10:49 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 10:10:49 ----D---- C:\windows\SysWOW64
2013-03-14 10:10:49 ----D---- C:\windows\AppPatch
2013-03-14 10:10:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:10:47 ----D---- C:\windows\system32\migration
2013-03-14 10:10:45 ----D---- C:\Program Files\Internet Explorer
2013-03-14 10:07:16 ----A---- C:\windows\system32\MRT.exe
2013-03-14 10:07:12 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 11:16:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 10:47:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SBIOSIO;SBIOSIO; C:\windows\system32\drivers\SBIOSIO.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-02-08 805240]
R2 AsusService;Asus Launcher Service; C:\Windows\SysWOW64\AsusService.exe [2011-07-13 224680]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
R2 IBUpdaterService;Updater Service; C:\ProgramData\IBUpdaterService\ibsvc.exe [2013-01-30 645592]
R2 ICQ Service;ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [2012-03-20 247872]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-02-10 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-09 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SWUpdateService;SW Update Service; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalenie Notebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
# AdwCleaner v2.115 - Log vytvorený 30/03/2013 o 21:32:10
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Tomík - TOMIK-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Tomík\Desktop\AdwCleaner.exe
# Volba [Preh3ada?]
***** [Služby] *****
Nájdené : Application Updater
Nájdené : IBUpdaterService
Nájdené : ICQ Service
Nájdené : RelevantKnowledge
***** [Súbory / Adresáre] *****
Adresár Nájdené : C:\Program Files (x86)\Application Updater
Adresár Nájdené : C:\Program Files (x86)\Common Files\spigot
Adresár Nájdené : C:\Program Files (x86)\file scout
Adresár Nájdené : C:\Program Files (x86)\ICQ6Toolbar
Adresár Nájdené : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Adresár Nájdené : C:\Program Files (x86)\PutLockerDownloader
Adresár Nájdené : C:\Program Files (x86)\SweetIM
Adresár Nájdené : C:\Program Files (x86)\Yontoo
Adresár Nájdené : C:\ProgramData\Ask
Adresár Nájdené : C:\ProgramData\Babylon
Adresár Nájdené : C:\ProgramData\IBUpdaterService
Adresár Nájdené : C:\ProgramData\ICQ\ICQToolbar
Adresár Nájdené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Adresár Nájdené : C:\ProgramData\SweetIM
Adresár Nájdené : C:\ProgramData\Tarma Installer
Adresár Nájdené : C:\Users\A\AppData\LocalLow\AskToolbar
Adresár Nájdené : C:\Users\Tomík\AppData\Local\APN
Adresár Nájdené : C:\Users\Tomík\AppData\Local\PackageAware
Adresár Nájdené : C:\Users\Tomík\AppData\Local\PutLockerDownloader
Adresár Nájdené : C:\Users\Tomík\AppData\LocalLow\Search Settings
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\BabSolution
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\Babylon
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\file scout
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\ffxtlbr@babylon.com
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\PerformerSoft
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\QuickStoresToolbar
Adresár Nájdené : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Adresár Nájdené : C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Súbor Nájdené : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Súbor Nájdené : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Súbor Nájdené : C:\Users\Tomík\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Súbor Nájdené : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Súbor Nájdené : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\searchplugins\delta.xml
***** [Registre] *****
Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
K3úe Nájdené : HKCU\Software\1ClickDownload
K3úe Nájdené : HKCU\Software\APN PIP
K3úe Nájdené : HKCU\Software\AppDataLow\Software\Search Settings
K3úe Nájdené : HKCU\Software\DataMngr
K3úe Nájdené : HKCU\Software\DataMngr_Toolbar
K3úe Nájdené : HKCU\Software\IGearSettings
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKCU\Software\Search Settings
K3úe Nájdené : HKCU\Software\Softonic
K3úe Nájdené : HKCU\Software\5a53888fe53dee41
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Nájdené : HKLM\Software\Application Updater
K3úe Nájdené : HKLM\Software\BabylonToolbar
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Nájdené : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Nájdené : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
K3úe Nájdené : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
K3úe Nájdené : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Nájdené : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
K3úe Nájdené : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
K3úe Nájdené : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
K3úe Nájdené : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
K3úe Nájdené : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\PutLockerDownloader
K3úe Nájdené : HKLM\SOFTWARE\Classes\sim-packages
K3úe Nájdené : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
K3úe Nájdené : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
K3úe Nájdené : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
K3úe Nájdené : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Api
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
K3úe Nájdené : HKLM\Software\DataMngr
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Nájdené : HKLM\Software\PIP
K3úe Nájdené : HKLM\Software\Search Settings
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Nájdené : HKLM\SOFTWARE\Tarma Installer
K3úe Nájdené : HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16470
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119776&tt=1 ... A97157FB4D
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v19.0.2 (sk)
Súbor : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\prefs.js
Nájdené : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsr[...]
-\\ Google Chrome v26.0.1410.43
Súbor : C:\Users\Tomík\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Súbor : C:\Users\Tomík\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [14850 octets] - [30/03/2013 21:32:10]
########## EOF - C:\AdwCleaner[R1].txt - [14911 octets] ##########
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Tomík - TOMIK-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Tomík\Desktop\AdwCleaner.exe
# Volba [Preh3ada?]
***** [Služby] *****
Nájdené : Application Updater
Nájdené : IBUpdaterService
Nájdené : ICQ Service
Nájdené : RelevantKnowledge
***** [Súbory / Adresáre] *****
Adresár Nájdené : C:\Program Files (x86)\Application Updater
Adresár Nájdené : C:\Program Files (x86)\Common Files\spigot
Adresár Nájdené : C:\Program Files (x86)\file scout
Adresár Nájdené : C:\Program Files (x86)\ICQ6Toolbar
Adresár Nájdené : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Adresár Nájdené : C:\Program Files (x86)\PutLockerDownloader
Adresár Nájdené : C:\Program Files (x86)\SweetIM
Adresár Nájdené : C:\Program Files (x86)\Yontoo
Adresár Nájdené : C:\ProgramData\Ask
Adresár Nájdené : C:\ProgramData\Babylon
Adresár Nájdené : C:\ProgramData\IBUpdaterService
Adresár Nájdené : C:\ProgramData\ICQ\ICQToolbar
Adresár Nájdené : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Adresár Nájdené : C:\ProgramData\SweetIM
Adresár Nájdené : C:\ProgramData\Tarma Installer
Adresár Nájdené : C:\Users\A\AppData\LocalLow\AskToolbar
Adresár Nájdené : C:\Users\Tomík\AppData\Local\APN
Adresár Nájdené : C:\Users\Tomík\AppData\Local\PackageAware
Adresár Nájdené : C:\Users\Tomík\AppData\Local\PutLockerDownloader
Adresár Nájdené : C:\Users\Tomík\AppData\LocalLow\Search Settings
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\BabSolution
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\Babylon
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\file scout
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\ffxtlbr@babylon.com
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\PerformerSoft
Adresár Nájdené : C:\Users\Tomík\AppData\Roaming\QuickStoresToolbar
Adresár Nájdené : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Adresár Nájdené : C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Súbor Nájdené : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Súbor Nájdené : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Súbor Nájdené : C:\Users\Tomík\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Súbor Nájdené : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Súbor Nájdené : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\searchplugins\delta.xml
***** [Registre] *****
Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
K3úe Nájdené : HKCU\Software\1ClickDownload
K3úe Nájdené : HKCU\Software\APN PIP
K3úe Nájdené : HKCU\Software\AppDataLow\Software\Search Settings
K3úe Nájdené : HKCU\Software\DataMngr
K3úe Nájdené : HKCU\Software\DataMngr_Toolbar
K3úe Nájdené : HKCU\Software\IGearSettings
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKCU\Software\Search Settings
K3úe Nájdené : HKCU\Software\Softonic
K3úe Nájdené : HKCU\Software\5a53888fe53dee41
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Nájdené : HKLM\Software\Application Updater
K3úe Nájdené : HKLM\Software\BabylonToolbar
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Nájdené : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Nájdené : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
K3úe Nájdené : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
K3úe Nájdené : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Nájdené : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
K3úe Nájdené : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
K3úe Nájdené : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
K3úe Nájdené : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
K3úe Nájdené : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\PutLockerDownloader
K3úe Nájdené : HKLM\SOFTWARE\Classes\sim-packages
K3úe Nájdené : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
K3úe Nájdené : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
K3úe Nájdené : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
K3úe Nájdené : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Api
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
K3úe Nájdené : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
K3úe Nájdené : HKLM\Software\DataMngr
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Nájdené : HKLM\Software\PIP
K3úe Nájdené : HKLM\Software\Search Settings
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
K3úe Nájdené : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Nájdené : HKLM\SOFTWARE\Tarma Installer
K3úe Nájdené : HKU\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16470
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119776&tt=1 ... A97157FB4D
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
-\\ Mozilla Firefox v19.0.2 (sk)
Súbor : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\prefs.js
Nájdené : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsr[...]
-\\ Google Chrome v26.0.1410.43
Súbor : C:\Users\Tomík\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Súbor : C:\Users\Tomík\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [14850 octets] - [30/03/2013 21:32:10]
########## EOF - C:\AdwCleaner[R1].txt - [14911 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
# AdwCleaner v2.115 - Log vytvorený 30/03/2013 o 22:02:28
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Tomík - TOMIK-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Tomík\Desktop\AdwCleaner.exe
# Volba [Vymaza?]
***** [Služby] *****
Zastavené & vymazané : Application Updater
Zastavené & vymazané : IBUpdaterService
Zastavené & vymazané : ICQ Service
Zastavené & vymazané : RelevantKnowledge
***** [Súbory / Adresáre] *****
Adresár Vymazané : C:\Program Files (x86)\Application Updater
Adresár Vymazané : C:\Program Files (x86)\Common Files\spigot
Adresár Vymazané : C:\Program Files (x86)\file scout
Adresár Vymazané : C:\Program Files (x86)\ICQ6Toolbar
Adresár Vymazané : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Adresár Vymazané : C:\Program Files (x86)\PutLockerDownloader
Adresár Vymazané : C:\Program Files (x86)\SweetIM
Adresár Vymazané : C:\Program Files (x86)\Yontoo
Adresár Vymazané : C:\ProgramData\Ask
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\IBUpdaterService
Adresár Vymazané : C:\ProgramData\ICQ\ICQToolbar
Adresár Vymazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Adresár Vymazané : C:\ProgramData\SweetIM
Adresár Vymazané : C:\ProgramData\Tarma Installer
Adresár Vymazané : C:\Users\A\AppData\LocalLow\AskToolbar
Adresár Vymazané : C:\Users\Tomík\AppData\Local\APN
Adresár Vymazané : C:\Users\Tomík\AppData\Local\PackageAware
Adresár Vymazané : C:\Users\Tomík\AppData\Local\PutLockerDownloader
Adresár Vymazané : C:\Users\Tomík\AppData\LocalLow\Search Settings
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\BabSolution
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\file scout
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\ffxtlbr@babylon.com
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\PerformerSoft
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\QuickStoresToolbar
Adresár Vymazané : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Adresár Vymazané : C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Súbor Vymazané : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Súbor Vymazané : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Súbor Vymazané : C:\Users\Tomík\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Súbor Vymazané : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Súbor Vymazané : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\searchplugins\delta.xml
***** [Registre] *****
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
K3úe Vymazané : HKCU\Software\1ClickDownload
K3úe Vymazané : HKCU\Software\APN PIP
K3úe Vymazané : HKCU\Software\AppDataLow\Software\Search Settings
K3úe Vymazané : HKCU\Software\DataMngr
K3úe Vymazané : HKCU\Software\DataMngr_Toolbar
K3úe Vymazané : HKCU\Software\IGearSettings
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKCU\Software\Search Settings
K3úe Vymazané : HKCU\Software\Softonic
K3úe Vymazané : HKCU\Software\5a53888fe53dee41
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Vymazané : HKLM\Software\Application Updater
K3úe Vymazané : HKLM\Software\BabylonToolbar
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Vymazané : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Vymazané : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
K3úe Vymazané : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
K3úe Vymazané : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Vymazané : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
K3úe Vymazané : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
K3úe Vymazané : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
K3úe Vymazané : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
K3úe Vymazané : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\PutLockerDownloader
K3úe Vymazané : HKLM\SOFTWARE\Classes\sim-packages
K3úe Vymazané : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
K3úe Vymazané : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
K3úe Vymazané : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
K3úe Vymazané : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Api
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
K3úe Vymazané : HKLM\Software\DataMngr
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Vymazané : HKLM\Software\PIP
K3úe Vymazané : HKLM\Software\Search Settings
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Vymazané : HKLM\SOFTWARE\Tarma Installer
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16470
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119776&tt=1 ... A97157FB4D --> hxxp://www.google.com
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0.2 (sk)
Súbor : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\prefs.js
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\user.js ... Vymazané !
Vymazané : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsr[...]
-\\ Google Chrome v26.0.1410.43
Súbor : C:\Users\Tomík\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Súbor : C:\Users\Tomík\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [14961 octets] - [30/03/2013 21:32:10]
AdwCleaner[S1].txt - [15138 octets] - [30/03/2013 22:02:28]
########## EOF - C:\AdwCleaner[S1].txt - [15199 octets] ##########
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Tomík - TOMIK-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Tomík\Desktop\AdwCleaner.exe
# Volba [Vymaza?]
***** [Služby] *****
Zastavené & vymazané : Application Updater
Zastavené & vymazané : IBUpdaterService
Zastavené & vymazané : ICQ Service
Zastavené & vymazané : RelevantKnowledge
***** [Súbory / Adresáre] *****
Adresár Vymazané : C:\Program Files (x86)\Application Updater
Adresár Vymazané : C:\Program Files (x86)\Common Files\spigot
Adresár Vymazané : C:\Program Files (x86)\file scout
Adresár Vymazané : C:\Program Files (x86)\ICQ6Toolbar
Adresár Vymazané : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Adresár Vymazané : C:\Program Files (x86)\PutLockerDownloader
Adresár Vymazané : C:\Program Files (x86)\SweetIM
Adresár Vymazané : C:\Program Files (x86)\Yontoo
Adresár Vymazané : C:\ProgramData\Ask
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\IBUpdaterService
Adresár Vymazané : C:\ProgramData\ICQ\ICQToolbar
Adresár Vymazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Adresár Vymazané : C:\ProgramData\SweetIM
Adresár Vymazané : C:\ProgramData\Tarma Installer
Adresár Vymazané : C:\Users\A\AppData\LocalLow\AskToolbar
Adresár Vymazané : C:\Users\Tomík\AppData\Local\APN
Adresár Vymazané : C:\Users\Tomík\AppData\Local\PackageAware
Adresár Vymazané : C:\Users\Tomík\AppData\Local\PutLockerDownloader
Adresár Vymazané : C:\Users\Tomík\AppData\LocalLow\Search Settings
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\BabSolution
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\file scout
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\ffxtlbr@babylon.com
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\PerformerSoft
Adresár Vymazané : C:\Users\Tomík\AppData\Roaming\QuickStoresToolbar
Adresár Vymazané : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Adresár Vymazané : C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Súbor Vymazané : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Súbor Vymazané : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Súbor Vymazané : C:\Users\Tomík\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Súbor Vymazané : C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Súbor Vymazané : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\searchplugins\delta.xml
***** [Registre] *****
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
K3úe Vymazané : HKCU\Software\1ClickDownload
K3úe Vymazané : HKCU\Software\APN PIP
K3úe Vymazané : HKCU\Software\AppDataLow\Software\Search Settings
K3úe Vymazané : HKCU\Software\DataMngr
K3úe Vymazané : HKCU\Software\DataMngr_Toolbar
K3úe Vymazané : HKCU\Software\IGearSettings
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKCU\Software\Search Settings
K3úe Vymazané : HKCU\Software\Softonic
K3úe Vymazané : HKCU\Software\5a53888fe53dee41
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Vymazané : HKLM\Software\Application Updater
K3úe Vymazané : HKLM\Software\BabylonToolbar
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Vymazané : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Vymazané : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
K3úe Vymazané : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
K3úe Vymazané : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
K3úe Vymazané : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
K3úe Vymazané : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
K3úe Vymazané : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
K3úe Vymazané : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
K3úe Vymazané : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\PutLockerDownloader
K3úe Vymazané : HKLM\SOFTWARE\Classes\sim-packages
K3úe Vymazané : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
K3úe Vymazané : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
K3úe Vymazané : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
K3úe Vymazané : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Api
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
K3úe Vymazané : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
K3úe Vymazané : HKLM\Software\DataMngr
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Vymazané : HKLM\Software\PIP
K3úe Vymazané : HKLM\Software\Search Settings
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
K3úe Vymazané : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
K3úe Vymazané : HKLM\SOFTWARE\Tarma Installer
***** [Internetové prehliadaee] *****
-\\ Internet Explorer v9.0.8112.16470
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119776&tt=1 ... A97157FB4D --> hxxp://www.google.com
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0.2 (sk)
Súbor : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\prefs.js
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\user.js ... Vymazané !
Vymazané : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsr[...]
-\\ Google Chrome v26.0.1410.43
Súbor : C:\Users\Tomík\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Súbor je eistý.
-\\ Chromium v enable_autospellcorrect: false
Súbor : C:\Users\Tomík\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Súbor je eistý.
*************************
AdwCleaner[R1].txt - [14961 octets] - [30/03/2013 21:32:10]
AdwCleaner[S1].txt - [15138 octets] - [30/03/2013 22:02:28]
########## EOF - C:\AdwCleaner[S1].txt - [15199 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomík at 2013-03-30 22:28:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (59%) free of 278 GB
Total RAM: 4010 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:28:27, on 30. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\gql\gql.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [GoogleQuery] C:\gql\gql.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.ukf.sk
O17 - HKLM\System\CCS\Services\Tcpip\..\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\SysWOW64\AsusService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) - Unknown owner - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13905 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe" /SERVICE
C:\windows\system32\WLANExt.exe 26484976
\??\C:\windows\system32\conhost.exe "1889230299-863662952-2081879070825943147139139134719872049007007570591734323366
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2472
"taskhost.exe"
taskeng.exe {868B9F23-0E79-46D0-AA08-A30B1778D441}
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\gql\gql.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
taskeng.exe {5CD53454-5E29-48B9-A47A-3D8B1ABCBDA3}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
"C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe"
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomík\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Zásvuný modul iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\
ascsurfingprotection@iobit.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
"GoogleQuery"=C:\gql\gql.exe [2013-01-28 15872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-10 417792]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-01-10 390656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-30 22:02:28 ----A---- C:\AdwCleaner[S1].txt
2013-03-30 21:32:10 ----A---- C:\AdwCleaner[R1].txt
2013-03-30 14:00:43 ----D---- C:\rsit
2013-03-30 14:00:43 ----D---- C:\Program Files\trend micro
2013-03-30 00:30:04 ----D---- C:\Program Files (x86)\Audiggle
2013-03-28 18:44:10 ----D---- C:\Program Files (x86)\Gophoto.it
2013-03-18 21:32:16 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 10:05:25 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieui.dll
2013-03-14 10:05:23 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\url.dll
2013-03-14 10:05:22 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 10:05:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 10:05:19 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 10:05:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 10:05:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 10:04:17 ----SHD---- C:\windows\SYSWOW64\%APPDATA%
2013-03-14 10:04:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 10:04:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-09 14:42:23 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\java.exe
2013-03-09 14:42:00 ----D---- C:\Program Files (x86)\Java
2013-03-08 02:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-03-30 22:17:47 ----D---- C:\windows\Temp
2013-03-30 22:17:33 ----D---- C:\windows\system32\config
2013-03-30 22:08:25 ----D---- C:\windows\Prefetch
2013-03-30 22:06:13 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-03-30 22:02:46 ----SHD---- C:\windows\Installer
2013-03-30 22:02:46 ----RD---- C:\Program Files (x86)
2013-03-30 22:02:46 ----D---- C:\Program Files (x86)\Common Files
2013-03-30 22:02:45 ----HD---- C:\ProgramData
2013-03-30 14:02:40 ----D---- C:\windows\System32
2013-03-30 14:02:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-30 14:02:39 ----D---- C:\windows\inf
2013-03-30 14:00:43 ----RD---- C:\Program Files
2013-03-30 13:57:39 ----D---- C:\Windows
2013-03-30 13:04:42 ----D---- C:\Users\Tomík\AppData\Roaming\Software Informer
2013-03-29 12:23:35 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-03-29 09:54:03 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-03-29 00:12:23 ----D---- C:\Program Files (x86)\Google
2013-03-29 00:10:10 ----D---- C:\windows\system32\Tasks
2013-03-28 22:51:21 ----D---- C:\windows\debug
2013-03-28 19:28:52 ----SHD---- C:\System Volume Information
2013-03-28 19:27:50 ----D---- C:\Program Files (x86)\Ubisoft
2013-03-28 19:22:45 ----D---- C:\windows\system32\catroot2
2013-03-24 13:04:40 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-03-19 15:23:38 ----D---- C:\windows\winsxs
2013-03-19 15:22:11 ----D---- C:\windows\system32\DriverStore
2013-03-19 15:22:11 ----D---- C:\windows\system32\drivers
2013-03-18 21:30:29 ----D---- C:\windows\system32\catroot
2013-03-15 11:54:10 ----D---- C:\windows\Logs
2013-03-15 00:23:19 ----D---- C:\windows\rescache
2013-03-14 20:02:49 ----D---- C:\Program Files (x86)\JDownloader
2013-03-14 10:10:49 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 10:10:49 ----D---- C:\windows\SysWOW64
2013-03-14 10:10:49 ----D---- C:\windows\AppPatch
2013-03-14 10:10:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:10:47 ----D---- C:\windows\system32\migration
2013-03-14 10:10:45 ----D---- C:\Program Files\Internet Explorer
2013-03-14 10:07:16 ----A---- C:\windows\system32\MRT.exe
2013-03-14 10:07:12 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 11:16:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 10:47:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SBIOSIO;SBIOSIO; C:\windows\system32\drivers\SBIOSIO.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 AsusService;Asus Launcher Service; C:\Windows\SysWOW64\AsusService.exe [2011-07-13 224680]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-02-10 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-09 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SWUpdateService;SW Update Service; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
-----------------EOF-----------------
Run by Tomík at 2013-03-30 22:28:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (59%) free of 278 GB
Total RAM: 4010 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:28:27, on 30. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\gql\gql.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [GoogleQuery] C:\gql\gql.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.ukf.sk
O17 - HKLM\System\CCS\Services\Tcpip\..\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\SysWOW64\AsusService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) - Unknown owner - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13905 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe" /SERVICE
C:\windows\system32\WLANExt.exe 26484976
\??\C:\windows\system32\conhost.exe "1889230299-863662952-2081879070825943147139139134719872049007007570591734323366
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2472
"taskhost.exe"
taskeng.exe {868B9F23-0E79-46D0-AA08-A30B1778D441}
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\gql\gql.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
taskeng.exe {5CD53454-5E29-48B9-A47A-3D8B1ABCBDA3}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
"C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe"
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomík\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Zásvuný modul iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\
ascsurfingprotection@iobit.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
"GoogleQuery"=C:\gql\gql.exe [2013-01-28 15872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-10 417792]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-01-10 390656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-30 22:02:28 ----A---- C:\AdwCleaner[S1].txt
2013-03-30 21:32:10 ----A---- C:\AdwCleaner[R1].txt
2013-03-30 14:00:43 ----D---- C:\rsit
2013-03-30 14:00:43 ----D---- C:\Program Files\trend micro
2013-03-30 00:30:04 ----D---- C:\Program Files (x86)\Audiggle
2013-03-28 18:44:10 ----D---- C:\Program Files (x86)\Gophoto.it
2013-03-18 21:32:16 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 10:05:25 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieui.dll
2013-03-14 10:05:23 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\url.dll
2013-03-14 10:05:22 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 10:05:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 10:05:19 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 10:05:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 10:05:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 10:04:17 ----SHD---- C:\windows\SYSWOW64\%APPDATA%
2013-03-14 10:04:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 10:04:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-09 14:42:23 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\java.exe
2013-03-09 14:42:00 ----D---- C:\Program Files (x86)\Java
2013-03-08 02:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-03-30 22:17:47 ----D---- C:\windows\Temp
2013-03-30 22:17:33 ----D---- C:\windows\system32\config
2013-03-30 22:08:25 ----D---- C:\windows\Prefetch
2013-03-30 22:06:13 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-03-30 22:02:46 ----SHD---- C:\windows\Installer
2013-03-30 22:02:46 ----RD---- C:\Program Files (x86)
2013-03-30 22:02:46 ----D---- C:\Program Files (x86)\Common Files
2013-03-30 22:02:45 ----HD---- C:\ProgramData
2013-03-30 14:02:40 ----D---- C:\windows\System32
2013-03-30 14:02:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-30 14:02:39 ----D---- C:\windows\inf
2013-03-30 14:00:43 ----RD---- C:\Program Files
2013-03-30 13:57:39 ----D---- C:\Windows
2013-03-30 13:04:42 ----D---- C:\Users\Tomík\AppData\Roaming\Software Informer
2013-03-29 12:23:35 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-03-29 09:54:03 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-03-29 00:12:23 ----D---- C:\Program Files (x86)\Google
2013-03-29 00:10:10 ----D---- C:\windows\system32\Tasks
2013-03-28 22:51:21 ----D---- C:\windows\debug
2013-03-28 19:28:52 ----SHD---- C:\System Volume Information
2013-03-28 19:27:50 ----D---- C:\Program Files (x86)\Ubisoft
2013-03-28 19:22:45 ----D---- C:\windows\system32\catroot2
2013-03-24 13:04:40 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-03-19 15:23:38 ----D---- C:\windows\winsxs
2013-03-19 15:22:11 ----D---- C:\windows\system32\DriverStore
2013-03-19 15:22:11 ----D---- C:\windows\system32\drivers
2013-03-18 21:30:29 ----D---- C:\windows\system32\catroot
2013-03-15 11:54:10 ----D---- C:\windows\Logs
2013-03-15 00:23:19 ----D---- C:\windows\rescache
2013-03-14 20:02:49 ----D---- C:\Program Files (x86)\JDownloader
2013-03-14 10:10:49 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 10:10:49 ----D---- C:\windows\SysWOW64
2013-03-14 10:10:49 ----D---- C:\windows\AppPatch
2013-03-14 10:10:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:10:47 ----D---- C:\windows\system32\migration
2013-03-14 10:10:45 ----D---- C:\Program Files\Internet Explorer
2013-03-14 10:07:16 ----A---- C:\windows\system32\MRT.exe
2013-03-14 10:07:12 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 11:16:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 10:47:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SBIOSIO;SBIOSIO; C:\windows\system32\drivers\SBIOSIO.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 AsusService;Asus Launcher Service; C:\Windows\SysWOW64\AsusService.exe [2011-07-13 224680]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-02-10 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-09 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SWUpdateService;SW Update Service; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomík at 2013-03-30 23:31:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (59%) free of 278 GB
Total RAM: 4010 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:31:17, on 30. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\gql\gql.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [GoogleQuery] C:\gql\gql.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.ukf.sk
O17 - HKLM\System\CCS\Services\Tcpip\..\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\SysWOW64\AsusService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) - Unknown owner - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13499 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\windows\system32\Dwm.exe"
taskeng.exe {9F54FA2D-4C56-4D2C-9033-79DD5EA798CE}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
taskeng.exe {49C0BE1D-682E-41BD-9BB9-382A698AEAB9}
"taskhost.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe" /SERVICE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 2800
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\WLANExt.exe 35108976
\??\C:\windows\system32\conhost.exe "-105657519-836211069234402957-9022903341951011215379260788986965808-1836866277
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {4A577687-D5C0-4827-8425-84CB64D32DD4}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
"C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\hkcmd.exe
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\windows\system32\igfxpers.exe
rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\windows\notepad.exe" C:\_OTM\MovedFiles\03302013_232714.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\gql\gql.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe"
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomík\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Zásvuný modul iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\
ascsurfingprotection@iobit.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
"GoogleQuery"=C:\gql\gql.exe [2013-01-28 15872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-10 417792]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-01-10 390656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-30 23:27:14 ----D---- C:\_OTM
2013-03-30 22:02:28 ----A---- C:\AdwCleaner[S1].txt
2013-03-30 21:32:10 ----A---- C:\AdwCleaner[R1].txt
2013-03-30 14:00:43 ----D---- C:\rsit
2013-03-30 14:00:43 ----D---- C:\Program Files\trend micro
2013-03-30 00:30:04 ----D---- C:\Program Files (x86)\Audiggle
2013-03-28 18:44:10 ----D---- C:\Program Files (x86)\Gophoto.it
2013-03-18 21:32:16 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 10:05:25 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieui.dll
2013-03-14 10:05:23 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\url.dll
2013-03-14 10:05:22 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 10:05:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 10:05:19 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 10:05:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 10:05:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 10:04:17 ----SHD---- C:\windows\SYSWOW64\%APPDATA%
2013-03-14 10:04:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 10:04:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-09 14:42:23 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\java.exe
2013-03-09 14:42:00 ----D---- C:\Program Files (x86)\Java
2013-03-08 02:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-03-30 23:30:58 ----D---- C:\windows\Prefetch
2013-03-30 23:30:37 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-30 23:30:30 ----D---- C:\windows\Temp
2013-03-30 23:28:39 ----D---- C:\windows\system32\config
2013-03-30 23:27:14 ----RD---- C:\Program Files (x86)\Skype
2013-03-30 23:27:14 ----D---- C:\windows\Tasks
2013-03-30 23:05:14 ----D---- C:\Users\Tomík\AppData\Roaming\Software Informer
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-03-30 22:02:46 ----SHD---- C:\windows\Installer
2013-03-30 22:02:46 ----RD---- C:\Program Files (x86)
2013-03-30 22:02:46 ----D---- C:\Program Files (x86)\Common Files
2013-03-30 22:02:45 ----HD---- C:\ProgramData
2013-03-30 14:02:40 ----D---- C:\windows\System32
2013-03-30 14:02:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-30 14:02:39 ----D---- C:\windows\inf
2013-03-30 14:00:43 ----RD---- C:\Program Files
2013-03-30 13:57:39 ----D---- C:\Windows
2013-03-29 12:23:35 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-03-29 09:54:03 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-03-29 00:12:23 ----D---- C:\Program Files (x86)\Google
2013-03-29 00:10:10 ----D---- C:\windows\system32\Tasks
2013-03-28 22:51:21 ----D---- C:\windows\debug
2013-03-28 19:28:52 ----SHD---- C:\System Volume Information
2013-03-28 19:27:50 ----D---- C:\Program Files (x86)\Ubisoft
2013-03-28 19:22:45 ----D---- C:\windows\system32\catroot2
2013-03-24 13:04:40 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-03-19 15:23:38 ----D---- C:\windows\winsxs
2013-03-19 15:22:11 ----D---- C:\windows\system32\DriverStore
2013-03-19 15:22:11 ----D---- C:\windows\system32\drivers
2013-03-18 21:30:29 ----D---- C:\windows\system32\catroot
2013-03-15 11:54:10 ----D---- C:\windows\Logs
2013-03-15 00:23:19 ----D---- C:\windows\rescache
2013-03-14 20:02:49 ----D---- C:\Program Files (x86)\JDownloader
2013-03-14 10:10:49 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 10:10:49 ----D---- C:\windows\SysWOW64
2013-03-14 10:10:49 ----D---- C:\windows\AppPatch
2013-03-14 10:10:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:10:47 ----D---- C:\windows\system32\migration
2013-03-14 10:10:45 ----D---- C:\Program Files\Internet Explorer
2013-03-14 10:07:16 ----A---- C:\windows\system32\MRT.exe
2013-03-14 10:07:12 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 11:16:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 10:47:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SBIOSIO;SBIOSIO; C:\windows\system32\drivers\SBIOSIO.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 AsusService;Asus Launcher Service; C:\Windows\SysWOW64\AsusService.exe [2011-07-13 224680]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-02-10 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-09 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SWUpdateService;SW Update Service; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
-----------------EOF-----------------
Run by Tomík at 2013-03-30 23:31:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (59%) free of 278 GB
Total RAM: 4010 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:31:17, on 30. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
C:\Program Files (x86)\Software Informer\softinfo.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\gql\gql.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [GoogleQuery] C:\gql\gql.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1571869238-3936240484-2151935606-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.ukf.sk
O17 - HKLM\System\CCS\Services\Tcpip\..\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\SysWOW64\AsusService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SamsungDeviceConfiguration (SamsungDeviceConfigurationWinService) - Unknown owner - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13499 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\windows\system32\Dwm.exe"
taskeng.exe {9F54FA2D-4C56-4D2C-9033-79DD5EA798CE}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
taskeng.exe {49C0BE1D-682E-41BD-9BB9-382A698AEAB9}
"taskhost.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe" /SERVICE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 2800
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\WLANExt.exe 35108976
\??\C:\windows\system32\conhost.exe "-105657519-836211069234402957-9022903341951011215379260788986965808-1836866277
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {4A577687-D5C0-4827-8425-84CB64D32DD4}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Users\Tomík\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
"C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\hkcmd.exe
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\windows\system32\igfxpers.exe
rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\windows\notepad.exe" C:\_OTM\MovedFiles\03302013_232714.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\gql\gql.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe"
"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomík\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Zásvuný modul iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\
ascsurfingprotection@iobit.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
"GoogleQuery"=C:\gql\gql.exe [2013-01-28 15872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-10 417792]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-01-10 390656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-30 23:27:14 ----D---- C:\_OTM
2013-03-30 22:02:28 ----A---- C:\AdwCleaner[S1].txt
2013-03-30 21:32:10 ----A---- C:\AdwCleaner[R1].txt
2013-03-30 14:00:43 ----D---- C:\rsit
2013-03-30 14:00:43 ----D---- C:\Program Files\trend micro
2013-03-30 00:30:04 ----D---- C:\Program Files (x86)\Audiggle
2013-03-28 18:44:10 ----D---- C:\Program Files (x86)\Gophoto.it
2013-03-18 21:32:16 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 10:05:25 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 10:05:25 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 10:05:24 ----A---- C:\windows\system32\ieui.dll
2013-03-14 10:05:23 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 10:05:23 ----A---- C:\windows\system32\url.dll
2013-03-14 10:05:22 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 10:05:22 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 10:05:21 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\wininet.dll
2013-03-14 10:05:21 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\jscript.dll
2013-03-14 10:05:20 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 10:05:19 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 10:05:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 10:05:16 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 10:05:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 10:04:17 ----SHD---- C:\windows\SYSWOW64\%APPDATA%
2013-03-14 10:04:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 10:04:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-09 14:42:23 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-03-09 14:42:10 ----A---- C:\windows\SYSWOW64\java.exe
2013-03-09 14:42:00 ----D---- C:\Program Files (x86)\Java
2013-03-08 02:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-03-30 23:30:58 ----D---- C:\windows\Prefetch
2013-03-30 23:30:37 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-30 23:30:30 ----D---- C:\windows\Temp
2013-03-30 23:28:39 ----D---- C:\windows\system32\config
2013-03-30 23:27:14 ----RD---- C:\Program Files (x86)\Skype
2013-03-30 23:27:14 ----D---- C:\windows\Tasks
2013-03-30 23:05:14 ----D---- C:\Users\Tomík\AppData\Roaming\Software Informer
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-03-30 22:04:47 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-03-30 22:02:46 ----SHD---- C:\windows\Installer
2013-03-30 22:02:46 ----RD---- C:\Program Files (x86)
2013-03-30 22:02:46 ----D---- C:\Program Files (x86)\Common Files
2013-03-30 22:02:45 ----HD---- C:\ProgramData
2013-03-30 14:02:40 ----D---- C:\windows\System32
2013-03-30 14:02:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-30 14:02:39 ----D---- C:\windows\inf
2013-03-30 14:00:43 ----RD---- C:\Program Files
2013-03-30 13:57:39 ----D---- C:\Windows
2013-03-29 12:23:35 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-03-29 09:54:03 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-03-29 00:12:23 ----D---- C:\Program Files (x86)\Google
2013-03-29 00:10:10 ----D---- C:\windows\system32\Tasks
2013-03-28 22:51:21 ----D---- C:\windows\debug
2013-03-28 19:28:52 ----SHD---- C:\System Volume Information
2013-03-28 19:27:50 ----D---- C:\Program Files (x86)\Ubisoft
2013-03-28 19:22:45 ----D---- C:\windows\system32\catroot2
2013-03-24 13:04:40 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-03-19 15:23:38 ----D---- C:\windows\winsxs
2013-03-19 15:22:11 ----D---- C:\windows\system32\DriverStore
2013-03-19 15:22:11 ----D---- C:\windows\system32\drivers
2013-03-18 21:30:29 ----D---- C:\windows\system32\catroot
2013-03-15 11:54:10 ----D---- C:\windows\Logs
2013-03-15 00:23:19 ----D---- C:\windows\rescache
2013-03-14 20:02:49 ----D---- C:\Program Files (x86)\JDownloader
2013-03-14 10:10:49 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 10:10:49 ----D---- C:\windows\SysWOW64
2013-03-14 10:10:49 ----D---- C:\windows\AppPatch
2013-03-14 10:10:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:10:47 ----D---- C:\windows\system32\migration
2013-03-14 10:10:45 ----D---- C:\Program Files\Internet Explorer
2013-03-14 10:07:16 ----A---- C:\windows\system32\MRT.exe
2013-03-14 10:07:12 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 11:16:43 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 10:47:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-03-09 14:42:01 ----A---- C:\windows\SYSWOW64\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SBIOSIO;SBIOSIO; C:\windows\system32\drivers\SBIOSIO.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 AsusService;Asus Launcher Service; C:\Windows\SysWOW64\AsusService.exe [2011-07-13 224680]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-02-10 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-09 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SWUpdateService;SW Update Service; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Dvouklikem na soubor C:\Program Files\trend micro\Tomík.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
ok urobil som len pri tom FixChecked na súbor
mi vyhodilo nejaký error ale dal som OK! a išlo to.. potom dalo, že program HijackThis nebol správne ukončený... ale pokračoval som podľa návodu... malo by to byť už v poriadku? či ešte treba niečo?
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
mi vyhodilo nejaký error ale dal som OK! a išlo to.. potom dalo, že program HijackThis nebol správne ukončený... ale pokračoval som podľa návodu... malo by to byť už v poriadku? či ešte treba niečo?
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Pokud problém pominul, je to vše. Některé položky fixnout nelze.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
No, problém veľmi nepominul 
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie Notebooku
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie Notebooku
ComboFix 13-03-31.01 - Tomík . 03. 2013 18:45:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4010.2869 [GMT 2:00]
Running from: c:\users\TomÝk\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-31 )))))))))))))))))))))))))))))))
.
.
2013-03-31 16:30 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F497B46-6C97-46FE-AEA0-C91A32106E7C}\mpengine.dll
2013-03-30 13:00 . 2013-03-30 22:31 -------- d-----w- c:\program files\trend micro
2013-03-29 23:32 . 2013-03-29 23:32 -------- d-----w- c:\users\Tomík\AppData\Local\Audiggle_LTD
2013-03-29 23:30 . 2013-03-29 23:30 -------- d-----w- c:\program files (x86)\Audiggle
2013-03-28 23:05 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-28 17:44 . 2013-03-28 17:44 -------- d-----w- c:\program files (x86)\Gophoto.it
2013-03-21 13:32 . 2012-11-29 14:05 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{79185674-C5A7-4B0A-A128-838AE7334DD0}\gapaengine.dll
2013-03-18 20:32 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-14 09:04 . 2013-03-14 09:04 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-03-14 09:04 . 2013-03-14 09:04 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-14 09:04 . 2013-03-14 09:04 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-09 13:42 . 2013-03-09 13:42 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-09 13:42 . 2013-03-09 13:42 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 09:07 . 2012-07-17 09:44 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 10:16 . 2012-07-16 12:58 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 10:16 . 2012-07-16 12:58 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-09 13:42 . 2012-11-16 21:17 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-09 13:42 . 2012-11-16 21:17 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-23 00:57 . 2012-12-27 00:08 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-02-12 05:45 . 2013-03-13 11:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 11:55 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 11:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 11:55 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 11:55 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 11:55 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-10 03:25 . 2013-02-23 01:35 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-02-10 03:25 . 2013-02-23 01:35 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-02-10 03:25 . 2013-02-23 01:27 963776 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-02-10 03:25 . 2013-02-23 01:27 9422672 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-10 03:25 . 2013-02-23 01:27 7964680 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-10 03:25 . 2013-02-23 01:27 7569184 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:25 . 2013-02-23 01:27 6267240 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-10 03:25 . 2013-02-23 01:27 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-02-10 03:25 . 2013-02-23 01:27 2911008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-10 03:25 . 2013-02-23 01:27 2726176 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-10 03:25 . 2013-02-23 01:27 26947360 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-10 03:25 . 2013-02-23 01:27 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-02-10 03:25 . 2013-02-23 01:27 2350368 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-23 01:27 20534560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-10 03:25 . 2013-02-23 01:27 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-02-10 03:25 . 2013-02-23 01:27 1990944 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-23 01:27 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-02-23 01:27 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2013-02-23 01:27 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2013-02-23 01:27 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-02-10 03:25 . 2013-02-23 01:27 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2013-02-23 01:27 12862400 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-10 03:25 . 2013-02-23 01:27 1114144 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-02-10 03:25 . 2013-02-23 01:27 11040544 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-10 03:25 . 2013-02-23 01:27 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2013-02-23 01:27 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2013-02-23 01:27 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-10 03:25 . 2013-02-23 01:27 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-10 01:04 . 2013-02-23 01:36 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2013-02-23 01:36 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2013-02-23 01:36 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2013-02-23 01:36 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-02-10 01:04 . 2013-02-23 01:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2013-02-23 01:36 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2013-02-23 01:36 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-10 01:04 . 2013-02-23 01:36 1012000 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-02-09 13:25 . 2013-02-23 01:36 3035306 ----a-w- c:\windows\system32\nvcoproc.bin
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2012-03-20 18:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-13 21:17 . 2013-02-27 14:52 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 14:52 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 14:52 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 14:52 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 14:52 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 14:52 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 14:52 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 14:52 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:51 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 14:52 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 14:52 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 14:52 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 14:52 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 14:52 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 14:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 14:51 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 14:52 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 14:51 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 14:52 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 14:52 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 14:52 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 14:52 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 14:51 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 14:51 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 14:52 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 14:51 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 14:52 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 14:51 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 14:51 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 14:52 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 14:52 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 14:52 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 14:51 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 14:51 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 14:51 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 14:52 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 14:52 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 14:52 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2011-02-25 . 116B62D0989637C50B589BDA5CD504CE . 2388992 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2011-02-25 . 562A2231068E78BFEBCCACECFD0D651D . 2388992 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2010-11-21 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-15 491840]
"GoogleQuery"="c:\gql\gql.exe" [2013-01-28 15872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-10 417792]
.
c:\users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-7-3 41160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-07-17 198144]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SBIOSIO;SBIOSIO; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 659472]
S2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe [2011-07-13 224680]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
S2 SWUpdateService;SW Update Service;c:\program files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-17 198144]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-28 23:12 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 10:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
Trusted Zone: ukf.sk
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - ExtSQL: 2013-02-11 15:04; quickstores@quickstores.de; c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - ExtSQL: 2013-02-15 13:29; ascsurfingprotection@iobit.com; c:\users\TomĂÂk\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\ascsurfingprotection@iobit.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BBEF0795-95C6-2725-4762-B4C8C444D448}*]
"hamggapikbaakfbm"=hex:6a,61,67,6c,6b,66,69,67,6d,68,6d,64,70,67,61,65,66,64,
70,70,00,ed
"iacgmfjgecoghajnma"=hex:6a,61,67,6c,6b,66,69,67,6d,68,6d,64,70,67,61,65,66,64,
70,70,00,03
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-31 19:07:20
ComboFix-quarantined-files.txt 2013-03-31 17:07
.
Pre-Run: 173 399 568 384 bytes free
Post-Run: 173 245 001 728 bytes free
.
- - End Of File - - E43E8056CD5D8E8F00BBAA43F743B5E6
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4010.2869 [GMT 2:00]
Running from: c:\users\TomÝk\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-31 )))))))))))))))))))))))))))))))
.
.
2013-03-31 16:30 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F497B46-6C97-46FE-AEA0-C91A32106E7C}\mpengine.dll
2013-03-30 13:00 . 2013-03-30 22:31 -------- d-----w- c:\program files\trend micro
2013-03-29 23:32 . 2013-03-29 23:32 -------- d-----w- c:\users\Tomík\AppData\Local\Audiggle_LTD
2013-03-29 23:30 . 2013-03-29 23:30 -------- d-----w- c:\program files (x86)\Audiggle
2013-03-28 23:05 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-28 17:44 . 2013-03-28 17:44 -------- d-----w- c:\program files (x86)\Gophoto.it
2013-03-21 13:32 . 2012-11-29 14:05 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{79185674-C5A7-4B0A-A128-838AE7334DD0}\gapaengine.dll
2013-03-18 20:32 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-14 09:04 . 2013-03-14 09:04 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-03-14 09:04 . 2013-03-14 09:04 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-14 09:04 . 2013-03-14 09:04 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-09 13:42 . 2013-03-09 13:42 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-09 13:42 . 2013-03-09 13:42 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 09:07 . 2012-07-17 09:44 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 10:16 . 2012-07-16 12:58 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 10:16 . 2012-07-16 12:58 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-09 13:42 . 2012-11-16 21:17 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-09 13:42 . 2012-11-16 21:17 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-23 00:57 . 2012-12-27 00:08 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-02-12 05:45 . 2013-03-13 11:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 11:55 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 11:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 11:55 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 11:55 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 11:55 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-10 03:25 . 2013-02-23 01:35 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-02-10 03:25 . 2013-02-23 01:35 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-02-10 03:25 . 2013-02-23 01:27 963776 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-02-10 03:25 . 2013-02-23 01:27 9422672 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-10 03:25 . 2013-02-23 01:27 7964680 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-10 03:25 . 2013-02-23 01:27 7569184 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:25 . 2013-02-23 01:27 6267240 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-10 03:25 . 2013-02-23 01:27 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-02-10 03:25 . 2013-02-23 01:27 2911008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-10 03:25 . 2013-02-23 01:27 2726176 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-10 03:25 . 2013-02-23 01:27 26947360 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-10 03:25 . 2013-02-23 01:27 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-02-10 03:25 . 2013-02-23 01:27 2350368 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-23 01:27 20534560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-10 03:25 . 2013-02-23 01:27 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-02-10 03:25 . 2013-02-23 01:27 1990944 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-23 01:27 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-02-23 01:27 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2013-02-23 01:27 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2013-02-23 01:27 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-02-10 03:25 . 2013-02-23 01:27 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2013-02-23 01:27 12862400 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-10 03:25 . 2013-02-23 01:27 1114144 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-02-10 03:25 . 2013-02-23 01:27 11040544 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-10 03:25 . 2013-02-23 01:27 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2013-02-23 01:27 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2013-02-23 01:27 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-10 03:25 . 2013-02-23 01:27 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-10 01:04 . 2013-02-23 01:36 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2013-02-23 01:36 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2013-02-23 01:36 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2013-02-23 01:36 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-02-10 01:04 . 2013-02-23 01:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2013-02-23 01:36 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2013-02-23 01:36 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-10 01:04 . 2013-02-23 01:36 1012000 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-02-09 13:25 . 2013-02-23 01:36 3035306 ----a-w- c:\windows\system32\nvcoproc.bin
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2012-03-20 18:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-13 21:17 . 2013-02-27 14:52 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 14:52 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 14:52 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 14:52 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 14:52 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 14:52 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 14:52 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 14:52 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:52 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 14:51 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 14:52 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 14:52 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 14:52 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 14:52 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 14:52 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 14:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 14:51 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 14:52 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 14:51 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 14:52 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 14:52 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 14:52 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 14:52 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 14:51 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 14:51 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 14:52 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 14:51 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 14:52 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 14:51 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 14:51 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 14:52 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 14:52 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 14:52 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 14:51 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 14:51 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 14:51 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 14:52 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 14:52 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 14:52 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2011-02-25 . 116B62D0989637C50B589BDA5CD504CE . 2388992 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2011-02-25 . 562A2231068E78BFEBCCACECFD0D651D . 2388992 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2010-11-21 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-15 491840]
"GoogleQuery"="c:\gql\gql.exe" [2013-01-28 15872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-10 417792]
.
c:\users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-7-3 41160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-07-17 198144]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SBIOSIO;SBIOSIO; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-21 283200]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2011-07-29 13824]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 659472]
S2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe [2011-07-13 224680]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-02 1564368]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-02-13 31624]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
S2 SWUpdateService;SW Update Service;c:\program files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-07-17 198144]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-10-10 288768]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-05-09 280912]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-10-11 59904]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-28 23:12 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 10:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
Trusted Zone: ukf.sk
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{E50EE84B-BABA-499E-8BE7-E1943B55793B}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - ExtSQL: 2013-02-11 15:04; quickstores@quickstores.de; c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - ExtSQL: 2013-02-15 13:29; ascsurfingprotection@iobit.com; c:\users\TomĂÂk\AppData\Roaming\Mozilla\Firefox\Profiles\8d97vneg.default\extensions\ascsurfingprotection@iobit.com
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1571869238-3936240484-2151935606-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BBEF0795-95C6-2725-4762-B4C8C444D448}*]
"hamggapikbaakfbm"=hex:6a,61,67,6c,6b,66,69,67,6d,68,6d,64,70,67,61,65,66,64,
70,70,00,ed
"iacgmfjgecoghajnma"=hex:6a,61,67,6c,6b,66,69,67,6d,68,6d,64,70,67,61,65,66,64,
70,70,00,03
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-31 19:07:20
ComboFix-quarantined-files.txt 2013-03-31 17:07
.
Pre-Run: 173 399 568 384 bytes free
Post-Run: 173 245 001 728 bytes free
.
- - End Of File - - E43E8056CD5D8E8F00BBAA43F743B5E6
Přispějete na provoz fóra?